1.0 Networking Fundamentals Flashcards

Question

What is an RJ-45 connector?

Answer 1

RJ-45 connectors are used to connect unshielded twisted-pair (UTP) and shielded twisted-pair (STP) cable to hubs, network interface cards (NICs), and various other twisted-pair networking devices. RJ-45 connectors are shaped like RJ-11 connectors, only larger. They use an 8-pin connector that house eight (four pair) wires. Registered Jack (RJ) connectors use a small tab to lock the connector in place

Answer 2

An RJ-11 connector is typically used to connect two pairs of UTP wiring to a voice-grade telephone system. They are smaller than RJ-45 connectors.

Answer 3

An RJ-48C connector at first glance will look exactly like an RJ-45 connector. However, on close examination, a technician will notice that the wires are in a different order. It is mostly commonly used for T1 data lines for longer distances and when exposed to the environment. To protect the integrity of the signal, RJ48 wirings use STP cabling.

Answer 4

The components should be matched with the OSI layers in the following manner: Physical layer − Network cable Data Link layer − FDDI Network layer − IPSec Transport layer − TCP Session layer − RPC Presentation layer − MIME Application layer - DHCP

Answer 5

Client-server networks are characterized by more secure and stable connections, less expensive networking hardware, and lengthy access times when utilizing a service.

Answer 6

peer-to-peer and clientserver networks. Peer-to-peer networks are decentralized networks in which node can request and provide services. Client-server networks employ a single central server to which clients will request access so they can connect to the web and use applications, files, and other shared resources. In this network, a client will request a service from the central server, and the server will grant clients access if clients are authorized. These networks are more stable, cheaper, and secure; however, they do take significantly more time to access various services than in a peer-to-peer network. Peer-to-peer networks have no centralized server. Rather, these networks allow devices to send and receive data directly with each other so that any node can act as a client or a server. These nodes are referred to as peers. Peerto-peer networks are known for being fast, reliable, and easy to set up, but are often seen as more unstable, less secure, and expensive. To access resources on a peer, the owner of the resource must grant that access and configure a username/password combination. For this reason, users may need to keep up with multiple username/password combinations, one for each different peer.

Answer 7

Traffic flows refer to data origin and destination within any network. North-south communications refers to traffic flows that go in and out of a datacenter over the public internet. Due to this public-facing element, attackers will target these flows with malicious incoming traffic requests to attempt to gain network access. However, these traffic flows can be secured with firewalls and application gateways to monitor the traffic coming into and out of the network.

Answer 8

The opposite of north-south traffic flow is east-west traffic. East-west traffic flow refers to the data that is sent within or between data centers. These flows occur when network infrastructure devices are communicating with each other through virtual networks, subnets, and so on. To secure east-west traffic, organizations should follow the policies of zero trust, as well as only utilize necessary communications paths.

Answer 9

Internet Protocol Security (IPSec) is an Internet Engineering Task Force (IETF) protocol and a security standard commonly implemented to create virtual private networks (VPNs). IPSec can operate in tunnel mode or transport mode. In transport mode, only the payload, that is, the message part of a packet is encrypted by encapsulating security payload (ESP). In IPSec tunnel mode, the entire packet including the packet header and the routing information is encrypted. IPSec tunnel mode provides a higher level of security. Either of the two modes can be used to secure gateway-to-gateway (site-to-site), host-to-gateway (host-to-site), or host-to-host communication. If used in gateway-to-host communication, the gateway must act as the host. IPSec allows packets to be securely exchanged over the Internet Protocol (IP) at the OSI Network layer rather than at the Application layer. While the IETF developed the standard, Cisco has contributed to its emergence. Cisco routers have support for IPSec built into the product. IPSec uses ESP and authentication header (AH) as security protocols. AH provides the authentication mechanism, and ESP provides encryption, confidentiality, and message integrity. IPSec sets up a secure channel that uses a strong encryption and authentication method between two network devices, such as routers, virtual private network (VPN) concentrators, and firewalls.

Answer 10

The following transceiver or fiber optics characteristics are essential: Multimode − Multimode cable makes use of thicker, graded light-conducting fibers that are cheaper to make and terminate, and that use cheaper and less precise light emitting and receiving elements in their transceivers. They are more limited in the distances such cables can span (but can still cover hundreds of meters) and are well-suited for LAN applications. Full duplex − Full-duplex communications means that both parties may transmit and receive simultaneously over a communications link. Because LAN applications require simultaneous, two-way communications, full duplex is needed. Duplex cables − Duplex cables incorporate two fibers, so that one may be used to send data for receipt by another party, while that other party may use the other fiber to send data for receipt by the first party. Thus, this supports simultaneous, two-way communications and is well-suited for LAN applications.

Answer 11

Single-mode cable makes use of very thin, very pure light-conducting fibers that are more expensive to make and much more expensive to terminate than multimode cables. For that added expense and complexity, they provide the ability to run cables for 10 – 100 km per segment without difficulty. This makes them unlikely to be used for LAN applications, where cost is a major factor.

Answer 12

Half-duplex communications means that while one party is transmitting, the other party to a connection can only receive until that transmission ends. Then the line may be idle, or either party can commence further transmission (but only one at a time). LAN applications require simultaneous, two-way communications

Answer 13

Simplex cables are best used for one-way transmission of data from a sender to a receiver. Because this precludes simultaneous transmission and reception by two parties, simplex cables do not work well for LAN applications.

Answer 14

A fiber distrbibution panel does not need support for SFP+ and for GBIC connectors. These two options represent connectors used at endpoints, such as routers, switches, and network interfaces, not connectors or functions present in FDPs themselves. GBIC connectors are used for end-point termination at a device interface of some kind. They are neither typically used nor necessary on a fiber distribution panel.

Answer 15

Cable termination − FDPs usually provide a common point for terminating fiber optic cables so that they may be connected to fiber optic terminal equipment, such as switches, routers, and network interfaces of all kinds. Bulkhead adapters and receptacles − In an FDP, distribution pigtails with their single connectors (the other end will be spliced to another fiber optic cable coming either from off or on the current premises) are routed through cable distribution trays or cable management trays and will be terminated in bulkhead adapters and attendant receptacles. Cable splices − FDPs provide facilities for mounting and protecting fiber optic cable splices, including clamps and mounts to secure spliced cables. They may also include one or more splice trays, where spliced cross- or pass-through fiber optic connections may be stored. Splice trays also usually house the splice chips used to create necessary fiber optic cable splices on location. Cable storage − FDPs usually include cable reels for storing pigtails and patch cables, and may include other cable storage space and options as well. Often, splice tray(s) and extra cable storage is provided at the bottom of an FDP chassis.

Answer 16

Establishing an on-premises datacenter is ideal for single-office organizations. This solution provides great availability, as all the datacenter’s hardware is located within the office complex, which also makes management and security easier to implement. However, on-premises solutions can often lack redundancy, and network administrators should take steps to implement redundant devices and links throughout the network.

Answer 17

Colocation refers to hosting an organization’s hardware within a datacenter owned by a third party. In this system, the client still owns the server but the third party provides the power, bandwidth, and physical space. While the client is still tasked with managing their devices and the software they use, the third party manages physical access to the premises and security measures. This model provides a very high degree of freedom and flexibility as the clients can choose exactly how the servers will be configured without having to oversee the location, power needs, or bandwidth requirements.

Answer 18

Internet Protocol Security (IPSec) in tunnel mode with the Authentication Header (AH) protocol produces an encapsulated packet that is digitally signed. AH digitally signs a packet for authentication purposes. Tunnel mode encapsulates a packet within another packet. Encapsulating Security Protocol (ESP) encrypts IPSec packets. Transport mode sends IPSec packets between two computers without encapsulating packets. AH and ESP work in transport mode and tunnel mode.

Answer 19

Transmission Control Protocol (TCP) port 443 is the well-known port assigned to Secure Sockets Layer (SSL). SSL uses public key cryptography at the Session layer of the Open Systems Interconnection (OSI) model to secure transactions, such as financial transactions, on the Internet. The Session layer is responsible for establishing andmaintaining a connection between two computers on a network, which is referred to as a session. SSL can select from several public key cryptography technologies, including Digital Encryption Standard (DES), triple-DES, and Rivest-Shamir-Adelman (RSA). Port 443 sessions often use transport-layer encryption. In public key cryptography, a computer such as a server has a private key that is kept secret and a public key that is shared with the public. When a Web client contacts a Web server for an SSL session, the Web server sends the Web client its certificate, which contains the server's public key. The Web browser can contact a certificate authority to determine whether the certificate and the public key are authentic. After the Web client authenticates the server's certificate, the client encrypts a message and sends it back to the server. The server then authenticates the client by decrypting the message. After the authentication process is complete, the client and the server negotiate an encryption algorithm, such as RSA or DES, to be used during the session. After the encryption algorithm is negotiated, messages on the session can be encrypted. SSL was deprecated for TLS.

Answer 20

TCP port 20 is assigned to File Transfer Protocol (FTP). FTP can be used to transfer files between FTP clients andFTP servers on a TCP/IP network such as the Internet. TCP port 80 is assigned to Hypertext Transfer Protocol (HTTP). HTTP is used to transfer Web pages from Webservers to Web browsers on a TCP/IP network. Port 80 Web sessions often use application-level encryption. TCP port 119 is assigned to the Network News Transfer Protocol (NNTP). NNTP is used to transfer network news messages on TCP/IP networks Protocols can use either User Datagram (UDP) or TCP to communicate. UDP is connectionless, while TCP is connection-oriented.

Answer 21

FTP – 20, 21 SSH, SFTP – 22 TELNET – 23 SMTP – 25 DNS – 53 DHCP – 67, 68 TFTP – 69 HTTP – 80 POP3 – 110 NTP – 123

Answer 22

NetBIOS – 137–139 IMAP – 143 SNMP – 161/162 LDAP – 389 HTTPS – 443 SMB – 445 Syslog – 514 SMTP TLS – 587 LDAPS – 636 IMAP over SSL – 993 POP3 over SSL –995

Answer 23

Structured Query Language (SQL) Server – 1433 SQLnet –1521 H.323 – 1720 MGCP – 2427/2727 MySQL –3306 RDP – 3389 RTP – 5004/5005 SIP – 5060/5061

Answer 24

The DHCP scope is the range of IP addresses that a DHCP server can temporarily assign to its clients. DHCPscopes are also referred to as pools.

Answer 25

A DHCP reservation is an IP address that is set aside for a certain device. The lease is granted to the device's MAC address. If the device's MAC address changes, the DHCP reservation will no longer work.

Answer 26

A DHCP exclusion is an IP address or group of addresses from within a scope that CANNOT be assigned. This is often used for addresses within the scope that must be statically assigned to devices, such as routers and servers, that need a static address to ensure that they can always be accessed using the same host name and IP address.

Answer 27

A DHCP server dynamically assigns the IP address, subnet mask, and default gateway to client computers. IP addresses may be assigned statically rather than dynamically; however, assigning static IP addresses requires greater administrative effort. When IP addresses are statically assigned, it is crucial to maintain a manual record of which client was assigned which IP address. If the addressing scheme were to change, it might necessitate the manual reconfiguration of each computer.

Answer 28

For the Network+ exam, you will also need to understand the difference between dynamic and static DHCP assignment. Dynamic assignment refers to IP address that can be changed at a moment’s notice. These dynamic address are assigned via a DHCP server to individual devices within a network, such as computers, smartphones, or similar devices. Static assignment is where a device is assigned a static IP address that does not change. These addresses are used generally by servers or other equipment within a network’s architecture. Static IP addresses are usually assigned to the device’s MAC address, which is the hard-coded address assigned by the manufacturer of the network card.

Answer 29

Port Address Translation (PAT) provides port address translation. This is based on the port numbers. When using PAT, you are able to share a single public IP address among multiple computers on the same network.

Answer 30

Network Address Translation (NAT) is a standard that translates private IP addresses into public IP addresses. It allows multiple private address devices to share a single public address.

Answer 31

Dynamic Host Configuration Protocol (DHCP) is a dynamic IP addressing scheme whereby DHCP servers assign IP addresses based on the DHCP client requests.

