Chapter 1 - Network Fundamentals Flashcards

Question 1

Q

Which statement is a valid reason the OSI reference model was created?

A. It encourages vendors to create proprietary standards for any component of the
OSI.
B. It allows for changes on one layer to apply to another layer so they can work together.
C. It prevents industry standardization of network processes.
D. It divides network communication into smaller components for design and troubleshooting.

Answer

A

D. The OSI reference model was created to divide the network communication process into smaller components for standardization, design, and troubleshooting purposes. It also allows for a nonproprietary standardization of components and prevents a change at one layer from affecting other layers.

Question 2

Q

When a program uses encryption such as SSL, which layer is responsible? A. Presentation layer
B. Transport layer
C. Data Link layer
D. Session layer

Answer

A

A. The Presentation layer is responsible for encryption and decryption. Web servers use SSL to encrypt data and the client uses SSL to decrypt the data. SSL processing for both server and client is done at the Presentation layer.

Question 3

Q

Which device would primarily function at the Data Link layer?
A. Routers B. Firewalls C. Gateways
D. Switches

Answer

A

D. Switches primarily function at the Data Link layer. They inspect frames to direct traffic to the appropriate port by employing source MAC address learning and forward/filter decisions.

Question 4

Q

Which is the proper order of the OSI layers?
A.Application,Transport,Session,Presentation,Network,DataLink,Physical B. Presentation,Application,Session,Transport,Network,DataLink,Physical C. Application,Presentation,Session,Transport,Network,DataLink,Physical D. Application,Presentation,Transport,Network,Session,DataLink,Physical

Answer

A

C. A simple way of remembering the order of the OSI layers is with a mnemonic such as All People Seem To Need Drinking Parties or All People Seem To Need Data Processing.

Question 5

Q

Which OSI layer is responsible for logical addressing? A. Transport layer
B. Network layer
C. Application layer
D. Data Link layer

Answer

A

B. The Network layer is responsible for logical addressing. Routers use logical addressing for path determination to remote networks the same way the post office uses zip codes and street addresses to route mail.

Question 6

Q

Which OSI layer is responsible for connection-oriented communication?
A. Transport layer
B. Presentation layer C. Data Link layer
D. Application layer

Answer

A

A. Connection-oriented communication happens at the Transport layer with TCP. TCP uses a three-way handshake to establish a connection. Once it is established, sequences and acknowledgments make sure that data is delivered. Both server and client have a virtual circuit during the establishment.

Question 7

Q

Which layer is responsible for compression and decompression?
A. Application layer B. Physical layer
C. Session layer
D. Presentation layer

Answer

A

D. The Presentation layer is responsible for compression and decompression. Compression methods can be MP3, JPG, and ZIP, which reduce the number of bits that need to be transmitted over the network. Often web servers use gzip to speed up page delivery. One end compresses and the other end decompresses the data.

Question 8

Q

Which layer of the OSI is responsible for dialog control of applications? A. Application layer
B. Physical layer C. Session layer
D. Network layer

Answer

A

C. Applications are found in the upper three layers and dialog control is found in the session layer. An example of dialog control is how an application such as instant messaging sends messages with half-duplex conversations like a walkie-talkie.

Question 9

Q

At which layer of the OSI can you find DTE and DCE interfaces?
A. Application layer B. Physical layer
C. Session layer
D. Transport layer

Answer

A

B. DTE and DCE interfaces are defined at the Physical layer. The original interfaces referred to computers and modems, respectively. However, today the DTE and DCE interfaces define the equipment such as hosts and switches, respectively.

Question 10

Q

At which DoD model layer does Telnet, TFTP, SNMP, and SMTP function?
A. Host-to-Host layer
B. Process/Application layer C. Internet layer
D. Network Access layer

Answer

A

B. Telnet, TFTP, SNMP, and SMTP all function at the Process/Application layer according to the DoD model. The Process/Application layer is a macro layer combining the Application, Presentation, and Session layers of the OSI model.

