MongoDB Questions and Answers – Network Exposure and Security

«
»

This set of MongoDB Multiple Choice Questions & Answers (MCQs) focuses on “Network Exposure and Security”.

1. The enabled setting for mongod and mongos instances disables the __________ status page.
a) home
b) primary
c) secondary
d) none of the mentioned
View Answer

Answer: a
Explanation: The mongod and mongos instances run with the http interface disabled by default.

advertisement

2. Point out the correct statement.
a) The status interface is write-only by default
b) Default port for the status page is 28117
c) Authentication does not control or affect access to this interface
d) None of the mentioned
View Answer

Answer: c
Explanation: If you enable this interface, you should only allow trusted clients to access this port.

3. The net.http.RESTInterfaceEnabled setting for mongod enables a fully interactive administrative __________ interface, which is disabled by default.
a) Restful
b) Rest
c) WebService
d) All of the mentioned
View Answer

Answer: b
Explanation: The REST interface does not support any authentication and you should always restrict access to this interface to only allow trusted clients to connect to this port.

advertisement
advertisement

4. The ________ setting for mongod and mongos instances limits the network interfaces on which MongoDB programs will listen for incoming connections.
a) bindIpmongo
b) bind
c) bindIp
d) revokeip
View Answer

Answer: c
Explanation: You can also specify a number of interfaces by passing bindIp a comma separated list of IP addresses.

5. Point out the wrong statement.
a) Changing the port does not meaningfully reduce risk or limit exposure
b) You can use the mongod –bind_ip and mongos –bind_ip option on the command line at run time to limit the network accessibility of a MongoDB program
c) The net.http.RESTInterfaceEnabled configuration makes the http status interface, which is read-only by default, fully interactive
d) None of the mentioned
View Answer

Answer: d
Explanation: If your system has more than one network interface, bind MongoDB programs to the private or internal network interface.

advertisement

6. The ________ setting for mongod and mongos instances changes the main port on which the mongod or mongos instance listens for connections.
a) portp
b) port
c) portIP
d) none of the mentioned
View Answer

Answer: b
Explanation: Setting port also indirectly sets the port for the HTTP status interface, which is always available on the port numbered 1000 greater than the primary mongod port.

7. On Linux systems, the ________ interface provides access to the underlying netfilter firewall.
a) ssip
b) iptables
c) dns
d) all of the mentioned
View Answer

Answer: b
Explanation: Firewalls allow administrators to filter and control access to a system by providing granular control over what network communications.

advertisement

8. On Windows systems _________ command line interface provides access to the underlying Windows Firewall.
a) netsh
b) netstat
c) netln
d) SelectIndexes
View Answer

Answer: a
Explanation: To minimize overall exposure, ensure that only traffic from trusted sources can reach mongod and mongos instances and that the mongod and mongos instances can only connect to trusted outputs.

9. MongoDB users who use VPNs use ________ rather than IPSEC VPNs for performance issues.
a) TTS
b) SSL
c) LTS
d) None of the mentioned
View Answer

Answer: b
Explanation: Virtual private networks, or VPNs, make it possible to link two networks over an encrypted and limited-access trusted network.

advertisement

10. By default, the policy in ___________ Firewall allows all outbound connections and blocks all incoming connections.
a) Windows
b) Linux
c) Mac
d) None of the mentioned
View Answer

Answer: a
Explanation: Given the default ports of all MongoDB processes, you must configure networking rules that permit only required communication between your application and the appropriate mongod.exe and mongos.exe instances.

Sanfoundry Global Education & Learning Series – MongoDB.

Here’s the list of Best Reference Books in MongoDB.

Participate in the Sanfoundry Certification contest to get free Certificate of Merit. Join our social networks below and stay updated with latest contests, videos, internships and jobs!

advertisement
advertisement
Manish Bhojasia - Founder & CTO at Sanfoundry
Manish Bhojasia, a technology veteran with 20+ years @ Cisco & Wipro, is Founder and CTO at Sanfoundry. He is Linux Kernel Developer & SAN Architect and is passionate about competency developments in these areas. He lives in Bangalore and delivers focused training sessions to IT professionals in Linux Kernel, Linux Debugging, Linux Device Drivers, Linux Networking, Linux Storage, Advanced C Programming, SAN Storage Technologies, SCSI Internals & Storage Protocols such as iSCSI & Fiber Channel. Stay connected with him @ LinkedIn | Youtube | Instagram | Facebook | Twitter