Answer 32

Another important element that you will need to understand for the Network+ exam is RFC 1918. RFC 1918 was used to create the standards for assigning IP address within a private network to various pieces of networking equipment. It facilitated the expansion of usable IP addresses under IPv4 to prevent the exhaustion of public addresses available.

Answer 33

Common Address Redundancy Protocol (CARP) is an open standard that creates a redundancy group to share an IP address.

Answer 34

Hot Standby Router Protocol (HSRP) is a Cisco standard similar to CARP.

Answer 35

Link Aggregation Control Protocol (LACP) is a standard that assigns multiple physical links to a logical interface.

Answer 36

Asynchronous Transfer Mode (ATM) is a network transmission model used in voice, video, and data communications that uses equally sized cells that are all 53 bytes long. The equal length of the data packets supports very high data rates. ATM is deployed in Optical Carrier (OC) backbone network segments.

Answer 37

Point-to-Point Protocol over Ethernet (PPPoE) encapsulates Point-to-Point Protocol (PPP) frames over Ethernet. It is typically used in DSL to allow subscribers on Ethernet networks to connect over DSL modems.

Answer 38

Dynamic Multiport Virtual Private Network (DMVPN) allows an organization to exchange data over a secure network of VPNs, without having to route the data through the organization’s primary VPN router. In essence, a DMVPN creates a mesh VPN topology.

Answer 39

Session Initialization Protocol (SIP) trunking is used in Voice over IP telephony. The SIP trunk connects the incoming gateway with the customer’s Private Branch Exchange (PBX).

Answer 40

You should use Internet Protocol Security (IPSec) to encrypt the data packets on the network that you administer. IPSec can encrypt data packets transported on a TCP/IP network by using either tunnel mode or transport mode. In transport mode, IPSec encrypts only the part of an IP data packet used by the Transport layer. In tunnel mode, IPSec encrypts entire IP packets. IPSec uses several technologies to encrypt data, including the following: DiffieHellman key exchange, Data Encryption Standard (DES), bulk encryption, and digital certificates.

Answer 41

Kerberos is an authentication protocol that is used to determine whether users should be allowed to gain access to a network or network resources. Windows operating systems support Kerberos and the NT LAN Manager (NTLM) authentication protocols; NTLM is also known as Windows NT Challenge/Response. Kerberos is used for authentication between Windows computers. The NTLM authentication protocol is used for authentication between a down-level computer, such as an older Windows that only includes NTLM.

Answer 42

A Class C private address has 192.168.x.x as the first two octets. 169.254.x.x represents the first two octets of an APIPA address The others are correct Other classes of IP addresses can be matched to their first two octest: Class B Private − 172.20.x.x Class C Public − 204.29.xx.xx Class A addresses are in the 0.0.0.0 through 126.255.255.255 range. Class B addresses are in the 128.0.0.0 through 191.255.255.255 range. Class C addresses are in the 192.0.0.0 through 223.255.255.255 range.

Answer 43

Class A − 10.0.0.0 through 10.255.255.255 Class B − 172.16.0.0 through 172.31.255.255 Class C − 192.168.0.0 through 192.168.255.255 Automatic Private IP Addressing (APIPA) addresses are in the 169.254.0.0 through 169.254.255.255 range

Answer 44

Secure Shell (SSH) is used to create an encrypted remote terminal connection with a UNIX computer. File Transfer Protocol (FTP) is used to transfer files on a TCP/IP network. FTP transmits data in clear text. Secure Copy (SCP) enables users to transfer files over a secure connection. Telnet is a protocol that enables a user to establish terminal connections with UNIX computers. Telnet transmits data in clear text. To fully harden your network, you should use the following secure protocols: SSH − secure alternative to Telnet. SNMPv3 − secure alternative to SNMPv1 and v2. TLS/SSL − used with different protocols, including FTP and HTTP, to secure transactions. SFTP − secure alternative to FTP. It uses TLS/SSL. HTTPS − secure alternative to HTTP, It uses TLS/SSL. IPsec − used on virtual private networks (VPNs) to encrypt traffic.

Answer 45

Host-based − Host-based anti-malware software is installed at the local host, although its updates may be managed from a central location. Host-based anti-malware protects only the device on which it is installed. Cloud/server-based − Cloud- or server-based anti-malware protects all components located on the cloud or server. Network-based − Network-based anti-malware protects the entire network. In some case, a small client component will need to be installed on the network hosts to ensure that the network-based software can communicate with all hosts on the network.

Answer 46

Unicast, multicast, and anycast are types of IPv6 addresses Unicast address: This type of address is used to define a single destination interface. A packet sent to a unicast address is delivered to the specific interface. Multicast address: This type of address is used to define a group of hosts. When a packet is sent to a multicast address, it is delivered to all the hosts identified by that address. Multicast addresses begin with the prefix FF00::/8. The second octet identifies the range over which the multicast address is propagated. FF01:0:0:0:0:0:0:1: Indicates all-nodes address for interface-local scope. FF02:0:0:0:0:0:0:2: Indicates all-routers address for link-local. Anycast address: This type of address is used to identify a set of devices. These addresses are also assigned to more than one interface belonging to different nodes. A packet sent to an anycast address is delivered to just one of the interfaces, based on which one is closest. For example, if an anycast address is assigned to a set of routers, one in India and another in the U.S., the users in the U.S. will be routed to U.S. routers and the users in India will be routed to the router in India.

Answer 47

Ad hoc is a wireless communications mode that enables wireless devices to communicate directly with each other. The wireless networking technology is sometimes referred to as Wi-Fi. In infrastructure mode, wireless devices must communicate through wireless access points. Transport and tunnel modes are provided by Internet Protocol Security (IPSec) to securely transmit Internet Protocol (IP) packets.

Answer 48

internet Message Access Protocol version 4 (IMAP4) is an Internet protocol for e-mail retrieval that uses TCP port 143. IMAP4 works at the Application layer of the OSI model.

Answer 49

Post Office Protocol version 3 (POP3) is an e-mail message retrieval protocol that uses TCP port 110. Simple MailTransfer Protocol (SMTP) is an e-mail message protocol that uses TCP port 25. POP3 and SMTP work at theApplication layer of the OSI model. These protocols are connection-oriented protocols, and therefore require the use of TCP. UDP is a connectionless protocol. The TCP header implements flags, while the UDP header does not. These flags are used to indicate information about the packet transfer, such as connection state or other similar info. The Internet Protocol (IP) is the communications protocol for relaying data across networks. Its routing function enables internet working and essentially establishes the Internet.

Answer 50

The shortest possible notation of the IPv6 address 2001:0DB8:0000:0001:0000:0000:0000:F00D is 2001:DB8:0:1::F00D. The address is shortened according to the following rules: Remove leading zeros. Remove the consecutive fields of zeros with double colon (::). The double colon (::) can be used only once.

Answer 51

::10.2.4.1 is an example of an IPv4-compatible IPv6 address, where the first 12 bytes (96 bits) of the address are set to 0. :: is the IPv6 "unspecified address." It is a unicast address not assigned to any interface, and is used by DHCPdependent host prior to allocating a real IPv6 address. 2001:0:42:3:ff::1 is a valid IP address, with the :: representing two segments (4 bytes) of compressed zeros 2001:42:4:0:0:1:34:0 is a valid IP address, with only the leading zeros of each segment truncated.

Answer 52

IPv6 globally routable unicast addresses start with the first 4 characters in the range of 2000 to 3999.

Answer 53

IPv6 can use auto-configuration to discover the current network and select a host ID that is unique on that network. IPv6 can also use a special version of DHCP for IPv6. The protocol that is used to discover the network address and learn the Layer 2 address of neighbors on the same network is Neighbor Discovery Protocol (NDP).

Answer 54

IPv6 addresses use the Extended Unique Identifier (EUI-64) format. This format causes a router to automatically populate the low-order 64 bits of an IPv6 address based on an interface's MAC address.

Answer 55

OC stands for optical carrier. OCx levels are a set of transmission rates as specified by Synchronous Optical Network (SONET) for implementations over fiber-optic cable. The base rate is OC-1, which has a maximum of 51.84 Mbps. OC-3 has a bandwidth potential of 155.52 Mbps. The following are transmission rates of other common WAN technologies: BRI ISDN − up to 128 Kbps PRI ISDN − up to 1.544 Mbps (over T1) T1 − up to 1.544 Mbps Frame Relay − up to 1.544 Mbps E1 − up to 2.048 Mbp T2 - up to 6.312 Mbps E3 − up to 34.368 Mbps T3 − up to 44.736 Mbps OC-1 − up to 51.84 Mbps FDDI − up to 100 Mbps OC-3 − up to 155.52 Mbps T4 - up to 274.176 Mbps ATM − up to 622 Mbps OC-12 − up to 622.08 Mbps OC-24 − up to 1244.16 Mbps OC-192 − up to 9953.28 Mbps

Answer 56

OCX − includes speeds up to 51.84 Mbps for OC-1, 155.52 Mbps for OC-3, and 622.08 Mbps for OC-12. This network uses fiber optic cabling. All OCX networks are packet-switched networks. ATM − allows speeds up to 622 Mbps. This network uses UTP or STP. ATM is a packet-switched network. Frame relay − allows speed up to 1.544 Mbps. This network uses UTP/STP, coaxial, or fiber-optic cabling. All frame relay networks are packet-switched networks.

Answer 57

You should implement port labeling and patch panel labeling. This will ensure that you are able to locate individual cables at both ends of their connection. For example, the wall port where the computer is connected to the network might be labeled as Port24. Where the cable then plugs into the patch panel or other network device, you should also label that port with the same number. This will ensure that you can easily locate both ends of the connection.

Answer 58

A − Maps a host name to an IPv4 address AAAA − Maps a host name to an IPv6 address CNAME − Maps an additional host name to an existing host record MX − Maps a mail server name to a domain PTR − Maps an IP address to a host name

Answer 59

The reserved client options take precedence over all the other options. The order in which options are applied is as follows: 1. Server options 2. Scope options 3. Class options 4. Reserved client options Scope options always override server options if there is a conflict. Class options always override scope and server options. To use class options, DHCP clients must be configured with a specific DHCP Class ID. Reserved client options always override client, scope, and server options.

Answer 60

A campus area network (CAN) is a type of network that encompasses a large campus that is usually located within a several block radius. This type of CAN connects several LANs into a single CAN. Then multiple CANs can be connected using a MAN or WAN.

Answer 61

A controller area network (CAN) is used in industrial applications, originally in automotive systems. It replaces bulky wiring systems, reducing weight and cost. A CAN builds a network between controllers, allowing them to share information. A railway application, for example, might be a sensor that detects whether or not a door is closed, and locks the brakes until the sensor indicates the door is closed.

Answer 62

A storage area network (SAN) creates a network among a pool of storage devices. It may be thought of as a RAID array that uses network connections as opposed to data cables. The SAN pool appears as a single drive letter to the client. A key feature of SAN is multipathing. In a SAN, the physical path between a server and a storage device can fail, and if there is only one pathway available, this failure can cause a network crash. However, SAN multipathing avoids this issue by establishing multiple routes between the hardware so it can route data through multiple paths in the case of a failure.

Answer 63

A personal area network (PAN) is a network of devices that are in close proximity to a person, no more than a couple of meters away. Devices that can be part of PANs include wireless headphones, wearable technology, and printers

Answer 64

A metropolitan area network (MAN) connects several LANS together in an area roughly the size of a city. An example of a MAN might be a large hospital with several satellite offices in various neighborhoods around the city.

Answer 65

Internet Protocol Security (IPSec) can be used in tunnel mode with the Authentication Header (AH) protocol to digitally sign and encapsulate each packet sent from the network within another packet. A tunnel is a network communications construct that transports encapsulated packets. AH does not really protect the packet information. Therefore, a simple packet sniffer can still read the packet contents. IPSec can be used in transport mode with AH to digitally sign and encrypt packets sent between two hosts. AH provides an authentication security mechanism. Transport mode does not encapsulate packets within other packets. Encapsulating Security Payload (ESP) can be used with IPSec to encrypt IPSec packets. ESP is not used to digitally sign packet headers. ESP works in tunnel mode and transport mode. ESP protects the packet information using encryption.