Question 11

Q

An administrator is checking to make sure that SNMP is working properly. Which is the highest layer checked in the OSI if it is working successfully?
A. Application layer B. Presentation layer C. Session layer
D. Network layer

Answer

A

A. Since SNMP is an application, if it returns back successfully, then we can conclude that the Application layer on the client successfully made a connection to the Application layer on the server.

Question 12

Q

The receiving computer checked the checksum of a frame. It had been damaged during transfer, so it is discarded. At which layer of the OSI did this occur?
A. Physical layer B. Data Link layer C. Network layer
D. Session layer

Answer

A

B. The Data Link layer is responsible for checking the FCS, or Frame Checking Sequence, which is a checksum of the frame. This occurs on the MAC sublayer of the Data Link layer.

Question 13

Q

13. Which layer in the DoD model is responsible for routing?
A. Host-to-Host layer
B. Process/Application layer
C. Internet layer
D. Network Access layer

Answer

A

C. The Internet layer of the DoD model maps to the Network layer of the OSI model. The Network layer is where routing occurs.

Question 14

Q

Which devices create collision domains, raising effective bandwidth? A. Firewalls
B. Hubs
C. Routers
D. Switches

Answer

A

D. Switches create collision domains by isolating the possibility of a collision to the segment it is transmitting to or receiving frames from. This in turn raises effective bandwidth for the rest of the segments.

Question 15

Q

Which device acts like a multiport repeater?
A. Firewall B. Hub
C. Router
D. Switch

Answer

A

B. A hub is a multiport repeater. When a hub receives a frame, it will repeat the frame on all other ports, regardless of whether or not the port is the destination host.

Question 16

Q

Which layer of the OSI defines the PDU, or protocol data unit, of segments?
A. Application layer B. Session layer
C. Network layer
D. Transport layer

Answer

A

D. The segment PDU is found at the Transport layer of the OSI. TCP/IP comprises two protocols at this layer: TCP and UDP, which create segments.

Question 17

Q

Which device will create broadcast domains and raise effective bandwidth?
A. Firewall B. Hub
C. Router
D. Switch

Answer

A

C. A router will stop broadcasts by default. If you add a router to a flat network, which is a single broadcast domain, you effectively raise bandwidth by reducing the number of broadcasts

Question 18

Q

Which is a correct statement about MAC addresses?
A. Organizationally unique identifiers (OUIs) create a unique MAC address. B. The first 24 bits of a MAC address is specified by the vendor.
C. The IEEE is responsible for MAC address uniqueness.
D. If the I/G bit is set to 1, then the frame identifies a broadcast or multicast.

Answer

A

D. When the Individual/Group (I/G) high order bit is set to 1, the frame is a broadcast or a multicast transmission. The OUI assigned by the IEEE is only partially responsible for MAC uniqueness. The vendor is responsible for the last 24 bits of a MAC address

Question 19

Q

19. Which access/contention method is used for Ethernet?
A. CSMA/CA 
B. CSMA/CD
C. 802.2
D. Token passing

Answer

A

B. Carrier Sense Multiple Access/Collision Detection (CSMA/CD) is a contention method that allows multiple devices to share the access media and detect collisions of frames.

Question 20

Q

What is the correct order of encapsulation?
A. Userdatagrams,packets,segments,frames,bits
B. Userdatagrams,sessions,segments,packets,frames,bits
C. Userdatagrams,segments,packets,frames,bits
D. Bits,frames,sessions,packets,userdatagrams

Answer

A

C. The correct order of encapsulation starting with the Application layer is user datagrams, segments, packets, frames, and bits.

Question 21

Q

Which application provides terminal emulation over a network?
A. SNMP B. Telnet C. HTTP
D. TFTP

Answer

A

B. Telnet is used for terminal emulation over a network to a device expecting terminal emulation, such as a router or switch.

