NMO MQF
NMO MQF Networking Quiz
Test your knowledge of networking concepts and devices with the NMO MQF Quiz! This quiz is designed to challenge your understanding of IP addressing, subnetting, VLANs, and network protocols. Perfect for beginners and seasoned professionals alike.
- Multiple choice questions
- Immediate feedback on your answers
- Learn while you play!
(1). A ______ generally executes application programs on behalf of user(s).
A. Router
B. Host
C. Firewall
D. LAN
(2). What type of networking device is responsible for making decisions about which of several paths network traffic will follow by examining the IP header?
A. Hub
B. Port
C. Router
D. Switch
(3). In connection-oriented network communication, at which OSI layer does data segmentation for end-to-end communication take place?
A. Data Link
B. Network
C. Session
D. Transport
(4). In TCP/IP network communication, which protocol is responsible for translating the network layer address of a host to its hardware address?
A. Dynamic Host Control Protocol (DHCP)
B. Internet Protocol (IP)
C. Transfer Control Protocol (TCP)
D. Address Resolution Protocol (ARP)
(5). What are the two parts of every IP address?
A. Network portion and host portion
B. Network portion and transfer portion
C. Host portion and transfer portion
D. MAC portion and data link portion
(6). IPv4 addresses consist of how many bits?
A. 8
B. 16
C. 24
D. 32
(7). What is the subnet mask for a legacy Class B network?
A. 255.255.255.255
B. 255.255.255.0
C. 255.255.0.0
D. 255.0.0.0
(8). What is the CIDR prefix length for a legacy Class A network?
A. /4
B. /6
C. /8
D. /16
(9). Which CIDR prefix length represents a network with the fewest available host addresses?
A. /2
B. /8
C. /16
D. /30
(10). Which type(s) of IP addresses have reserved IP ranges such as 10.0.0.0/8?
A. Public IPs
B. Private IPs
C. Both
D. Neither
(11). Which type(s) of IP addresses are routable over the global Internet?
A. Public IPs
B. Private IPs
C. Both
D. Neither
(12). Due to security concerns, a single network needs to be made for more than 255 devices. What network address below would fulfill this requirement?
A. 192.168.0.0 255.255.254.0
B. 192.168.1.0 255.255.254.0
C. 192.168.0.0 255.255.255.0
D. 192.168.1.0 255.255.255.0
(13). You are given a class C network of 192.168.10.0. Utilizing VLSM, choose the correct subnet mask for a network with only two host addresses.
A. 0.0.0.3
B. 255.255.255.0
C. 255.255.255.248
D. 255.255.255.252
(14). What is the Cisco IOS command to turn on Routing in a multi-layer switch?
A. Enable routing
B. Ip routing
C. Ip route
D. Show ip route
(15). Which route type is manually configured by an administrator?
A. Redistributed Route
B. Directly Connected
C. Dynamic Route
D. Static Route
(16). Which of the following is NOT a reason to implement VLANS?
A. Flexibility
B. Routing
C. Security
D. Performance
(17). Which feature allows the router to know where to forward a packet it receives?
A. ARP Table
B. MAC Table
C. Routing Table
D. TCAMS Table
(18). Which feature allows the switch to know where to forward a frame it receives?
A. ARP Table
B. MAC Table
C. Switching Table
D. Routing Table
(19). Which routing protocol is a link-state routing protocol?
A. BGP
B. OSPF
C. RIP
D. EIGRP
(20). Which switch capability is used to restrict input to an interface based on MAC Address?
A. Ethernet Trunking
B. Port Security
C. VLAN Segmentation
D. VLAN Routing
(21). VLANs _________ segment a network on an organizational basis
A. Physically
B. Logically
C. Administratively
D. Proportionately
(22). ______________ is a strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization. What is this concept called?
A. Defense-in-breadth
B. Defense-in-depth
C. Cybersecurity
D. Cyberspace superiority
(23). It is important to limit outside access, minimize security vulnerabilities, and eliminate as many security risks as possible. What is this concept called?
A. Stonewalling
B. Stopgapping
C. Hardening
D. Mitigating
(24). In Cisco IOS network security, what is a common method for controlling access to network services?