Answer 66

You should use a patch panel to connect the fifty computers in the office to the switch using Cat6 cables with RJ-45 connectors on both ends. Patch panels, also referred to as patch bays, help with cable management. You should not use a 66 block or 110 block because these devices require that the cable be directly terminated into the device. If the cables are terminated with a jack, such as an RJ-45 connector, a patch panel should be used. You should not use a demarcation extension. A demarcation extension, often called a demarc extension, is used to extend a leased line from its original demarcation point, often called a demarc. For example, suppose your network was located in a suite on the 48th floor of a building and that the Internet Service Provider (ISP) technician connected your leased T1 line demarcation to a central wiring closet located near the elevator shaft. If you needed to connect your suite to that demarcation point, a demarcation extension should be used. Another component is wiring distribution is a smart jack. A smart jack terminates a PRI/T1 at your location. The provider designates everything connected to the inside of the smart jack as the local loop. The local loop equipment typically is the customer's responsibility.

Answer 67

In both the (TIA) / (EIA) 568A and 568B specifications, Pins 4, 5, 7, and 8 contain the same colors. Pin 4 contains the Blue wire; Pin 5 contains the Blue/White wire; Pin 7 contains the Brown/White wire; and Pin 8 contains the Brown wire. All the other wires in the specifications are different. The 568A specification is shown below: Pin 1 − Green/White Pin 2 − Green Pin 3 − Orange/White Pin 4 − Blue Pin 5 − Blue/White Pin 6 − Orange Pin 7 − Brown/White Pin 8 − Brown The 568B specification is shown below: Pin 1 − Orange/White Pin 2 − Orange Pin 3 − Green/White Pin 4 − Blue Pin 5 − Blue/White Pin 6 − Green Pin 7 − Brown/White Pin 8 − Brown

Answer 68

A Next Generation Firewall (NGFW) works at Layer 7, the Application layer. It includes traditional firewall functionality with an Application layer firewall. It enforces security policies at the port, protocol, and application levels. A traditional firewall that allows HTTP traffic on port 80 may also permit an SQL injection attack embedded in a properly formed HTTP request. An Application-layer firewall would perform a more intensive examination of the traffic instead of just allowing traffic on a given port. In this example, even though HTTP traffic on port 80 is allowed on a traditional firewall, the Application layer firewall would look for an SQL injection attack and block the data.

Answer 69

A T3 connection allows for connections of up to 44.736 Mbps. The T-Carrier system offers several different levels of connections. Each level has a different number of channels, which are separate paths through which signals flow. Having more channels increases the bandwidth. However, T1 and T3 are the two most commonly used T-lines. For testing purposes, you should understand the standards for the following carrier lines: T1 − 1.544 Mbps, 650 feet maximum cable length, UTP/STP/coaxial cable T3 − 44.736 Mbps, 450 feet maximum cable length, coaxial cable E1 − 2.048 Mbps, 650 feet maximum cable length, UTP/STP/coaxial cable E3 − 34.368 Mbps, 450 feet maximum cable length, coaxial cable All of these carrier lines are circuit-switched networks.

Answer 70

Dynamic Host Configuration Protocol (DHCP) transmits dynamic IP address assignment information over UDP port 67. DHCP is considered a connectionless protocol. IP addresses are assigned based on a series of messages between the client and the DHCP server. DHCP also uses port 68.

Answer 71

Domain Name System (DNS) is a host name resolution protocol that communicates over TCP and UDP port 53.

Answer 72

Lease time can be manipulated to reduce network traffic. Lease time is the amount of time a device maintains the IP address assigned by the DHCP server. The default lease time for Windows is 8 days, but lease times may be adjusted. As an example, if the network configuration seldom changes and you have a large number of IP addresses, you might consider increasing the lease time. The justification for doing so is that every lease must be renewed, and those renewals increase network traffic. Increasing the duration of the lease reduces the amount of network traffic required for lease renewal.

Answer 73

MAC reservations allow you to permanently assign an IP address to the MAC address of a specific device. Web servers, mail servers, copiers, printers, wireless access points, and projectors are all examples of devices that can benefit from having a permanently assigned IP address. For each such device, a reservation (exclusion) would be made so that the IP address is removed from (reserved) the pool of available IP addresses. Once a reservation is made, that device always uses that same address. But configuring MA reservations will not affect network traffic as much as increasing the lease time.

Answer 74

Time To Live (TTL) specifies the length of time that a DNS name server must cache the name. By default, the TTL is 60 minutes, but it may be modified in the DNS Management Console. Longer TTLs are best for more permanent records, such as MX records, DKIM/SPF records, and TXT records. A lower TTL would mean additional network traffic.

Answer 75

Network Time Protocol (NTP) is used to synchronize the clocks of computers on the network. Synchronization of time is important in areas such as event logs, billing services, e-commerce, banking, and HIPAA Security Rules. Implementing NTP would actually increase network traffic.

Answer 76

For the Network+ exam, you will need to understand the various components associated with NTP. Within NTP, there are three major elements: stratum, clientsstratum, clients, and serversservers. NTP stratumsstratums refer to layers within the protocol that distribute accurate time across the networked devices. NTP clients are the devices that use the NTP server to periodically request timing information. The NTP server communicates with is what each of these clients communicate with and holds the centralized time to ensure that alleach networked devices remaindevice remains in sync with each other. Some of the most common issues with NTP are not receiving NTP packets, not being able to process NTP packets, NTP packets causing the loss of synchronization, and the NTP clock period being manually set. NTP’s debugging commands can help identify the issues.

Answer 77

A mesh topology in wireless networks only requires one access point to be physically connected to the wired network. In traditional wireless networks, each access point must be physically connected to the wired network. With a mesh topology, the other access points are interconnected wirelessly, allowing for flexibility and redundancy.

Answer 78

Transport Layer Security (TLS) encrypts the messages transmitted between two authenticated computers, preventing third parties from reading the messages. TLS is the protocol being used when Secure Sockets Layer (SSL) is implemented. TLS works at the Transport layer of the OSI model.

Answer 79

Trivial File Transfer Protocol (TFTP) is a connectionless version of the File Transfer Protocol (FTP). TFTP transfers files between a client and a server. TFTP servers can be configured to help facilitate file transfers to and from network devices. TFTP works at the Application layer of the OSI model.

Answer 80

User Datagram Protocol (UDP) is part of the TCP/IP protocol suite. UDP provides connectionless communication. UDP works at Transport layer of the OSI model. It uses datagrams for communication.

Answer 81

The company must deploy Cat6a to meet its requirements. Cat6a, which stands for Category 6 Augmented twisted-pair cable, makes use of better conductors and shielding to support the nominal 100 meter (90 meter cable run) distances for data rates up to 10 Gbps.

Answer 82

Cat6 cables can support data rates of up to 10 Gbps, but only over nominal cable runs of up to 55 meters. Cat6 cannot accommodate the 10 Gbps data rate over distances of up to 90 physical /100 nominal meters. As the category numbers for twisted pair cable categories increase, so does their bandwidth handling capabilities and maximum data rates (aka data transmission speeds). Thus, it is reasonble to guess that only the highest numbered categories – namely Cat6 and Cat7 – might be able to provide 10 GB data rates in a new deployment. In fact, Cat6, Cat6a, and Cat7 all can handle 10 GB data rates, but only Cat6a and Cat7 can deliver them over wire runs of up to 100 meters.

Answer 83

Cat5e stands for Category 5 Extended. Cat 5e reflects this modified version of Cat5 cable’s ability to accommodate date rate of up to 1 Gbps. By contrast, standard Cat5 supports data rates only up to 100 Mbps. Cat5e, while still very popular, cannot accommodate the 10 Gbps data rate.

Answer 84

Cat3 cables can deliver data rates up to 10 Mbps over nominal cables runs of up to 100 meters.

Answer 85

Cat4 cables consist of four pairs of twisted copper wire and is rated for 16 Mbps.

Answer 86

Cat7 is not offered as an option here, because its ability to deliver 10 Gbps over the required cable run lengths is contingent upon using all conductors in the Cat7 GigaGate45 (GG45) connectors it uses. These connectors are not backwards compatible with standard RJ-45 connectors. However, the GG45 conductor works fine at 1 Gbps rates in standard RJ-45 connectors.

Answer 87

Active hubs or multiport repeaters amplify or regenerate signals to all other ports on the hub. Because active hubs regenerate signals, they are often used to extend the length of segments beyond their maximum specified lengths. They, as with all hubs, are considered Physical layer devices (Layer 1) because they act on the data at the bit level. If a computer is unable to reach the Internet, the technician should begin troubleshooting at the Physical layer. The Physical layer is also associated with the flow of electrical current and physical connections between devices. The first step of troubleshooting a non-responsive device at the Physical layer is to make sure the device is plugged in and the interconnections are fully seated in their jacks.

Answer 88

The IPv6 network with a /56 global routing prefix should impose little or no cost to obtain. It also provides 256 subnets, each with millions of nodes, and supports IPsec end-to-end. Thus, it provides the best fit while minimizing costs because it meets the starting requirements with ample room for growth. In fact, in a situation where IPsec is needed end-to-end, only IPv6 makes sense. IPv6 network addresses are generally available for no cost or low cost, but one with a /64 global routing prefix provides exactly one subnet (a single network, in other words). Thus it does not meet the stated requirements An IPv6 network with a /48 global routing prefix supports up to 65,000 subnets, each with millions of nodes. It is a popular choice for single subscriber sites, but offers many more subnets than are needed. Thus, it does NOT meet the stated requirements. If one could purchase a public IPv4 class B network address on the open market, it would cost at least $300,000, if not double that amount or more (see References). A single class B address can only be subdivided into 14 subnets, if each one needs 2,048 nodes. Thus for both reasons of cost and capacity, a public IPv4 Class B network address is not suitable.

Answer 89

Private IP addresses do NOT support IPsec connections end-to-end. They require Network Address Translation (NAT) or some equivalent, and will not work with IPsec. Thus, a Private IPv4 Class A address is not suitable.

Answer 90

Port 20 − FTP Port 23 − Telnet Port 25 − SMTP Port 53 − DNS Port 80 − HTTP

Answer 91

APIPA − fe80::/10 Private − fc00::/7 Loopback − ::1/128

Answer 92

The IP address 172.16.5.2 /23 is a member of subnet 172.16.4.0 and has the broadcast address of 172.16.5.255. The valid host range is between 172.16.4.1 and 172.16.5.254. Binary form of IP address 172.16.5.2 = 10101100.00010000.00000101.00000010 Binary conversion for /23 netmask = 11111111.11111111.11111110.00000000 Decimal conversion for /23 netmask = 255.255.254.0 Calculations: Wildcard (Binary) = 00000000.00000000.00000001.11111111 Wildcard (Decimal) = 0.0.1.255 Perform the AND operation between the IP address and the netmask to obtain the subnet ID: Address = 10101100.00010000.00000101.00000010 Netmask = 11111111.11111111.11111110.00000000 Network = 10101100.00010000.00000100.00000000 To obtain the broadcast address, replace the last 9 host bits (32 − 23 = 9 bits) of the network address, which yields the following: Binary form of broadcast address = 10101100.00010000.00000101.11111111 Decimal form of broadcast address = 172.16.5.255

Answer 93

Satellite Internet connections are available anywhere you can place a satellite dish, and are not limited by how close the subscriber is to an ISP. Satellite speeds are slower compared to other delivery media, and satellite transmissions are affected by latency due to the distance the signals must travel.

Answer 94

Copper wire can be found as a transmission medium in unshielded twisted pair (UTP), shielded twisted pair (STP), or coaxial cable. While coaxial cables can have segment lengths up 1 km, UTP and STP are limited to 100 meters. Copper remains the primary transmission medium for last-mile connections in the US.

Answer 95

Fiber-optic cable is available as a transmission media in two main types: single-mode fiber (SMF) and multi-mode fiber (MMF). MMF segments can be up to 600 meters, while SMF segments (10GBase-ER) can be 40KM. Longer distances for SMF are underdevelopment at this writing.