Question 22

Q

Which protocol is responsible for identifying upper-layer network protocols at the Data Link layer?
A. LLC B. MAC C. 802.3
D. FCS

Answer

A

A. Logical Link Control (LLC) is responsible for identifying network protocols at the Data Link layer. This allows the Data Link layer to forward the packet to the appropriate upper-layer protocol.

Question 23

Q

The translation of ASCII to EBCDIC is performed at which layer of the OSI?
A. Application layer B. Session layer
C. Presentation layer
D. Data Link layer

Answer

A

C. The Presentation layer is responsible for translation such as ASCII to EBCDIC. All translation, encryption/decryption, and compression/decompression happens at the Presentation layer.

Question 24

Q

24. Which is not a common cause for LAN congestion?
A. Broadcasts
B. Multicasts
C. Adding switches for connectivity
D. Using multiple hubs for connectivity

Answer

A

C. Broadcasts, multicasts, and multiple hubs for connectivity are all common causes of LAN congestion. Adding switches for connectivity has no direct relationship to LAN congestion, since switches create collision domains and raise effective bandwidth.

Question 25

Q

Flow control can be found at which layer of the OSI?
A. Transport layer

B. Network layer C. Data Link layer
D. Session layer

Answer

A

A. The Transport layer is responsible for flow control via the TCP/IP protocols of TCP and UDP.

Question 26

Q

Which protocol requires the programmer to deal with lost segments? A. SSL
B. TCP C. UDP D. NMS

Answer

A

C. User Datagram Protocol (UDP) does not guarantee segments are delivered. Therefore, the programmer must account for segments that are never received or out of order.

Question 27

Q

Which is a correct statement about the Transmission Control Protocol (TCP)? A. TCP is a connectionless protocol.
B. TCP allows for error detection and correction. C. TCP is faster than UDP.
D. TCP allows for retransmission of lost segments

Answer

A

D. TCP is a connection-based protocol via the three-way handshake. It is not faster than UDP. However, it allows for the retransmission of lost segments because of sequences and acknowledgments.

Question 28

Q

Which statement correctly describes what happens when a web browser initiates a request to a web server?
A. The sender allocates a port dynamically above 1024 and associates it with the request.
B. The receiver allocates a port dynamically above 1024 and associates it with the request.
C. The sender allocates a port dynamically below 1024 and associates it with the request.
D. The receiver allocates a port dynamically below 1024 and associates it with the request.

Answer

A

A. The sender allocates a port dynamically above 1024 and associates it with the request through a process called a handle. This way if a web browser creates three requests for three different web pages, the pages are loaded to their respective windows.

Question 29

Q

Which protocol and port number is associated with SMTP? A. UDP/69
B. UDP/25 C. TCP/69 D. TCP/25

Answer

A

D. The Simple Mail Transfer Protocol (SMTP) uses TCP port 25 to send mail.

Question 30

Q

How does TCP guarantee delivery of segments to the receiver? A. Via the destination port
B. TCPchecksums
C. Window size
D. Sequence and acknowledgment numbers

Answer

A

D. TCP guarantees delivery of segments with sequence and acknowledgment numbers. At the Transport layer, each segment is given a sequence number that is acknowledged by the receiver.

Question 31

Q

When a programmer decides to use UDP as a transport protocol, what is a decision factor?
A. Redundancy of acknowledgment is not needed. B. Guaranteed delivery of segments is required. C. Windowing flow control is required.
D. A virtual circuit is required

Answer

A

A. When a programmer decides to use UDP, it is normally because the programmer is sequencing and acknowledging datagrams already. The redundancy of acknowledgments at the Transport layer is not needed.

Question 32

Q

Which mechanism allows for programs running on a server (daemons) to listen for requests through the process called binding?
A. Headers
B. Port numbers C. MAC address
D. Checksums

Answer

A

B. When a daemon or server process starts, it binds to a port number on which to listen for a request. An example is when a web server binds to the port number of TCP/80.