A. ACL (Access Control List)
B. ACT (Access Control Table)
C. HCL (Host Control List)
D. DCP (Device Control Protocol)
(25). In IP ACLs, the ________ indicates which bits of an IP address are to be considered when processing the traffic.
A. Subnet Mask
B. Wildcard Mask
C. ACL Mask
D. CIDR Mask
(26). What is 802.1x?
A. An IEEE standard for port-based network access control.
B. An IEEE standard for wireless network communication.
C. A DISA standard for Cisco IOS ACL settings.
D. A DISA standard for classifying information on networks.
(27). In AAA, verifying a claimed identity is called ________.
A. Authentication
B. Authorization
C. Accounting
D. Availability
(28). In AAA, determining a user has certain permissions on a network device is called ________.
A. Authentication
B. Authorization
C. Accounting
D. Availability
(29). In AAA, the act of collecting information on resource usage for purpose of trend analysis, auditing, billing, or cost allocation is called ________.
A. Authentication
B. Authorization
C. Accounting
D. Availability
(30). On Cisco networking devices, which of the following does AAA not provide:
A. Redundant Authentication Servers
B. Cloud Synchronization
C. Authentication Fallback
D. Multiple Authentication Methods
(31). Which Cisco IOS feature is designed to allow users to manage the flow of traffic handled by the route processor of their network devices and applies to all packets that punt to the route processor for handling?
A. ZP (Zone Protection)
B. ACL (Access Control List)
C. C2 (Command and Control)
D. CoPP (Control Plane Policing)
(32). Which common TCP ports are used for web traffic [http(s)]?
A. 80 and 443
B. 20 and 21
C. 800 and 4400
D. 25 and 53
(33). The OSI model begins with the layer 1, ________, and ends with layer 7, ________.
A. Network, Network
B. Physical, Application
C. Transport, Session
D. Client, Server
(34). Which is NOT an example of a possible layer-3 (network) issue?
A. Source IP cannot reach destination IP
B. Network latency (lag)
C. Internet Explorer will not open
D. User cannot connect to my.af.mil
(35). Which common TCP/IP troubleshooting tool uses Internet Control Message Protocol (ICMP) to test end-to-end layer 3 connectivity?
A. ping
B. pong
C. google
D. nslookup
(36). Which TCP/IP troubleshooting command is used to see what path packets take to a destination?
A. traceroute
B. ping
C. find-dest
D. pingtrace
(37). Why is it important to install PAN-OS content updates soon after they become available?
A. Firewalls shut down without daily PAN-OS content updates.
B. PAN-OS content updates save the Air Force in licensing fees.
C. PAN-OS content updates include new security policies and address objects.
D. PAN-OS content updates include anti-virus, application, and Wildfire signatures.
(38). Palo Alto firewalls are capable of performing deep packet inspection up to OSI layer ________.
A. 3
B. 4
C. 7
D. 8
(39). What is one benefit of Palo Alto firewall application-layer security?
A. It allows for security policies that detect actual application traffic, rather than relying on just ports.
B. It allows user applications to be run on the firewall directly, enhancing network defense.
C. It prevents all applications from traversing the network.
D. It prevents users from utilizing the application layer.
(40). What is NOT something that Palo Alto firewall Anti-Virus profiles can scan for?
A. Phishing
B. Malware
C. Trojans
D. Worms
(41). What is Palo Alto’s large community database of known threats called?
A. ThreatSense
B. Panorama
C. PAN-OS
D. Wildfire
(42). What is it called when two firewalls are paired together in redundant configuration states to reduce single-point of failure risk?
A. Low-Availability Mode (LA)
B. High-Availability Mode (HA)
C. Two-Firewall Integrity (TFI)
D. Switched Firewall Pair (SFP)
(43). Different devices send logs to Splunk in different formats. Splunk handles these differences with ________.
A. Routing
B. Indexing
C. Visualizations
D. Translations
(44). In Splunk queries, what are examples of boolean logic operators?
A. HOW, WHY, WHEN
B. DO, DO NOT, TRY
C. AND, OR, NOT
D. IF, THEN, ELSE
(45). In Splunk, what are active search queries called?