Answer 96

Wireless broadband requires you to be within a certain range of a provider's point of presence, such as a cell tower or antenna. Until recently, wireless broadband was classified as 4G, or 4th Generation, but 5G has become the new global wireless standard. 5G can connect users to virtually anything, such as machines, objects, or other devices, with speeds up to 10 Gbps. 4G speeds, currently 16-17 Mbps, are ten times faster than 3G. 5G speeds vary depending on whether the carrier is employing low-band, mid-band, or upper band frequencies. Wireless broadband has speed limitations, but it does not suffer from the latency issues one experiences with satellite. Some cellular carriers plan to deprecate their 3G networks.

Answer 97

Ports allow more than one service or application to communicate at the same time between computers. Simple Mail Transfer Protocol (SMTP) uses port 25 to communicate e-mail transfers. Administrators can assign additional ports for communication on an intranet and through the Internet. There are a total of 65,536 ports each for TCP and UDP. Of these, only 1,024 ports are considered well known and, therefore reserved for a particular service.

Answer 98

Port 161 is used by Simple Network Management Protocol (SNMP) for network diagnostics.

Answer 99

Port 53 is the port associated with the Domain Name Service (DNS). If this port is blocked by firewall software, you will not be able to access computers on the Internet by their fully qualified domain names (FQDNs), such as www.comptia.org or www.cybervista.net With DSL service, you do not have to have a static IP address. It is not required for accessing Web sites by name.

Answer 100

DHCP scope exhaustion causes new clients to be denied an IP address to lease on a subnet because there are no longer any addresses available in the scope. This is also known as a lease refusal. DHCP scopes are defined by an exact number of devices that are expected, and no more past that.

Answer 101

When a server contains several virtual servers with a single network interface card (NIC), it is most likely to transmit data from multiple IP addresses. It could also transmit data from a single IP address, but with each virtual server using a different port number. This server does not transmit data from multiple MAC addresses. Because a MAC address is the physical address for the NIC, this server only uses a single MAC address. Virtual servers can be implemented using either IPv4 or v6. The number of NICs used in a virtual server has no effect on which IP version should be used.

Answer 102

Although you could use Category 3 or Category 5 cable for the LAN, Category 3 is the lowest category cable that you could use for the LAN. Category 1 and Category 2 cable have maximum transmission rates of only 4 Mbps, so they would not be suitable for a 10-Mbps network.

Answer 103

Category 1 wiring consists of two pairs of twisted copper wire. It is rated for voice grade, not data communication. It is the oldest UTP wiring and is used for communication on the Public Switched Telephone Network (PSTN).

Answer 104

Category 2 wiring consists of four pairs of twisted copper wire and is suitable for data communications of up to 4 Mbps.

Answer 105

Category 3 wiring consists of four pairs of twisted copper wire with three twists per foot. It is suitable for 10-Mbps data communication, and has been used widely in 10-Mbps Ethernet networks.

Answer 106

Category 4 wiring consists of four pairs of twisted copper wire, and is rated for 16 Mbps. It was designed with 16- Mbps Token Ring networks in mind.

Answer 107

Category 5 wiring consists of four twisted pairs of copper wire terminated by RJ-45 connectors. It can be used for ATM, Token Ring, 1000Base-T, 100Base-T, and 10Base-T networking. Cat5e cable, or Category 5 Enhanced, is the most commonly used cable for new UTP implementations. This enhanced specification will support data rates up to 1 Gbps and bandwidths of up to 350 MHz.

Answer 108

Category 6 wiring consists of four twisted pairs of copper wire terminated by RJ-45 connectors. It can supports speeds of up to 1 Gbps or 1,000 Mbps. Category 6a wiring supports speeds of up to 10 Gbps or 10,000 Mbps.

Answer 109

Category 7 wiring consists of four twisted pairs of copper wire terminated by RJ-45 connectors. It supports speeds of up to 10 Gbps or 10,000 Mbps.

Answer 110

Category 8 wiring consists of twisted-pair cabling that can support bandwidths up to 2 GHz (Gigahertz) and speeds up to 40 Gbps over an optimum span of 30 meters

Answer 111

A host or address (A) record maps a hostname to an IPv4 address.

Answer 112

A pointer (PTR) record maps an IP address to a hostname.

Answer 113

An AAAA record maps a hostname to an IPv6 address.

Answer 114

A mail exchange (MX) record maps a domain name to an e-mail server.

Answer 115

A canonical name (CNAME) record contains an alias for an existing A record.

Answer 116

A start of authority (SOA) record contains information regarding a particular DNS zone's start of authority. A Domain Name System (DNS) server is the authority for a DNS zone, which contains DNS records. DNS servers allow users to request access to devices using either the devices' hostname or IP address. A DNS server stores fully qualified domain name (FQDN) to IP address mappings. This server allows clients to use the easier-to remember FQDNs to access remote devices.

Answer 117

Dynamic DNS is an implementation of DNS that allows real-time updates to DNS records. With Dynamic DNS (DDNS), devices can automatically update their DNS records or allow a DHCP server to implement the updates on behalf of the DNS client

Answer 118

The most significant difference between Data Link layer addresses and network addresses is that network addresses are a Network layer component (Layer 3), and Data Link addresses are MAC addresses (Layer 2) used for unique identification. Network addresses refer to logical networks, whereas Data Link addresses define an actual physical address assigned to a network interface card (NIC). Data Link layer addresses define the physical device, and network addresses define the logical device. Data Link layer addresses (MAC addresses) are 48 bits, and a TCP/IP network address is 32 bits (IPv4) or 128 bits (IPv6). This is not a significant difference. The network address is configured by the network administrator. The first six hexadecimal digits of the Data Link (MAC) address are specified by the IEEE according to the NIC's vendor ID; this is known as the Organizationally Unique Identifier (OUI).

Answer 119

Hypertext Transfer Protocol (HTTP) is the set of rules for exchanging files, such as text, graphic images, sound, video, and other multimedia files, on the World Wide Web. HTTP is an application protocol that works at the Application layer of the OSI model. The HTTP files can contain references to other files that will elicit additional transfer requests when they are selected. A Web browser is an HTTP client that sends requests to server machines. The browser builds an HTTP request and sends it to the Internet Protocol address indicated by the URL. The HTTP daemon in the destination server machine receives the request and, after any necessary processing, it returns the requested file. HTTP is considered to be unsecure. If you need to protect an HTTP session, consider using HTTPS. HTTPS is a secure form of HTTP that uses Secure Socket Layer (SSL) to encrypt the HTTP messages.

Answer 120

Hypertext Transfer Protocol (HTTP) is the set of rules for exchanging files, such as text, graphic images, sound, video, and other multimedia files, on the World Wide Web. HTTP is an application protocol that works at the Application layer of the OSI model. The HTTP files can contain references to other files that will elicit additional transfer requests when they are selected.

Answer 121

Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol (IP) address to a physical machine address that is recognized on the local network. ARP works at the Network layer of the OSI model. It is not responsible for Web browser communication.

Answer 122

Internet Protocol (IP) receives segments from the higher-level protocols and adds source and destination information to each segment. A segment with the source and destination information attached is called a "datagram." Datagrams are then transmitted across the network to the receiving hosts. IP works at the Network layer of the OSI model. It is not responsible for Web browser communication.

Answer 123

The following protocols are considered unsecure protocols: TELNET HTTP SLIP FTP TFTP SNMPv1 and SNMPv2 If you use any of these protocols, you should use a version that includes SSL or some other cryptography. For example, secure shell (SSH) is a secure alternative to Telnet.

Answer 124

Unnecessary running services − Disable all unnecessary services on every device. Hackers will search for all used services and attempt to employ known vulnerabilities for those services.

Answer 125

Open ports − Close all ports that are not used. Hackers can also use these open ports to break into your network.

Answer 126

Unpatched/legacy systems − Older systems provide an easy target to hackers, especially those with unsupported operating systems or applications. For example, Windows XP is no longer supported by Microsoft. Service packs and updates are no longer issued for this operating system. You should get rid of legacy systems that run software that is no longer supported by the vendor or else you should find a way to isolate them from the rest of the network.

Answer 127

Unencrypted channels − Unencrypted channels are paths along which data can be intercepted. While it would adversely affect the performance of the network to encrypt every single channel, you should encrypt every single channel through which confidential or private data is sent.

Answer 128

Clear text credentials − Some protocols send credentials over the network in clear text. This allows an attacker to intercept the communications to obtain the credential information. You should eliminate the use of any protocols that use clear text credentials by replacing them with more secure protocols.

Answer 129

TEMPEST/RF emanation − Tempest studied the susceptibility of some devices to emit electromagnetic radiation (EMR) in a manner that can be used to reconstruct intelligible data. Radiofrequency information can be captured in a similar manner. You should use shielding to protect against these vulnerabilities.

Answer 130

Port 21 – FTP Port 110 – POP3 Port 143 – IMAP Port 443 – HTTPS Port 3389 – RDP

Answer 131

To derive a 64-bit Extended Unique Identifier (EUI) address, also referred to as EUI64, you need to use the host's MAC address with FFFE inserted in the middle and the seventh most significant bit inverted in the MAC address. EUI-64 is defined in RFC2373. It allows a host to assign itself a unique 64-bit IPv6 interface identifier. This uniquely identifies individual IPv6 hosts on a network and eliminates the need for manual address configuration or use of DHCP. The proper formula for creating an EUI-64 host address involves splitting the MAC address in half, inserting the hexadecimal value FFFE in the middle, and inverting the 7th most significant bit of the MAC address. If you began with a network address of 2012:ABCD::/64 and a MAC address 1111:2222:3333, you would split the MAC address into 1111:22 and 22:3333 and put FFFE in the middle, which makes the initial value 1111:22FF:FE22:3333. Next, you must invert the seventh most significant bit in the MAC address. The seventh bit occurs in the left-most two numbers of the MAC address 0x11. In binary, this translates to 00010001 (the seventh bit is bolded for easy visual identification). Inverting that bit produces the value 00010011, which equals 0x13. Thus, the combined string 1111:22FF:FE22:3333 would be changed to 1311:22FF:FE22:3333 to produce the EUI-64 host ID. Finally, you would precede that value with the network ID, producing 2012:ABCD::1311:22FF:FE22:3333. This is the complete network address for this example node.

Answer 132

The loopback address is defined for both IPv4, where it applies to any address of the form 127.x.x.x, and to IPv6, where it takes the form ::1 (all zeroes with a 1 in the final bit position). The purpose of the loopback address is to provide a mechanism for testing the functionality of IP stack software, independent of hardware. That is, despite its formal designation as “the loopback interface,” the loopback address has no hardware associated with it nor is it physically connected to any network. Using the loopback address simulates sending and receiving packets up and down the IP stack without accessing anything external outside of that software. The purpose of the loopback address is NOT to provide an IP address that is always available. This is because the IP stack might be faulty, corrupt, or malfunctioning. The purpose of the loopback address is NOT to provide an IP address for testing the location IP stack through the network interface because loopback does not interact with any physical hardware. Loopback works completely independent of any hardware or network connection.

Answer 133

Domain Name System (DNS) is the protocol that will manage the FQDN to IP address mappings. DNS works at the Application layer of the OSI model. The DNS database will include the following record types: Host (A) record for IPv4 Host (AAAA) record for IPv6 Pointer (PTR) record Canonical name (CNAME) record Mail exchanger (MX) record Name server (NS) record

Answer 134

Secure Shell (SSH) is a protocol that allows data to be securely exchanged between two devices. SSH works at the Presentation layer of the OSI model.

Answer 135

Asynchronous Transfer Mode (ATM) is NOT associated with data conversion between the ISP and the customer premises equipment. It is a network transmission model used in voice, video, and data communications. ATM uses equally sized cells that are all 53 bytes long. The equal length of the data packets supports very high data rates. ATM is deployed in Optical Carrier (OC) backbone network segments. All of the other options are associated with data conversion between the ISP and the customer's on-premises equipment.

Answer 136

A demarcation point is where the division is made between the service responsibilities of the ISP and the service responsibilities of the customer. It is often located at the CSU/DSU or smart jack. When a network problem occurs, the demarcation point will determine which party is responsible for fixing it, such as the customer or the ISP.