Question 33

Q

Which is a correct statement about sliding windows used with TCP?
A. The window size is established during the three-way handshake.
B. Sliding windows allow for data of different lengths to be padded.
C. It allows TCP to indicate which upper-layer protocol created the request.
D. It allows the router to see the segment as urgent data.

Answer

A

A. The window size, which is a buffer, is established and agreed upon by the sender and receiver during the three-way handshake.

Question 34

Q

Why does DNS use UDP?
A. DNS requires acknowledgment of the request for auditing.
B. The requests require flow control of UDP.
C. DNS requests are usually small and do not require connections setup.
D. DNS requires a temporary virtual circuit.

Answer

A

C. DNS requests are usually small and do not require the overhead of sequence and acknowledgment of TCP. If a segment is dropped, the DNS protocol will ask again

Question 35

Q

35. What is required before TCP can begin sending segments?
A. Three-way handshake 
B. Port agreement
C. Sequencing of segments
D. Acknowledgment of segments

Answer

A

A. A three-way handshake is required between sender and receiver before TCP can begin sending traffic. During this three-way handshake, the sender’s window buffer size is synchronized with the receiver’s window buffer size.

Question 36

Q

Which term describes what it is called when more than one wireless access point (WAP) covers the same SSID?

A. Broadcast domain B. Basic service set
C. Extendedserverset
D. Wireless mesh

Answer

A

C. When more than one WAP covers the same SSID, it is called an extended service set (ESS). A wireless LAN (WLAN) controller coordinates the cell or coverage area so the same SSID is on two different channels.

Question 37

Q

Which protocol allows a Lightweight AP (LWAP) to forward data to the wired LAN?
A. Spanning Tree Protocol (STP)
B. Bridge protocol data units (BPDUs)
C. Orthogonal Frequency Division Multiplexing (OFDM)
D. Control and Provisioning of Wireless Access Points (CAPWAP)

Answer

A

D. Control and Provisioning of Wireless Access Points is a protocol that’s responsible for provisioning of LWAPs and forwarding of data to the wireless LAN controller.

Question 38

Q

38. Which component allows wireless clients to roam between access points and maintain authentication?
A. Basic service set
B. Extended service set
C. Wireless LAN controller
D. Service set ID

Answer

A

C. The wireless LAN controller (WLC) is responsible for centralized authentication of users and/or computers on a wireless network. When a wireless device is roaming, the WLC is responsible for maintaining the authentication between access points

Question 39

Q

Which is a valid reason to implement a wireless LAN controller (WLC)?
A. Centralizedauthentication
B. The use of autonomous WAPs C. Multiple SSIDs
D. Multiple VLANs

Answer

A

A. Centralized authentication of clients is a valid reason to implement a WLC. Although a WLC makes it easier to implement multiple SSIDs and VLANs, this task can be performed with autonomous WAPs, each performing its own authentication.

Question 40

Q

40. You require a density of 100 wireless clients in a relatively small area. Which design would be optimal?
A. Autonomous WAPs with a WLC
B. Lightweight WAPs with a WLC
C. Autonomous WAPs without a WLC
D. Lightweight WAPs without a WLC

Answer

A

B. To achieve density and/or bandwidth in a relatively small area, you will need to deploy lightweight WAPs with a WLC. Although autonomous WAPs without a WLC would work, it would be problematic due to frequency coordination and roaming.

Question 41

Q

When designing a wireless network, which would be a compelling reason to use 5 GHz?
A. 5 GHz can go further.
B. 5 GHz allows for more clients.

