-
web.groovymark@gmail.com
- November 17, 2024
Question 21
Which SDN security mechanism involves creating diverse controllers to minimize the risk of common vulnerabilities?
a) Automated recovery
b) Dynamic device association
c) Replication
d) Controller diversity
Correct Answer: d) Controller diversity
Explanation: Controller diversity improves SDN security by using diverse controllers, reducing the risk of common vulnerabilities and lateral movement by attackers.
Question 22
Which SDN concept allows for centralized monitoring and dynamic control of network traffic?
a) Network address translation (NAT)
b) Centralized control plane
c) Northbound API
d) Virtualization
Correct Answer: b) Centralized control plane
Explanation: The centralized control plane in SDN enables dynamic control and monitoring of network traffic, allowing network operators to adjust flows as needed.
Question 23
Which layer in SDN is responsible for processing and forwarding data between devices in the network?
a) Control plane
b) Data plane
c) Application plane
d) Southbound interface
Correct Answer: b) Data plane
Explanation: The data plane in SDN is responsible for forwarding data between network devices based on instructions from the control plane.
Question 24
Which protocol is commonly used in SDN to control flow tables on switches and routers?
a) OpenFlow
b) Internet Protocol Security (IPsec)
c) Layer 2 Tunneling Protocol (L2TP)
d) Point-to-Point Protocol (PPP)
Correct Answer: a) OpenFlow
Explanation: OpenFlow is the most common protocol used in SDN for managing flow tables on network devices, allowing centralized control over network traffic.
Question 25
Which SDN plane deals with network intelligence and makes decisions on packet forwarding?
a) Data plane
b) Control plane
c) Application plane
d) Management plane
Correct Answer: b) Control plane
Explanation: The control plane is responsible for making decisions on how packets should be forwarded, based on the rules defined in flow tables.
Question 26
Which OpenStack module provides a database as a service, enabling the deployment of relational and non-relational databases?
a) Trove
b) Sahara
c) Glance
d) Neutron
Correct Answer: a) Trove
Explanation: Trove is OpenStack’s database-as-a-service (DBaaS) module, enabling users to deploy and manage both relational and non-relational databases.
Question 27
Which SDN mechanism allows for automated recovery in the case of service disruption caused by a security attack?
a) Dynamic device association
b) Controller diversity
c) Automated recovery
d) Southbound API
Correct Answer: c) Automated recovery
Explanation: Automated recovery mechanisms in SDN help ensure service availability by restoring functionality after disruptions caused by attacks or failures.
Question 28
Which SDN mechanism minimizes the attack surface by managing fine-grained data flow policies?
a) Controller diversity
b) Fine-grained data flow and policy management
c) Automated recovery
d) Dynamic device association
Correct Answer: b) Fine-grained data flow and policy management
Explanation: Fine-grained data flow and policy management allows for precise control over network traffic, reducing the attack surface by limiting access to sensitive areas.
Question 29
Which SDN component is referred to as the “brains” of the network, controlling flow tables and traffic paths?
a) Southbound API
b) Data plane
c) SDN controller
d) Northbound API
Correct Answer: c) SDN controller
Explanation: The SDN controller is the central decision-making component of the network, responsible for controlling flow tables and determining traffic paths.
Question 30
Which SDN security mechanism ensures trust between the controller and network devices like switches?
a) Controller diversity
b) Dynamic device association
c) Controller-Switch trust
d) Replication
Correct Answer: c) Controller-Switch trust
Explanation: Controller-Switch trust ensures that the SDN controller and switches communicate securely, preventing malicious devices from inserting fake flows.
Question 31
Which OpenStack module provides an orchestration service, automating the deployment of cloud applications and resources using templates?
a) Heat
b) Trove
c) Glance
d) Sahara
Correct Answer: a) Heat
Explanation: Heat is OpenStack’s orchestration service that automates the deployment of cloud applications and resources, using templates to simplify and standardize processes.
Question 32
What is the function of the control plane in software-defined networking (SDN)?
a) Forwarding data packets
b) Making decisions on network traffic flow
c) Storing flow tables
d) Providing a user interface for managing network devices
Correct Answer: b) Making decisions on network traffic flow
Explanation: The control plane in SDN is responsible for making decisions on how network traffic is managed and directing the data plane to handle traffic accordingly.
Question 33
Which SDN security mechanism allows for the distribution of network traffic across diverse controllers to improve reliability and security?
a) Dynamic device association
b) Replication
c) Controller diversity
d) Automated recovery
Correct Answer: c) Controller diversity
Explanation: Controller diversity distributes network traffic across multiple controllers, reducing the risk of failures and improving the overall security and reliability of the network.
Question 34
Which protocol in SDN defines the communication between the controller and network devices like switches and routers?
a) OpenFlow
b) Layer 2 Tunneling Protocol (L2TP)
c) Secure Shell Protocol (SSH)
d) Internet Key Exchange (IKE)
Correct Answer: a) OpenFlow
Explanation: OpenFlow is the protocol that defines how SDN controllers communicate with network devices like switches and routers, enabling centralized management of the network.
Question 35
Which SDN mechanism involves the rearrangement of resources to reduce the effectiveness of attacks?
a) Shuffling
b) Replication
c) Controller diversity
d) Automated recovery
Correct Answer: a) Shuffling
Explanation: Shuffling is a moving target defense (MTD) technique that involves rearranging network resources to make it harder for attackers to exploit vulnerabilities.
Question 36
Which SDN plane is responsible for processing packets and implementing forwarding rules?
a) Data plane
b) Control plane
c) Application plane
d) Southbound interface
Correct Answer: a) Data plane
Explanation: The data plane processes and forwards packets according to the forwarding rules defined by the control plane in the SDN architecture.
Question 37
Which OpenStack module provides big data services by provisioning Hadoop clusters and other frameworks?
a) Sahara
b) Glance
c) Trove
d) Heat
Correct Answer: a) Sahara
Explanation: Sahara is the OpenStack module responsible for provisioning Hadoop clusters and other big data processing frameworks, providing scalable data processing capabilities.
Question 38
Which SDN security mechanism deals with faults and ensures network devices are associated with the correct controller?
a) Dynamic device association
b) Controller-Switch trust
c) Controller diversity
d) Fine-grained policy management
Correct Answer: a) Dynamic device association
Explanation: Dynamic device association ensures that network devices are associated with the correct controllers, dealing with faults and improving network reliability.
Question 39
Which SDN API is responsible for managing the interaction between the control plane and data plane devices?
a) Southbound API
b) Northbound API
c) East/Westbound API
d) Application API
Correct Answer: a) Southbound API
Explanation: The southbound API in SDN manages interactions between the control plane and data plane devices, allowing the controller to configure and manage network traffic.
Question 40
Which SDN security mechanism ensures that core network services continue to function even in the event of an attack?
a) Proactive and reactive security recovery mechanisms
b) Dynamic device association
c) Controller diversity
d) Replication
Correct Answer: a) Proactive and reactive security recovery mechanisms
Explanation: Proactive and reactive security recovery mechanisms ensure that core network services remain available even in the event of an attack, enabling continuous operation.