Answer 137

A Channel Service Unit/Data Service Unit (CSU/DSU) is a device that connects a router to a digital circuit, such as a T1 line. The CSU/DSU converts the signal from a wide area network into frames for a local area network.

Answer 138

A smart jack typically provides the conversion between a telecommunications T1 line and the customer’s network. Smart jacks can also provide an alarm if the communications link is broken, diagnostic services such as loopback, or even act as a repeater. Both smart jacks and demarcation points are examples of service-related entry points, which will be a topic that is covered on the Network+ exam.

Answer 139

The text (TXT) records contain human-readable text, and are designed to help with fraudulent phishing emails. The Sender Policy Framework (SPF) record within the TXT record helps filter out emails that are spoofed to appear as if they are coming from your domain. SPF looks at the IP address of the last SMTP server and verifies that the IP address and SMTP server match. Domain Keys Identified Mail (DKIM) validates that an email sent from a domain was authorized by the owner of the domain

Answer 140

The 169.254.2.120 address is a valid Automatic Private IP Addressing (APIPA) address. By default, Windows XP and Windows 7 client computers are configured to use an APIPA address if the DHCP server does down. The addresses in the APIPA range are 169.254.0.0 through 169.254.255.255. These addresses are not routable and are therefore only usable on the local subnet. The other addresses are all part of the three private IP address ranges, as shown below: 10.0.0.0 through 10.255.255.255 172.16.0.0 through 172.31.255.255 192.168.0.0 through 192.168.255.255

Answer 141

The 10GBase-ER designation allows a maximum cable run of up to 40 kilometers (25 miles ).using single-mode fiber optic cable. The 10GBase-LR designation allows a maximum cable run of up to 25 kilometers (16 miles) using single-mode fiber optic cable. The 10GBase-SR designation allows a maximum cable run of up to 25 meters (85 feet), 82 meters (270 feet), or 300 meters (980 feet), depending on which multi-mode cable is used. The 10GBase-LX4 designation allows a maximum cable run of either 240 meters (790 feet) or 300 meters (980 feet) using either single-mode or multi mode fiber optic cable..

Answer 142

When you ping a host, Internet Control Message Protocol (ICMP) will respond to the request. ICMP works at the Network layer (Layer 3) of the OSI model. If the ping is successful, the information returned will have this format: Reply from 207.157.10.6: bytes=32 time<10ms TTL=128 Reply from 207.157.10.6: bytes=32 time<10ms TTL=128 Reply from 207.157.10.6: bytes=32 time<10ms TTL=128 Reply from 207.157.10.6: bytes=32 time<10ms TTL=128 "Reply" means that the host is reachable, and is responding to requests. If the ping is unsuccessful, the information returned will have this format: Pinging 192.168.1.5 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 192.168.1.5: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), Approximate round trip times in milliseconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms

Answer 143

Reverse Address Resolution Protocol (RARP) allows a host on a local area network to request its IP address from a gateway server's Address Resolution Protocol (ARP) table or cache. RARP works at the Network layer of the OSI model.

Answer 144

Bit rates vs baud rate − Bit rate is the amount of bits being transferred within a unit time, where baud rate is the amount of symbols being transferred. A symbol may contain one or more bits.

Answer 145

Infrastructure mode allows wireless computers to connect to a LAN, WAN, or the Internet. This means that infrastructure mode wireless computers can access all computers on the LAN, WAN, and Internet. Infrastructure mode is much more expensive to implement than ad hoc mode because you must configure wireless access points. While infrastructure mode is harder to set up and configure, it is much easier to manage than ad hoc mode. Ad hoc mode allows wireless computers to be configured much more quickly than infrastructure mode. Ad hoc mode wireless computers all participate in the same network. This means that the ad hoc wireless computers can access each other, but cannot access network resources on a LAN, WAN, or Internet. Ad hoc mode is much cheaper than infrastructure mode to implement. In addition, it is easy to set up and configure and can provide better performance than infrastructure mode. However, it is difficult to manage an ad hoc mode wireless network.

Answer 146

A Dynamic Host Configuration Protocol (DHCP) server dynamically assigns IP addresses to DHCP clients. This ensures that each client receives a valid and unique IP address, preventing IP address conflicts.

Answer 147

You should use Secure File Transfer Protocol (SFTP). First, because SFTP uses only a single port number for communications, it is easy to secure and monitor at the firewall. Second, unlike FTPS, SFTP is not a reworked version of FTP. Rather, it is a completely different protocol based on Secure Shell (SSH) that encrypts both authentication data and data files being transferred. Third, SFTP even works with SSH private/public key pairs for an optional added layer of authentication and enhanced security.

Answer 148

You should configure the DNS server as a server option. This will ensure that all DHCP clients receive the DNS server settings. You should also configure each router as a scope option for its appropriate scope. Each scope will have a different router or default gateway. For this reason, router or default gateway information must be configured at the scope level. If you configure this option at the server level, all the clients would receive the same router configuration, which would not work because you have three different subnets.

Answer 149

A 110 block uses a punch-down tool, just like a 66 block. The punch-down tool forces the wires into the slots on the block. A 110 block does support higher frequencies than a 66 block. A 110 block requires less space than a 66 block. A 110 block supports both telephone and data networks, while a 66 block is only used on telephone networks.

Answer 150

For the Network+ Exam, you will need to also understand the Krone and Bix punchdown blocks. A Krone punchdown block is an insulation-displacement connector that is used as an alternative to the 110 blocks within Europe. Krone blocks are often used with audio interconnections and broadcast systems. The Bix punchdown is part of a telephone cross-connect system that consists of various punch-down blocks, cable distribution accessories, and tools to terminate wires.

Answer 151

Routers operate at the Network layer (Layer 3) of the OSI networking model. They use source and destination addresses, which are located at the Network layer, to route packets. On the other hand, switches use MAC addresses, which are located at the Data Link layer (Layer 2), to forward frames. An example of an issue that occurs at the Network layer is when computers are connected to the same switch but receive error messages and cannot communicate. The Session layer (Layer 5) starts, maintains, and stops sessions between applications on different network devices. The Physical layer (Layer 1) provides the functions to establish and maintain the physical link between network devices. The Transport layer (Layer 4) of the OSI model segments and reassembles data into a data stream and provides reliable and unreliable end-to-end data transmission.

Answer 152

Currently, ports 80, 20, and 21 are open in the firewall. Port 80 is the port that is used to transfer Hypertext Transfer Protocol (HTTP) messages. HTTP is the protocol that is used to transport Web pages on the Internet. Ports 20 and 21 are used by File Transfer Protocol (FTP), a protocol that can transfer data files on the Internet. An FTP server listens for requests on port 21 and establishes connections with FTP clients on port 20. In this scenario, you should close ports 20, 21, and 80 to prevent HTTP and FTP traffic. Simple Mail Transfer Protocol (SMTP) is used to transfer e-mail messages between e-mail servers on the Internet. SMTP uses port 25. Post Office Protocol 3 (POP3) is used by e-mail clients to retrieve messages from e-mail servers. POP3 uses port 110. In this scenario, you should open ports 25 and 110.

Answer 153

IP Address Management (IPAM) allows integration of DNS and DHCP so that each is aware of the changes in the other. IPAM allows for the discovery of servers associated with an IP address infrastructure responsibilities on the network and the ability to manage those servers from a central point. Some things that IPAM can allow a network administrator to manage include: IP address availability − how many unassigned IP addresses exists Subnet identification, subnet size, and which subnet is associated with which segment Static/dynamic status for each subnet address Default routers that the various network devices use IP address host name IP address and associated hardware

Answer 154

The 1000Base-T Gigabit Ethernet standard specifies a maximum data transfer rate of 1 Gbps. Category 5 unshielded twisted-pair (Cat5 UTP) cable and RJ-45 connectors are typically used on 1000Base-T Ethernet networks.

Answer 155

The 10Base-2 Ethernet standard specifies a data transfer rate of 10 megabits per second (Mbps), RG-58 coaxial cable, and BNC connectors.

Answer 156

The 10Base-T Ethernet standard specifies a data transfer rate of 10 Mbps. Cat3 UTP cable or better is required on 10Base-T Ethernet networks, and RJ-45 connectors are used to connect devices to a 10Base-T Ethernet network

Answer 157

100Base-T is the 100-Mbps version of 10Base-T and requires Cat5 or higher UTP cabling. 10GBase-T is the 10-Gbps version of this specification and requires Cat6a or higher UTP cabling.

Answer 158

The 100Base-FX Fast Ethernet standard specifies a data transfer rate of 100 Mbps, fiber-optic cable, and fiber-optic cable connectors, such as ST or SC connectors.

Answer 159

Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) both operate at the Transport layer of the Open Systems Interconnection (OSI) model. Because the Transport layer is the fourth layer in the OSI model, it is sometimes referred to as Layer 4.

Answer 160

You should use Simple Network Management Protocol (SNMP) to enable the routers to notify you when they exceed specified performance thresholds. SNMP is a protocol in the TCP/IP suite that enables the collection of data about various devices connected to a TCP/IP network, including bridges, hubs, and routers. It is worth noting that SNMP is not inherently secure, so steps should be taken to improve its security posture by configuring the protocol to read-only and by utilizing tools, such as Iptables, to limit from where SNMP can source requests. Each SNMP-compatible device has a Management Information Base (MIB) database that defines the type of information that can be collected about the device. You can also configure SNMP traps to analyze network performance and network problems. A trap is a message that an SNMP-compatible device sends when the device has exceeded a performance threshold. You can configure SNMP to send traps to the network management software you are using, to your e-mail address, or to another destination. SNMP works at the Application layer of the OSI model. SNMP monitors are the pieces of software that actually monitor managed devices. This software must be applied at the device level.

Answer 161

Another element that you will need to understand for the Network+ exam are SNMP object identifiers (OIDs). OIDs are a string of decimal numbers that are used it uniquely identify an object, such as an attribute or an object class. SNMP will use a management information base to tie various OIDs to different objects or files to help monitor and manage information that is being sent between different network devices. OIDs are most helpful when used in a large-scale network management system that has hundreds of different devices communicating with each other.

Answer 162

Internet Security Association and Key Management Protocol (ISAKMP) is a protocol that works with IPSec to establish a secure session. Remote Desktop Protocol (RDP) is a Microsoft protocol that establishes sessions with other computers.

Answer 163

Telnet is the protocol that communicates over TCP port 23. Telnet is a protocol that allows users to access remote computers and devices. Cisco routers can be configured to allow remote administration though this protocol. File Transfer Protocol (FTP) communicates over TCP ports 20 and 21 to transfer files. Secure Shell (SSH) communicates over TCP port 22 to allow secure data transfer. Trivial File Transfer Protocol (TFTP) communicates over UDP port 69 to transfer files.

Answer 164

Telnet is a user command and an underlying TCP/IP protocol for accessing remote hosts. The HTTP and FTP protocols allow you to request specific files from remote hosts without having to log on as a user of that host computer. The Telnet protocol, however, allows you to log on as a regular user with the associated privileges that you have been granted to the specific application and data on that host. In other words, you appear to be locally attached to the remote system.

Answer 165

The IP address 196.11.200.71/18 is an example of a "slash x" network, also known as Classless Interdomain Routing (CIDR) notation. CIDR is a way of applying a subnet mask to an IP address in order to optimize address space while ignoring the traditional IP class categories. With classful addressing, 196.11.200.71 is a class C address, which means that 24 bits of the address are used for the network portion of the address and eight bits are used for the host portion. With CIDR, the /18 notation at the end of the IP address means that 18 bits are used for the network portion of the address, and the host portion uses the 14 remaining bits. This process is often referred to as subnetting. With 18 bits used, the standard subnet mask is 11111111.11111111.11000000.00000000 or 255.255.192.0. In turn, this means that the network portion of this address, or the base network ID, is 196.11.192.0. The purpose of CIDR is to divide IP addresses into smaller, more efficient blocks of space.