C. There are 24 non-overlapping channels. D. There is less interference on 5 GHz.

Answer

A

C. The 5 GHz band for 802.11 a/n/ac has 24 non-overlapping channels. The 2.4 GHz band for 802.11 b/g/n has only 3 non-overlapping channels. If the clients are compatible with 802.11 a/n/ac, it is desirable to use 5 GHz

Question 42

Q

Which allows for seamless wireless roaming between access points? A. Single SSID
B. Single service set C. 802.11ac
D. Wireless LAN controller

Answer

A

D. A wireless LAN controller keeps track of which LWAP a client has associated to and centrally forwards the packets to the appropriate LWAP.

Question 43

Q

In the 2.4 GHz spectrum for 802.11, which channels are non-overlapping?
A. Channels1,3,and11 B. Channels1,3,and6 C. Channels1,6,and11
D. Channels 1 through 6

Answer

A

C. In the 2.4 GHz spectrum for 802.11, there are three non-overlapping channels— 1, 6, and 11, each of which is 22 MHz wide. Although channel 14 technically is non- overlapping, it is only allowed in Japan.

Question 44

Q

Which is one of the critical functions that a wireless LAN controller performs?
A. Allows autonomous WAPs
B. Synchronizes the WAPs with the same IOS C. Triangulates users for location lookups
D. Allows for the use of all frequency channels

Answer

A

B. When WAPs are introduced to the wireless LAN controller, the WLC is responsible for synchronizing the WAPs to a standardized IOS. This allows for uniform support and features of the wireless system and is dependent on the model of WAP.

Question 45

Q

Which is the contention method 802.11 wireless uses?
A. CSMA/CA B. CSMA/CD C. BSSS
D. OFDM

Answer

A

A. 802.11 uses a contention method of Carrier Sense Multiple Access/Collision Avoidance. 802.11 implements a Request to Send/Clear to Send mechanism that avoids collisions.

Question 46

Q

When firewalls are placed in a network, which zone contains Internet-facing services?
A. Outside zone
B. Enterprise network zone C. Demilitarizedzone
D. Inside zone

Answer

A

C. The demilitarized zone (DMZ) is where Internet-facing servers/services are placed.

Question 47

Q

According to best practices, what is the proper placement of a firewall?
A. Only between the internal network and the Internet

B. At key security boundaries C. In the DMZ
D. Only between the DMZ and the Internet

Answer

A

B. Firewalls should always be placed at key security boundaries, which can be the Internet and your internal network. However, proper placement is not exclusive to the boundaries of the Internet and internal networks. For example, it could be placed between two internal networks, such as R&D and guest networks.

Question 48

Q

Which is a false statement about firewalls?
A. Firewalls can protect a network from external attacks. B. Firewalls can protect a network from internal attacks. C. Firewalls can provide stateful packet inspection.
D. Firewalls can control application traffic.

Answer

A

B. Firewalls cannot provide protection from internal attacks on internal resources. They are designed to protect networks from external attacks or attacks emanating from the outside or directed toward the Internet.

Question 49

Q

Which of the following options is not a consideration for the management of a firewall?
A. All physical access to the firewall should be tightly controlled. B. All firewall policies should be documented.
C. Firewall logs should be regularly monitored.
D. Firewalls should allow traffic by default and deny traffic explicitly.

Answer

A

A. All physical access to a firewall should be controlled tightly so that it is not tampered with, which could allow external threats to enter the network. This control should include vendors and approved administrators. Physical access to the firewall is a security principal and therefore not a consideration for the management of a firewall.

Question 50

Q

What is the reason firewalls are considered stateful?
A. Firewalls keep track of the zone states.
B. Firewalls keep accounting on the state of packets. C. Firewalls track the state of a TCP conversation.
D. Firewalls transition between defense states.

Answer

A

C. Firewalls keep track of the TCP conversation via the SYN-SYN/ACK-ACK three- way handshake. This is done so that a DoS attack such as a SYN flood can be mitigated.

Question 51

Q

You have an Adaptive Security Appliance (ASA) and two separate Internet connections via different providers. How could you apply the same policies to both connections?
A. Place both connections into the same zone. B. Place each connection into an ISP zone.
C. Apply the same ACL to both of the interfaces.
D. Each connection must be managed separately.