A. Indexes
B. Visualizations
C. Splunks
D. Jobs
(46). What is the primary purpose of lookup tables in Splunk?
A. They help process large amounts of input data.
B. They automatically run in “Smart Mode.”
C. They help export large amounts of output data.
D. They simplify URL filtering.
(47). Palo Alto Firewalls use Panorama to provide what?
A. Centralized management
B. HA Failover
C. Remote authentication
D. Wildfire threat database updates
(48). The __________ command displays the load averages on the Palo Alto firewall via the CLI.
A. Request resources system
B. Show resources
C. Show system resources
D. Display top
(49). In Palo Alto firewalls, a __________ is a grouping of interfaces (physical or virtual) that provides an abstraction for an area of trust for simplified policy enforcement.
A. Policy
B. Tag
C. Trunk
D. Zone
(50). The ___________ on Panorama provides a single pane for unified reporting across all firewalls.
A. Application Command Center (ACC) Tab
B. Management Tab
C. Network Tab
D. Policies Tab
(51). An HTTP status code of 407 indicates ___________.
A. Forbidden
B. Not Found
C. Proxy Authentication Required
D. Request Timeout
(52). What does the HTTP 5XX series of status codes mean?
A. Server error
B. Redirection
C. Success
D. Client error
(53). On a Palo Alto firewall, which tab shows you software version, interface status, resource utilization, and recent logs?
A. ACC
B. Dashboard
C. Policy
D. Security
(54). In a(n) __________ deployment of a Palo Alto firewall, the firewall is installed transparently on a network segment by binding two ports together.
A. High Availability Pair
B. Independent
C. Virtual Wire
D. VLAN
(55). Palo Alto firewalls can be placed in a group (two-firewall cluster) to provide redundancy in the event of a system or network failure. This configuration is called __________.
A. Double Dipping
B. High Availability (HA)
C. Low Availability (LA)
D. Two-Server Integrity (TSI)
(56). When pushing a rule in Panorama, what allows you to specify which firewalls to push to?
A. Commit locks
B. N/A - Rules automatically apply to all firewalls
C. Policy targets
D. Security groups
(57). In Panorama, the ___________ configuration comprises all the settings that have been committed and are therefore active.
A. Candidate
B. Pending
C. Running
D. Dominant
(58). In Panorama, the ___________ configuration is a copy of the active configuration plus any inactive changes that you made since the last commit.
A. Candidate
B. Pending
C. Running
D. Dominant
(59). In a Palo Alto firewall, what do you call the process of activating changes made to the firewall configuration?
A. Committing
B. Overwriting
C. Standardizing
D. Validating
(60). When using Palo Alto firewalls, you use Interfaces and __________ to segment your network.
A. IP Addresses
B. MAC Address
C. Zones
D. Policies
(61). Panorama uses device groups and ____________ to group firewalls into logical sets that require similar configuration.
A. Templates
B. Objects
C. Policies
D. Items
(62). In Panorama, you can create a hierarchy to nest _____________ in a tree hierarchy of up to four levels, with lower-level groups inheriting the settings of higher-level groups.
A. Device Groups
B. Policy Groups
C. Ordered Groups
D. Tiered Groups
(63). All traffic passing through the Palo Alto firewall is matched against a session and each session is matched against a _______________ rule.
A. Security Policy
B. Port and IP based
C. Zone Based
D. URL Filtering
(64). Palo Alto firewall security policy rules are evaluated from ___________.
A. Left to Right and Top to Bottom
B. Left to Right only
C. Top to Bottom Only
D. Top to Bottom and Right to Left
(65). In Palo Alto firewalls, there are three types of Security Policy Rules, __________, __________, and __________.
A. Universal, Intrazone, and Interzone
B. Allow, Deny, and Drop
C. Local, Remote, and VPN
D. Source, Destination, Port
(66). Which of the following is not an example of a Palo Alto firewall policy object?
A. IP Addresses
B. URLs
C. Users
D. Zones
(67). A text file that you or another source hosts on an external web server so that the Palo Alto firewall can import objects is called ________________.