Answer 166

Although the OSI Data Link layer (Layer 2) uses MAC, or physical device, addressing, the Network layer (Layer 3) uses logical network addressing. This logical address is defined by the protocol's addressing scheme. For example, an IPv4 TCP/IP address is composed of 32 bits, divided into four sets of decimal numbers divided by periods. An IPX address is a combination of an 8-digit hexadecimal number, which is assigned by the network administrator, and a 12-digit MAC address, separated by a colon. Service addressing is the other addressing method used by the OSI Network layer. It is used to identify a specific upper-layer process or protocol. A service address is also known as a port or socket

Answer 167

A Metropolitan Ethernet, or Metropolitan Area Network (MAN), or Metro Ethernet, is a network encompassing a localized geographic area, such as a city and its suburbs. Government entities, businesses, and hospitals (for example) can use a Metropolitan Ethernet to interconnect a main office with satellite offices in the suburbs.

Answer 168

The spine-and-leaf structure enables organizations to utilize a network that is more scalable, has lower latency, and has increased capacity. In addition to these benefits, the spine-and-leaf architecture also enables the use of equal cost multipath (ECPM) instead of spanning tree protocol (STP) to prevent pathways from being oversubscribed while still preventing network loops. As networks began to push away from north-south traffic flows to east-west flows, network architecture adopted thespine-and-leaf design. This design uses two layers instead of three, where the leaf layer consists of access switchesthat aggregate traffic from servers and connect them to the spine switches. These spine switches interconnect all leaf switches in a full-mesh topology, enabling rapid communication between servers. Spine-and-leaf designs also utilize top-of-rack (TOR) switching, where the network equipment is all located on the same or adjacent rack and are connected via an in-rack network switch. This method allows organizations to implement fiber switches that connect easily with every other device in the rack, greatly increasing network speeds and reliability. The major drawbacks to the spine-and-leaf design are that it increases the number of cables used, making it difficult to manage, and it only allows you to configure a set number of hosts based on the available switch connections.

Answer 169

The three-tiered architecture design was traditionally the staple for network architecture, as it was known for effectively moving traffic flows from north to south. In a three-tiered network, the core layer, or backbone, is the layer that coordinates everything and connects all the distribution layers together. The distribution, or aggregation, layer connects users to the core layer. It also serves as the major spine, as it will connect access switches. The access, or edge, layer is closest to the users, and will physically connect them to a network. The access layer is where organizations can implement network-access policies to determine who is allowed to access the network and what information can and cannot be sent/received

Answer 170

A virtual network interface card (NIC) operates within the virtual environment. In common practice, it is bridged to the physical NIC on the host system so the virtual machine can communicate with another network segment or the Internet.

Answer 171

A hypervisor (or virtual machine monitor) provides supervisory and management functions on a machine (host) on which one or more virtual machines are deployed. Hypervisors are categorized as Type 1, which installed on the "bare metal," or Type 2, which are installed on top of the operating system as an application. Examples of Type 1 include KVM for Linux and Microsoft's Hyper-V Server 2012. Examples of Type 2 hypervisors include VMware Workstation and OracleBox.

Answer 172

The IPv4 addressing system is running out of IP addresses. The current system uses a 32-bit address and, therefore, provides for 4,294,967,296 addresses. However, these addresses are being depleted at a rapid rate. Many methods, such as proxies and Network Address Translation (NAT), reduce the rate of depletion, but a new system must be put into place. Routing tables are also increasingly hard to maintain because they must contain an ever-increasing amount of information. IPv6 uses a 128-bit hexadecimal system and will provide for 3,400,000,000,000,000,000,000,000,000,000,000,000,000 addresses

Answer 173

The network ID of the network you administer is 130.250.0.0. According to the scenario, your network is not subnetted and is configured with Class B IP addresses. In a Class B IP address, the first 16 bits of the IP address correspond to the network address, and the last 16 bits of the address correspond to the host address. In dotted-decimal notation, a decimal number represents each 8-bit portion, or octet, of an IP address. Therefore, the network address for the network you administer is the first two octets followed by two octets of zeroes, or 130.250.0.0. The address 128.0.0.0 is the first valid network ID in the range of Class B IP addresses that are not subnetted. The address 130.250.255.255 is the broadcast address for the network with the network ID 130.250.0.0. The IP address 255.255.255.255 is a broadcast address on a TCP/IP network.

Answer 174

You should configure the firewall to block access to Transmission Control Protocol (TCP) port 80 in order to prevent Internet users from using HTTP to enter the company's network on that port. Because TCP port 80 is the well-known port number that is assigned to Hypertext Transfer Protocol (HTTP), configuring the firewall to block transmissions through port 80 will prevent HTTP communications from entering the network.

Answer 175

Among the available choices, you should use Category 5 unshielded twisted-pair (Cat5 UTP) cable and RJ-45 connectors to connect a computer to a 100Base-TX Ethernet network. On a 100Base-TX network, you can use two pairs of either Cat5 UTP or Type 1 shielded twisted-pair (STP) cable. RJ-45 connectors are typically used to connect computers to a 100Base-TX network. Although an RJ-45 connector is similar in appearance to a standard RJ-11 telephone connector, an RJ-45 connector is wider than an RJ-11 connector. Additionally, an RJ-45 connector supports eight wires, whereas an RJ-11 connector supports up to six wires. An RJ-11 connector is used to connect an analog modem to a regular phone line.

Answer 176

Usually abbreviated VIPA, a virtual IP address is a single IP address that may be shared among multiple domain names or servers. By assigning a virtual IP address to a host, it no longer needs to depend on specific individual network interfaces. Incoming packets target the host’s VIPA, but all are routed through to actual, specific network interfaces. VIPA thus helps to provide load balancing for incoming traffic, where switches or routers behind the scenes can distribute them evenly among a pool of available network interfaces. A primary advantage of VIPA is to eliminate host dependencies on specific, individual network interfaces.

Answer 177

You should implement a virtual storage area network (vSAN) to isolate two of the devices that are located on a SAN fabric containing eight devices. A vSAN is a collection of ports from a set of connected Fibre Channel switches that form a virtual fabric. You can partition ports within a single switch into multiple VSANs, despite sharing hardware resources. Do not confuse a vSAN with virtual storage. In recent years, virtual storage solutions like Microsoft's SkyDrive and Amazon's CloudDrive have been developed to provide online storage and sharing of data.

Answer 178

iSCSI − allows you to send SCSI commands over an IP-based network. It also can be used to connect a networked attached storage (NAS) device to an Ethernet network. To improve the performance of data transfers over iSCSI switches, you should set the maximum transmission unit (MTU) to 9000 on the each of the participants in the vSAN.

Answer 179

Jumbo Frame − an Ethernet frame with a payload greater than the standard MTU of 1,500 bytes. It supports at least 1 Gbps and can be as large as 9,000 bytes.

Answer 180

Fibre Channel − transmits data between computer devices at data rates of up to 4 Gbps (with 10 Gbps coming in the future). While it can use fiber optic or coaxial cabling, it provides the best distance (approximately 10 km) using fiber optic cabling.

Answer 181

Network attached storage (NAS) − provides both storage and a file system. This is often contrasted with SAN (Storage Area Network), which provides only block-based storage and leaves file system concerns with the client. It uses file-based protocols such as UNIX's NFS, Microsoft's Server Message Block/Common Internet File System (SMB/CIFS), Apple's AFP, or Novell Netware's NCP. This would be the most cost efficient solution for a SQL server that needs several terabytes of disk space available to do an uncompressed backup of a database.

Answer 182

100Base-TX, known as Fast Ethernet, uses two pairs of Category 5 UTP cable. Standard RJ-45 connectors are used. 100Base-TX transmits data at 100 Mbps using the baseband signaling type. Its maximum segment distance is 100 meters (328 feet).

Answer 183

BNC − coaxial cable SC − fiber-optic cable RJ-45 − twisted-pair cable Coaxial cable can also use an F-connector. Fiber-optic cable can also use an ST or LC connector. Twisted-pair cable can also use an RJ-11 connector. For twisted pair cable, an RJ-11 connector is used in telephone deployments and an RJ-45 connector is used in network deployments.

Answer 184

Of the IP addresses listed, 192.168.0.1 is a valid host address within the range of IANA-designated private IP addresses that provide a maximum of 16 bits per host address. The IP address 11.0.1.0 is a public, or external, IP address. The Internet Engineering Task Force (IETF) is a working group that creates standards for the Internet. The IETF is divided into a number of smaller committees, including the Internet Assigned Numbers Association (IANA), which decides how the IP address space is used. The IANA has reserved three address spaces for private or internal IP addressing. Internal IP addresses are never assigned by the IANA for use on the public Internet. The private IP address ranges are as follows: 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. Note that the number after the slash (/) character is referred to as the network address prefix, which indicates the number of bits in the network address.

Answer 185

A mesh topology connects every device to every other device using a series of point-to-point connections. This makes the mesh topology very expensive, but it creates several possible signal paths, providing a high level of fault tolerance. This is important if you cannot afford to have any portion of your network down at any time. There are two types of mesh network: partial mesh and full mesh. Partial meshes are usually implemented in large corporations in a central subnetwork, like a data center. Full meshes are very expensive to implement.

Answer 186

A bus topology uses a single cable, also known as a backbone, segment, or trunk, to connect all networked devices. Therefore, a bus topology uses less cabling than other topologies. However, it also means that the entire network will stop responding should a cable failure occur.

Answer 187

A star topology, also known as a hub-and-spoke topology, connects all of the nodes, or computers, to a central device such as a hub. The hub has a connection port for each node. This arrangement minimizes the risk of failure of the entire network. For example, if one node on the network fails, only that node will be impacted by the failure. All other nodes on the network will continue to operate. However, the central connection point can be a single point of failure for the network.

Answer 188

A ring topology connects every computer to two other computers, forming a physical "ring." In a ring topology, signals generally travel in one direction around the ring as they are passed from one computer to another. If a cable failure occurs, there is a break in the ring, which causes the entire network to stop responding.

Answer 189

A wireless topology typically places computers near or around transceivers known as access points. A Wireless Access Point (WAP) functions much like the hub does in a wired network, acting as a central connection point for network devices on one network segment. However, there is no a physical cable connection to the WAP.

Answer 190

A hybrid network uses a combination of two or more network types. For example, an organization may have an isolated small network that uses a ring topology that connects to the organization's other bus networks

Answer 191

Fiber-optic cable carries its signals in the form of modulated pulses of light. Because fiber-optic uses light pulses rather than electric signals, it is virtually impossible to intercept the signal without interrupting it and, thus, being detected. It is the most expensive type of networking cable. It is also not susceptible to interference. Fiber-optic cable can span distances of up to 2 kilometers, or 2,000 meters (6,562 feet), and transmit data at a rate in excess of 100 Mbps. Fiber-optic connectors use ceramic ferrules for connection, and different fiber optic connectors use different ferrule size and length and polish styles.

Answer 192

Physical Contact (PC) type provides 40dB return loss or higher. Ultra Physical Contact (UPC) provides 50dB or higher. Angled Physical Contact (APC) provides 60dB or higher. The higher the return loss, the better the performance. Single-mode fiber-optic cables use all three types connectors, while multi-mode only uses PC and UPC connectors.

Answer 193

IPv6 hosts use router advertisement to install a default IPv6 route when the hosts use IPv6 Stateless Address Autoconfiguration. When a device that uses both IPv4 and IPv6 joins a network, it sends a router solicitation (RS) message using ICMP to contact the local IPv6-capable router on the network. The local router is tuned into the all router’s multicast group address, which is ff02::2, and will receive the RS message. The router immediately answers with a routing advertisement (RA) message using ICMP to the all nodes on the network. This uses the all nodes multicast group address, which is ff02::1. The router also sends the RA messages periodically (to keep the nodes informed of any changes to the addressing information for the LAN. For the Network+ exam, you will need to understand how to harden RA messaging. IT professionals can implement an RA advertisement guard with the RA messaging system. This guard prevents malicious attackers from spoofing RA messages, and inspects the messages to make sure that they are complaint with the organization’s RA-guard policy. The guard will drop any packets that do not met the compliance policy.

Answer 194

Maximum transmission units (MTUs) indicate the largest number of bytes allowed in a frame. If the MTU size is reduced, network performance is affected. Also, if the MTU is too large, a packet may be rejected by the device receiving the packet.