Answer

A

A. ASA allow for zones to be created and the connections applied to the zones. This methodology allows for security rules to be applied uniformly to the outside zone.

Question 52

Q

Why should servers be placed in the DMZ?
A. So that Internet clients can access them
B. To allow access to the Internet and the internal network C. To allow the server to access the Internet
D. To restrict the server to the Internet

Answer

A

B. Servers should be placed in the DMZ so they can access both the inside zone and outside zone. This will allow a server such as a web server to allow client access from the Web (outside). Rules could also be applied so that the server (for example, a database server) could allow access to data from within the internal network (inside

Question 53

Q

Which type of device will detect but not prevent unauthorized access? A. Firewall
B. IPS C. IDS
D. Honey pots

Answer

A

C. An IDS, or intrusion detection system, will detect unauthorized access. However, it will not prevent unauthorized access. It is a form of audit control in a network.

Question 54

Q

When a firewall matches a URI, it is operating at which layer?
A. Layer7 B. Layer5 C. Layer4 D. Layer3

Answer

A

A. When a firewall matches a Uniform Resource Identifier (URI), such as a URL, it is operating at layer 7. This is known as a web application firewall, or WAF.

Question 55

Q

In which zone should an email server be located? A. Inside zone
B. Outside zone C. DNSzone
D. DMZ

Answer

A

D. Since the email server needs access to the Internet to send and receive mail, it should be placed in the demilitarized zone (DMZ). This will also allow access to internal clients in the inside zone.

Question 56

Q

Amazon Web Services (AWS) and Microsoft Azure are examples of what?
A. Publiccloudproviders B. Private cloud providers C. Hybridcloudproviders
D. Dynamiccloudproviders

Answer

A

A. AWS and Microsoft Azure are examples of public cloud providers. Private clouds are internally created, and hybrid clouds are a combination of services between your private cloud and the public cloud.

Question 57

Q

You are looking to create a fault tolerant colocation site for your servers at a cloud provider. Which type of cloud provider would you be searching for?
A. PaaS B. IaaS C. SaaS
D. BaaS

Answer

A

B. If you were looking to create a fault tolerant colocation site as a cloud provider, you would be searching for an Infrastructure as a Service provider. This would allow you to install your own operation system and applications.

Question 58

Q

Which allows for the distribution of compute resources such as CPU and RAM to be distributed over several operating systems?
A. Physical server B. Hypervisor

C. Virtual machine D. Virtual network

Answer

A

B. The hypervisor allows for multiple operating systems to share CPUs, RAM, network, and storage of a physical server.

Question 59

Q

Which option describes a virtual machine (VM) best?
A. An operating system that is running directly on hardware
B. An operating system that is running with dedicated hardware
C. An operating system that is running on reduced hardware features
D. An operating system that is decoupled from the hardware

Answer

A

D. A virtual machine, or VM, is an operating system that is running on hardware but is not directly attached to the hardware. It is decoupled from the hardware through the use of a hypervisor. The hypervisor creates an abstraction layer between the hardware and the operating system.

Question 60

Q

60. What is the physical hardware used in virtualization called?
A. Host
B. VM
C. Hypervisor
D. Guest

Answer

A

A. The physical hardware (such as a server) used in virtualization is the host.

Question 61

Q

61. Which component connects the virtual machine NIC to the physical network?
A. vNIC
B. Trunk
C. Virtual switch
D. NX-OS

Answer

A

C. A virtual switch connects the virtual machine NIC to the physical network.

Question 62

Q

Which component acts as a distribution switch for the physical data center?
A. Top of Rack switch B. End of Row switch C. Core switch
D. Virtual switch

Answer

A

B. The End of Row (EoR) switch acts as a distribution switch for the Top of Rack (ToR) switches.

Question 63

Q

Which is not a NIST criteria for cloud computing?
A. Resource pooling B. Rapidelasticity
C. Automatedbilling
D. Measuredservice

Answer

A

C. Automated billing is not a NIST criteria for cloud computing. It is essential for the cloud computing vendor, but is not relevant if you are hosting it yourself. The five NIST criteria for cloud computing are on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service.