A. External Dynamic List
B. Reference Document
C. Network Services
D. Enforced Policy Object
(68). To use Panorama effectively, you have to group the firewalls in your network into logical units called _____________.
A. Device Groups
B. Objects
C. Zones
D. Interfaces
(69). In Panorama, you can create a Device Group Hierarchy, to nest device groups, in a tree hierarchy of up to _____ levels
A. Two
B. Three
C. Four
D. Five
(70). Port security is not supported on which of the following?
A. Trunks ports
B. Access ports
C. EtherChannel Ports
D. Tunnel ports
(71). Which AAA authentication protocol encrypts the entire access-request payload?
A. LDAP
B. Kerberos
C. RADIUS
D. TACACS+
(72). You can specify remote AAA servers for authentication, authorization, and accounting by using _________.
A. Server Groups
B. User Groups
C. Security Groups
D. Routing Groups
(73). In order to ensure that a Cisco network device can be accessed via local or remote management sessions, proper controls must be enforced on both.
A. Plaintext and Ciphertext Passwords
B. VTY and TTY lines
C. Layer 4 and Layer 5
D. Ethernet and Coaxial
(74). SNMP version __________ provides secure access to devices because it authenticates and optionally encrypts packets over the network.
A. 0
B. 1
C. 2
D. 3
(75). The technique in which one device, usually a router, answers ARP requests that are intended for another device is called:
A. Reverse ARP
B. Proxy ARP
C. IP ARP
D. ARP Filtering
(76). ____________ are an OSI Layer 2 security feature that limits connectivity between workstations or servers within a VLAN.
A. Tunnels
B. PVLANs
C. PVST+
D. Encapsulation
(77). Which level of SYSLOG messages will produce an elevated CPU load on the device that can lead to device and network instability
A. 0
B. 9
C. 13
D. 7
(78). In Panorama, you can Preview, Validate, or ______ Palo Alto firewall configuration changes.
A. Commit
B. Erase
C. Confirm
D. Lock
(79). Advanced URL Filtering classifies websites based on?
A. Content
B. Features
C. Safety
D. All the above
(80). The ___________ action in the monitor tab means the website is allowed and a log entry is generated in the URL filtering log.
A. Alert
B. Allow
C. Block
D. None
(81). What security profile allows an administrator to monitor and control web traffic over http[s]?
A. File Blocking
B. URL Filtering
C. Data Filtering
D. Vulnerability Protection
(82). Which of the following method(s) is used on Palo Alto Firewalls to determine a website’s URL category?
A. Custom URL categories
B. External Dynamic Lists (EDLs)
C. Predefined URL categories, in order of precedence
D. All the above
(83). What is a URL Filtering profile?
A. A collection of URL filtering controls that you can apply to individual security policy rules to enforce your web access policy.
B. Enables you to identify all users on your network using a variety of techniques to ensure that you can identify users.
C. Enables visibility into the applications on the network, so you can learn how they work and understand their behavioral characteristics and their relative risk.
D. Segmenting the network into functional and organizational zones reduces the network’s attack surface.
(84). What is not a URL Filtering Profile action?
A. Alert
B. Allow
C. Redirect
D. Block
(85). URL Filtering logs display entries for traffic that matches either URL Filtering profiles attached to Security policy rules OR URL categories used as match criteria in Security policy rules.
A. True
B. False
(86). A URL Filtering log entry will be created for any website that exists in the URL filtering database that is in a category that is set to allow.
A. True
B. False
(87). The ACC, URL filtering logs and reports show all user web activity for URL categories that are set to __________.
A. Alert, Block, Continue, or Override
B. Allow, Continue, Redirect, None
C. Alert, Block, Redirect, Override
D. Alert, Block, Decrypt, Override
{"name":"NMO MQF", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Test your knowledge of networking concepts and devices with the NMO MQF Quiz! This quiz is designed to challenge your understanding of IP addressing, subnetting, VLANs, and network protocols. Perfect for beginners and seasoned professionals alike. Multiple choice questionsImmediate feedback on your answersLearn while you play!","img":"https:/images/course1.png"}