Answer 195

Carrier Sense Multiple Access/Collision Detection (CSMA/CD) is a feature of Ethernet switches that slows down the traffic on wired networks when bottlenecks occur. It uses rules to determine how network devices should respond when two devices attempt to use a data channel simultaneously and a collision occurs. Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) is a feature that creates a collision-free communication channel between the transmitting device and the receiver.

Answer 196

Twisted-pair cabling is the least expensive cabling media. Because unshielded twisted-pair (UTP) is commonly used in telephone systems, it is mass-produced, making it inexpensive and widely available. In addition, twisted-pair cabling is very easy to work with, meaning that very little training is required for its installation.

Answer 197

You should allocate two networks with a /22 mask and allocate the remaining four with a /23 mask. Subnetting is the process of dividing an IPv4 network into multiple subnetworks using different subnet masks. A single Class B network has room to accommodate 4,094 usable addresses, discounting the broadcast address and the network address. Each subnet requires an additional broadcast and network address, so six subnets drops the total number of usable addresses to 4,084. In this scenario, requiring two subnets at 512 nodes plus four more at 256 nodes means that a total of 2,048 addresses are needed immediately. Thus, leaving room for growth requires allocating all available addresses on the class B network. In binary terms, an increase of one over the number 2,048 means doubling it to get to 4,096, and the closest a single Class B network can come is therefore to plan for complete allocation of the usable address space. Here is how that address space lays out: Major network: 172.17.0.0/20 Available IP addresses in major network: 4094 Number of IP addresses needed: 204 Available IP addresses in allocated subnets: 4084 About 100% of available major network address space is used About 50% of subnetted network address space is used

Answer 198

Use of variable length subnet masks (VLSMs), or classless subnetting, to partition IPv4 addresses into various sized subnets is also known as Classless Inter-Domain Routing (CIDR). CIDR has helped to make more efficient use of IPv4 address space in the past decade, as IPv4 addresses have become “exhausted” (fully allocated and distributed for actual use).

Answer 199

Because dropping occasional packets is less important than reducing latency end-to-end, Datagram Transport Layer Security (DTLS) is the best option. DTLS is essentially a reimplementation of TLS, which uses orderpreserving TCP at the Transport layer. DTLS uses the UDP protocol at the Transport layer instead of TCP. Though UDP is stateless and more lightweight than TCP, DTLS includes its own sequence numbering and assembly capabilities to make up for those lacks in the underlying transport. Because it imposes less overhead, it works better for streaming media transport than the heavier-duty guaranteed delivery mechanisms in TCP, and by extension TLS.

Answer 200

When using a public cloud deployment, other tenants can gain physical access to the resources that store your company's data. Cloud security implications depend on the type of cloud that is being utilized. Public clouds are often seen as the riskiest form of clouds as they are open for the public to connect to, meaning there is a greater exposure to a malicious attacker. A private cloud only allows specific and authorized users to gain access, making it far harder to breach as well as easier to manage.

Answer 201

Whenever considering implementing and using cloud services, organizations need to be aware of several key elements: multitenancy, elasticity, scalability, and security implications. Multitenancy is when several different cloud users access the same computing resource, as is common when several different companies store data within the same server. Ensuring that providers have servers that can handle these large workloads is critical to cloud availability. Cloud elasticity refers to the degree in which a system can adapt to workload changes by automatically provisioning and de-provisioning resources. Cloud scalability refers to a cloud system being able to allocate more resources automatically to handle greater workloads as more users and organizations request to utilize various cloud services and applications.

Answer 202

Z-Wave is a wireless technology that is widely used in home automation, such as smart lights, locks, and thermostats. It creates a wireless mesh network with a primary controller. Each device communicates with its nearest neighbor, much like routers communicate with each other. All of the other options facilitate the Internet of Things (IoT). However, Z-Wave is most commonly used in home automation devices.

Answer 203

Multiprotocol Label Switching (MPLS) is a WAN technology that allows using label switching for routing frames. It uses label-switching routers and label-edge routers to forward traffic

Answer 204

Ports allow more than one service or application to communicate at the same time between computers. The Domain Name System (DNS) service uses port 53 to communicate information between name servers. DNS uses both TCP port 53 and UDP port 53. Administrators can assign additional ports for communication on an intranet and through the Internet. There are a total of 65,536 ports from which to choose. Of these, only 1,024 ports are considered well known and, therefore, reserved for a particular service.

Answer 205

The forward lookup zone is most likely to contain the IP address of Computer B. When comparing forward vs reverse zones, the forward lookup zone provides the association between devices on a domain and their corresponding IP address. As an example, it would contain a record that says mypc.mydomain.com has IP address 192.168.5.1. If another machine on the network needed the IP address for mypc.mydomain.com, it would query the forward lookup zone on the DNS server, find the record for mypc.mydomain.com, and retrieve the IP address.

Answer 206

Two other types of lookups that you need to understand are recursive and iterative DNS lookups. Recursive DNS lookups occur when one DNS server communicates with other DNS servers to search for a specific IP address and return it to the client. In contrast, an iterative DNS lookup is where the client communicates directly with each DNS server involved in the lookup. For the Network+ exam, you will also have to understand the importance of zone transfers within a DNS server. Zone transfers is a procedure that lets two DNS servers exchanges their zone information. The purpose of this process is to create redundancy within a network in the event of a crash. For more important zones within a network, it is often advised to have more than two DNS servers to ensure redundancy is guaranteed.

Answer 207

When comparing internal vs external DNS, the internal DNS would reside within the enterprise's networks and provide "local" name resolution. An external DNS server would be one that not only provides resolution for your domain, but others as well. While the query may go to the DNS server, the information is actually contains in the lookup zones located on the servers.

Answer 208

The 1000BaseCX Ethernet standard supports a data transmission rate of 1 Gigabit per second (Gbps) over 150- ohm balanced copper cable. The 1000BaseCX Ethernet standard supports a maximum cable segment length of only 25 meters (m). The 1000BaseCX Ethernet standard was designed to support connections between network nodes that are in close proximity, such as nodes in a network's wiring closet. The 1000BaseCX standard specifies 8- pin High Speed Serial Data Connectors (HSSDCs) or 9-pin D-subminiature connectors. HSSDC connectors are preferred over the 9-pin D-subminiature connectors because they provide a better electrical connection than the D connectors. Note that 1000BaseCX Ethernet equipment may be difficult to obtain, because it never became popular.

Answer 209

Ethernet over HDMI − This standard allows you to use a High Definition Multimedia Interface (HDMI) connection for Ethernet communication. It supports 4.92Gbps or higher transmission depending on which HDMI version you use. Most implementations have a maximum cable length of 15 feet.

Answer 210

Ethernet over power line − Power-line networking uses the electrical wiring in your house to create a network. The speeds of this connection are rather slow at 50 Kbps to 14 Mbps, depending on which specification you implement.

Answer 211

A metropolitan area network (MAN) would be used by the hospital to connect its various neighborhood offices to the main facility when all are located within the same city or region. MANs connect several LANS together in an area roughly the size of a city.

Answer 212

Hypertext Transfer Protocol (HTTP) is assigned to the well-known Transmission Control Protocol (TCP) port 80, so you are most likely using HTTP to transfer data. HTTP is used to transfer data between Web browsers and Web servers on a TCP/IP network. HTTP is a stateless protocol, which means that neither the server nor the client collect or maintain information about one another. HTTP works at the Application layer (Layer 7) of the OSI model.

Answer 213

Of the listed Open Systems Interconnection (OSI) model layers, a Multistation Access Unit (MAU) operates at the Physical layer (Layer 1). An MAU is a network connection concentrator used on Token Ring networks. An MAU is similar to a hub, which is a network connection concentrator used on star-wired Ethernet networks. The Physical layer of the OSI model defines how data bits are translated into energy pulses that are sent over network cabling media. The Physical layer also defines network topologies, such as the ring, bus, and mesh topologies. Hubs, transceivers, and repeaters, network interface cards (NICs), and wireless cards work at the Physical Layer. If you must enable or turn on a NIC or wireless card, the problem is occurring at the Physical layer.

Answer 214

Category 5 UTP cabling is the most widely used category of UTP cable. Category 5 wiring consists of four twisted pairs of copper wire terminated by RJ-45 connectors. Category 5 cabling can support frequencies of up to 100 MHz and speeds of up to 100 Mbps. It can be used for ATM, Token Ring, 1000Base-T, 100Base-T, and 10Base-T networking.

Answer 215

IPv6 (version 6), or IPng (next generation), offers the following improvements over IPv4: The IP address size increases from 32 bits to 128 bits. Some of the header fields have been dropped. Version 6 has less rigid length limits and the ability to introduce new options. Packets will indicate particular traffic type. Support will be provided for data integrity and confidentiality. The IPv6 header is 40 fixed bytes and has eight fields of information.

Answer 216

A brouter operates at both the Data Link layer (Layer 2) and the Network layer (Layer 3) of the Open Systems Interconnection (OSI) model. A brouter can act as a bridge or a router. When acting as a bridge, a brouter operates at the Data Link layer of the OSI model. When acting as a router, a brouter operates at the Network layer of the OSI model.

Answer 217

Session Initiation Protocol (SIP) is the protocol used on a VoIP network. It is an Application layer protocol. VoIP allows you to transmit audio and video messages over a TCP/IP network. Real-time Transport Protocol (RTP) is another protocol used in VoIP. Both SIP and RTP work at the Application layer of the OSI model. Internet Protocol (IP) is used to transmit data over a data network.

Answer 218

1000Base-CX is designed for wiring closets. It has a transmission rate of 1,000 Mbps and a maximum segment length of 25 meters (82 feet).

Answer 219

Network Time Protocol (NTP) communicates over TCP port 123. It is responsible for synchronizing the clock settings on a computer. Proper clock synchronization is vital for many directory service applications. Communication over TCP port 123 is not a reason to be alarmed. NTP works at the Application layers of the OSI model.

Answer 220

Coarse wavelength division multiplexing (CWDM) is a WDM system that would be best suited for short-range fiberoptic transmission because it uses fewer than eight active wavelengths per fiber. This technology is designed for short-range communications, causing it to employ wide-range frequencies with wavelengths that are far apart. CWDM is a compact and cost-effective option when spectral efficiency is not a requirement.

Answer 221

Dense wavelength division multiplexing (DWDM) enables long-range communications. It can fit up to ninety-six wavelengths into the C-band spectrum of a fiber cable, utilizing a tighter wavelength spacing to fit more channels onto a single fiber. While this system extends transmission range, it is more costly to implement and more timeconsuming to operate than CWDM.

Answer 222

Both DWDM and CWDM were developed from wavelength division multiplexing (WDM). WDM is a technique in fiber optic transmissions to send data using multiple wavelengths of light over the same medium. With WDM, two or more colors of light can travel on one fiber strand to send several signals in an optical waveguide at different wavelengths or frequencies.

Answer 223

The 1000Base-SX and 1000Base-LX standards use fiber optic cable. They are Gigabit Ethernet technologies. 1000Base-SX uses multi-mode fiber optic cable. 1000Base-LX uses single-mode or multi-mode fiber optic cable. 1000Base-SX and 1000Base-LX do not use unshielded twisted pair (UTP), shielded twisted pair (STP), or coaxial cable. 1000Base-CX uses shielded twisted pair (STP) cable for short-haul cable runs.

Answer 224

Class of Service (CoS) implements packet tagging in a local area network (LAN). It tags the different types of traffic, such as video streaming or VoIP. The tag is a value between 0 and 8, with 0 being the highest priority.

Answer 225

You should implement virtual servers and switches. Implementing virtual servers would allow you to host a Linux environment for Web services and a Windows environment for Active Directory services on the same physical server. Implementing virtual switches will allow you to host the services on different broadcast domains.

Answer 226

In a mesh topology, every device has a dedicated connection to every other device using a series of point-to-point connections. In the case of a WAN, a mesh topology connects each individual network to each other network in an intranetwork. This type of topology is very expensive because of its redundant links, but it provides a high level of fault tolerance. Therefore, it is typically seen in a WAN environment where fault tolerance is a major concern.