Question 64

Q

Which term describes an internal IT department hosting virtualization for a company?
A. Public cloud

B. Elastic cloud C. Private cloud
D. Internal cloud

Answer

A

C. When an internal IT department hosts the virtualization for a company, it is called a private cloud.

Answer 65

A

B. A cloud services catalog satisfies the self-service aspect of cloud computing. It does this by listing all of the available VMs that can be created in the cloud environment, such as web servers, application server, databases, and so on.

Answer 66

A

C. A hosted medical records service is an example of a SaaS, or Software as a Service, model. The customer cannot choose variables such as vCPU or RAM. The cloud provider is responsible for the delivery of the software, maintenance of the OS, and maintenance of the hardware.

Answer 67

A

A. A hosted service that allows you to develop upon it is an example of the Platform as a Service (PaaS) model. The cloud provider is responsible for the delivery of APIs that developers can use to create programs.

Answer 68

A

C. An intercloud exchange is a service that connects multiple public clouds through a common private WAN connection. This allows a network engineer to configure the private WAN once and be able to transition between the public clouds on the service side without reconfiguration of the private WAN.

Answer 69

A

A. Internal bandwidth usage is not a consideration after conversion to a SaaS application. External bandwidth should be considered since internal users will access the application through the Internet. Location of the users should also be a deciding factor in moving to a SaaS model. Branch office connectivity to the Internet should be considered also when converting.

Answer 70

A

B. A virtual firewall or virtual router is an example of a VNF. These devices are typically network functions that are found in internal networks such as firewalls and routers. These devices perform basic network functionality and run as a virtual machine or virtual instance.

Answer 71

A

C. You will need a virtual router running static NAT to translate the two different IP networks. This type of service is called a virtual network function, or VNF.

Answer 72

A

C. Network Time Protocol (NTP) is a standardized protocol for network time synchronization

Answer 73

A

D. If you wanted to scale a web server out to several other web servers, you would use Server Load Balancing as a Server (SLBaaS) from your cloud provider.

Answer 74

A

C. Lowering bandwidth between the premises and your VMs on the public cloud is a direct benefit if locating NTP on the public cloud for VM time synchronization.

Answer 75

A

A. Bandwidth is the primary decision factor for moving DNS closer to the application in the public cloud. However, if the majority of DNS users are on premises, then it should remain on premises for bandwidth reasons.

Answer 76

A

B. Access layer switches connect to users and are edge network devices.

Answer 77

A

A. Distribution layer switches connect to access layer switches and core switches to
provide redundancy.

Answer 78

A

C. Core layer switches connect campuses together via the distribution layer switches.

Answer 79

A

C. The two-tier, or collapsed-core, model contains only the distribution and access layer switches.

Answer 80

A

A. Based on the layout of your network, the collapsed-core model is the most appropriate model to design. If at a later time other campuses are joined to the network, the core layer can be added.

Answer 81

A

B. Based on the layout of your network the three-tier model is the most appropriate model to design. Since there are four campuses, the core layer is recommended for connectivity.

Answer 82

A

D. Only switching between campus (distribution) switches should be performed at the core layer. Nothing should be done to slow down forwarding of traffic, such as using ACLs, supporting clients, or routing between VLANs.

Answer 83

A

B. The distribution layer is where redistribution of routing protocols should be performed. It should never be performed at the core or access layer.

Answer 84

A

C. The access layer is where collision domains should be created. This is called network segmentation.

Answer 85

A

C. The collapsed-core design model is best suited for small enterprises. It can later be expanded out to a three-tier model as an enterprise grows in size. It has no effect on bandwidth if designed right.