Answer 227

Pin 1 in the 568A cable specification should contain the Green/White wire. The 568A specification is shown below: Pin 1 − Green/White Pin 2 − Green Pin 3 − Orange/White Pin 4 − Blue Pin 5 − Blue/White Pin 6 − Orange Pin 7 − Brown/White Pin 8 − Brown

Answer 228

Pin 1 − Orange/White Pin 2 − Orange Pin 3 − Green/White Pin 4 − Blue Pin 5 − Blue/White Pin 6 − Green Pin 7 − Brown/White Pin 8 − Brown

Answer 229

Very high data rate Digital Subscriber Line (VDSL) provides the highest data rate, at 51 to 55 megabits per second (Mbps) over cable lengths of up to 1,000 feet or 300 meters.

Answer 230

Class A − 12.174.x.x Class B − 162.58.x.x Class C − 219.214.x.x APIPA − 169.254.x.x Private − 172.16.x.x Loopback − 127.0.x.x Multicast − 225.47.x.x

Answer 231

Cat5 − Up to 100 m and 100 Mbps Cat6 − Up to 100 m and 1 Gbps Multi-mode Fiber − Up to 500 m and 10 Gbps Single-mode Fiber − Up to 40 km and 10 Gbps ThickNet − Up to 500 m and 10 Mbps and uses RG-6 coaxial cabling ThinNet − Up to 185 m and 10 Mbps and uses RG-59 coaxial cabling Cat6a/7 − Up to 100 m and 10 Gbps Cat 8 − Up to 30 m when supporting 25 Gbps and 40 Gbps, and up to 100m when supporting 10Gbps

Answer 232

You should use Dynamic Host Configuration Protocol (DHCP) to automatically configure the hosts on your network with IP configurations. DHCP was designed to automatically configure frequently moved, fully boot-capable computers, such as laptop computers, with IP configurations. You can use DHCP to configure such IP settings as IP address, subnet mask, and default gateway address. Typically, DHCP information is leased to a client for a limited period. DHCP clients usually release DHCP information when they are shut down. When a DHCP client retrieves IP configurations from a DHCP server, the DHCP client is not necessarily configured with the same IP configurations as on previous occasions.

Answer 233

To ensure that a Web server always receives the same IP address from the DHCP server, you should create a DHCP reservation. A DHCP reservation is created at the DHCP server and is based on the MAC address of the leasing device. When the device connects to the network, it sends a DHCPRequest message that contains its MAC address. The DHCP server will then assign the IP address that is stipulated in the DHCP reservation. If the MAC address in the device changes for any reason, the DHCP reservation must be re-created. DHCP reservations are also referred to as MAC reservations.

Answer 234

The Internet Small Computer Systems Interface (iSCSI) protocol is used in storage area networks (SANs), local area networks (LANs), wide area networks (WANs), and the Internet. It provides the communication framework, allowing SCSI commands to transmit over an IP network.

Answer 235

Network Time Protocol (NTP) would be implemented to provide accurate time-stamping for purchases. It is used to synchronize the clocks of computers on the network. Synchronization of time is important in areas such as event logs, billing services, e-commerce, banking, and HIPAA Security Rules.

Answer 236

You should deploy Simple Network Management Protocol (SNMP) to monitor network devices. It uses port 161 to communicate. Information about a managed device's resources and activity is defined by a series of objects and is contained by a managed device's Management Information Base (MIB). SNMP management software can request each of the MIB objects from an SNMP agent, referred to as an SNMP walk. Different SNMP messages can be sent, including: Get − retrieves information from a managed device. Set − sets a variable in a managed device or triggers an action on a managed device\ Trap − an unsolicited message sent from a managed device to an SNMP manager, which can notify the SNMP manager about a significant event that occurred on the managed device. SNMP can send traps to the network management software you are using, to your e-mail address, or to another destination.

Answer 237

Syslog messages and SNMP traps trigger notification messages that can be sent via email and SMS. A syslog server receives and stores log messages sent from syslog clients. A syslog client sends logging information to a syslog server. A syslog server ensures that a network administrator can review device error information from a central location.

Answer 238

Lease − a single IP address that is being used by a DHCP client Option − a parameter that can be used to assign router, DNS server, and other information to DHCP clients Scope − a range of possible IP addresses that a DHCP server can assign Reservation − an allocation of a single IP address to a MAC address

Answer 239

Coaxial cable has an inner conductor surrounded by a shield. The inner conductor is separated from the shield using an insulating material. Coaxial cable comes in two varieties: ThinNet and ThickNet. ThinNet cable is .64 centimeters (.25 inches) thick and carries signals up to 185 meters (607 feet). ThickNet is 1.27 centimeters (.5 inches) thick and carries signals up to 500 meters (1,640 feet). Like a coaxial cable, a twinaxial cable is a copper cable. However, unlike a coaxial cable, a twinaxial cable has two internal conductors. Twinaxial cables are often seen as a cost-efficient method for very short and high-speed communication.

Answer 240

The Transport layer is responsible for the reliable delivery of segments without error. This means that the Transport layer is not only responsible for making sure that segments of data are delivered, but also for ensuring that segments of data arrive without error. The Transport layer uses segment sequencing to put any incorrectly ordered segments into the correct sequence.

Answer 241

The layers of the OSI model, along with their layer numbers, are shown below: Layer 1 – Physical layer Layer 2 – Data Link layer Layer 3 – Network layer Layer 4 – Transport layer Layer 5 – Session layer Layer 6 – Presentation layer Layer 7 – Application layer

Answer 242

The 10GBase-SW designation is for use with Synchronous Optical Networking (SONET) networks. Other SONET network designations include 10GBase-EW, 10GBase-LW, and 10GBase-ZW. The W designation in the 10GBase specification includes SONET usage.

Answer 243

T1 lines can provide fast, digital connections of up to 1.544 Mbps, transmitting voice, data, and video. A T1 line also provides a dedicated connection, which means that it provides a 24-hour link. A T1 line is more expensive than a dial-up connection using Plain Old Telephone Service (POTS) or an Integrated Services Digital Network (ISDN) connection, but this company needs enough bandwidth to accommodate its 6 top-level executives, which justifies the additional cost. If the full bandwidth of the T1 proves too costly or unnecessary, fractional T1 is available. With a fractional T1, you can subscribe to one or more of the 24 available channels at a lower cost than T1.

Answer 244

You should use Software as a Service (SaaS) to deploy the suite of applications. This will ensure on-demand, online access to the suite without the need for local installation. Another example of this type of cloud computing deployment is when a company needs to give employees access to a database but cannot invest in any more servers. WebMail is an example of this cloud computing type.

Answer 245

Virtualization hosts one or more operating systems (OSs) within the memory of a single physical host computer. This mechanism allows virtually any OS to operate on any hardware and allows multiple OSs to work simultaneously on the same hardware. Virtualization would not be the best choice here because it would limit the number of users who could access the application suite. In addition, the performance of the virtual machine would decline as more users simultaneously access the application suite.

Answer 246

PaaS is a platform that provides not only a deployment platform but also a value added solution stack and an application development platform. It provides customers with an operating system that is easy to configure. It is on-demand computing for customers.

Answer 247

IaaS is a platform that provides computer and server infrastructure typically provided as a virtualization environment. The platform would provide the ability for consumers to scale their infrastructure up or down by domain and pay for the resources consumed. This cloud computing model provides the greatest flexibility but requires a greater setup and maintenance overhead than the other cloud computing models.

Answer 248

A part of the Network+ exam, CompTIA cover three main cloud models: SaaS, PaaS, and IaaS. The security control that is lost when using cloud computing is physical control of the data. The main difference between virtualization and cloud computing is location and ownership of the physical components. When virtualization is used, a computer uses its own devices to set up a virtual machine. When cloud computing is used, a company pays for access to another company's devices.

Answer 249

Another cloud model that is covered in the Network+ exam is the Desktop as a Service model (DaaS). This model is used to deliver a complete virtual desktop environment to users that includes a fully operational operating system, applications, and user preferences from a cloud environment. These virtual desktops are often managed by the cloud provider.

Answer 250

Other cloud technologies that you need to be familiar with include: Private cloud − a cloud infrastructure operated solely for a single organization that can be managed internally or by a third party and host internally or externally. Public cloud − when the cloud is rendered over a network that is open for public use. Community cloud − shares infrastructure between several organizations from a specific community that can be managed internally or by a third party and hosted internally or externally. Hybrid cloud − two or more clouds (private, public, or community) that retain unique names but are bound together, offering the benefits of multiple deployment models. Infrastructure as code (IaC) – the process of automating the provisioning network infrastructure to enable an organization to develop, deploy, and scale cloud applications with greater speed and less risk at a reduced cost. With IaC, developers can automate the testing process to enable them to test applications within a secure areaearly in the development cycle, allowing them to design stronger and more secure applications. IaC also enables developers to utilize orchestration to assign workloads to the most appropriate nodes to ensure better resource utilization and management throughout the application process.

Answer 251

The subnet mask enables TCP/IP to find the destination host's location on either the local network or a remote location. Subnets are used for the following reasons: to expand the network to reduce congestion to reduce CPU use to isolate network problems to improve security to allow combinations of media, because each subnet can support a different medium

Answer 252

When implementing SOHO networks, you need to have a clear understanding of the following concepts: List of requirements − This list will guide you to select the appropriate network media, devices, and services. The best way to ensure that this list is comprehensive is to interview different personnel for their opinions. Also, you need to assess the facility that will contain the network. The facility itself may cause certain requirements or restrictions to be in place. Device types/requirements − Once you document the network requirements, these requirements will help you to determine which devices you need on your network. If you need to divide your network into areas of traffic isolation, you may want to implement a switch. Otherwise, you may simply need a router. Keep in mind that you should document availability and speed needs so that you can ensure that the network you implement can support them. Environment limitations − Record any environment limitations. Is the location dusty? Is it dry or humid? What about the HVAC considerations? Also, you should check for electrical outlets and any electromagnetic or radio interference that exists. When determining where to install a server, you should first consider environmental limitations because servers will have definite cooling needs. Equipment limitations − Does any of the current or planned equipment have connection limitations, performance limitations, or any other limiting factor? For example, routers only support a certain number of connections. It may be better to purchase a router with more connections just to ensure that the network is capable of growth, even if this means increasing the budget. Compatibility requirements − You must ensure that any devices, equipment, or media are compatible with the network and its hosts. You should analyze all of the computers and devices currently in use, no matter how insignificant they are. Wired/wireless considerations − You need to determine if you want to use a wired network, a wireless network, or both. Perform a site survey to determine if there are other wireless networks in the area, which will affect your choice of wireless frequency and channel. You should also document any objects that will cause electromagnetic and radio frequency interference. Security considerations − Document any security issues that you expect. Of course, this includes virus and malware issues, but it goes so much further than that. Will you allow guest access to the network? Will you allow personnel to use personal mobile devices or flash drives? Can closets that will contain network devices be locked? Is there a secure room to contain the servers?

Answer 253

The following allocations should be made for the networks: Administrative − /29 Sales − /26 Marketing − /27 Research − /28 Remainder − /25 For the Administrative network, the /29 designation will support up to 6 hosts. For the Sales network, the /26 designation will support up to 62 hosts. For the Marketing network, the /27 designation will support up to 30 hosts. For the Research network, the /28 designation will support up to 14 hosts. A total of 112 IP addresses will be used by the departments. The Remainder group uses a /25 notation, which supports up to 126 hosts.

Answer 254

NAT is a service that translates one or more global IP addresses to local IP addresses. This mapping is done through the NAT router. For example, if a request is sent from the internal network to a destination outside the company, that request will be mapped to the global IP address and then sent outside the company's network. To the outside world, only the global IP address is known. NAT increases the security of a network because it hides the IP addresses of internal hosts from the Internet or other public network.

Answer 255

User Datagram Protocol (UDP) is a connectionless protocol; thus, it will drop the packets and it will not automatically retransmit them. Because an application is not typically responsible for transmitting data packets across a network, the application in this scenario cannot drop the packets. Instead, an application that uses UDP will usually detect that UDP has dropped packets, and the application will retransmit any dropped packets.