Answer 86

A

A. A star topology has a centralized switch connecting all of the devices outward like a star.

Answer 87

A

B. Increased redundancy of connections is a direct benefit of a full mesh topology. Although bandwidth will increase because of multiple paths, additional dynamic routing protocols will need to be implemented to achieve this.

Answer 88

A

C. The hybrid topology is most often seen at the access layer. The devices are connected in a star topology and the access layer switches are partially meshed to the distribution layer switches.

Answer 89

A

B. Distribution layer switches are fully meshed for redundancy. The number of links can be calculated with the formula of N(N – 1). So if you had four distribution switches, the ports required for a full mesh would be 4(4 – 1) = 4 × 3 = 12 ports among the four switches. The formula of N (N – 1) / 2 would give you the number of links (connected ports): 4(4 – 1) / 2 = 4 × 3 / 2 = 6 links.

Answer 90

A

A. Core layer switches are commonly set up in a star topology. This is because core layer switches connect multiple campuses via distribution layer switches.

Answer 91

A

A. The collapsed core layer switch uses a star topology connecting outward to the access layer switches. This design is often found in small enterprise and single campus design.

Answer 92

A

B. All links between switches are connected redundantly. This allows for both the forwarding plane and control plane to have multiple paths and redundancy. The forwarding plane forwards traffic, and the control plane controls routing between VLANs.

Answer 93

A

A. In a star topology, the central switch is connected outward to all edge switches. This is commonly seen at the core layer switch.

Answer 94

A

A. An autonomous WAP acts similarly to an access layer switch. However, WAPs normally do not have redundant links back to the distribution switches. So it acts more like a star topology, connecting the Ethernet and wireless clients together.

Answer 95

A

C. Generally, office buildings do not have direct runs to each switch closet from the other closets. Although a full mesh is desirable, sometimes only a partial mesh is achievable.

Answer 96

A

A. 1000Base-T is short for 1000 Baseband – Twisted pair. 1000Base-T utilizes all four pairs over standard Cat5e, whereas 100Base-T utilizes only two pairs of Cat5.

Answer 97

A

C. Single-mode fiber is 9 microns at its core. With proper transceivers, the signal can span 10 km to 70 km without needing to be retransmitted.

Answer 98

A

A. A straight-through cable would be used since routers are DTE, or data terminal equipment, and switches are DCE, or data communications equipment. DTE to DCE requires a straight-through cable.

Answer 99

A

A. 1000Base-T can be run up to 100 meters, or 328 feet, per its specification.

Answer 100

A

B. You connect to Cisco switches and routers via 900 baud, 8 data bits, no parity,
and 1 stop bit.

Answer 101

A

B. You would use a crossover cable because a switch is a DCE device. When connecting DCE to DCE, you would need to cross the connection with a crossover cable. Newer switches have MDI-X capabilities to detect the need for a crossover cable and will automatically switch the cable over if a straight-through cable is used.

Answer 102

A

B. Multi-mode fiber can be either 50 microns or 62.5 microns at its core. The maximum distance for 50 micron fiber is 550 meters utilizing the 1000Base-LX specification.

Answer 103

A

C. Although operation of computers connected to a switch uses a straight-through cable, management via the console port requires a rolled cable and an EIA/TIA 232 adapter.

Answer 104

A

C. 10GBase-CX is commonly used in data centers. It is referred to by its nickname of Twinax. It is a fixed, balanced coaxial pair that can be run up to 25 meters.

Answer 105

A

C. Cat5e can support up to 1 Gb/s via the 1000Base-T specification. Since 10Base- T, 100Base-T, and 1000Base-T can be run up to 100 meters in length, it allows for interchangeability with speeds. It was very common when Cat5e came out 16 years ago for installers to future-proof wiring installations with it.

Answer 106

A

B. It is most likely, since the interface was working before, that someone “shut down” the interface with the shutdown command. This can be seen in the show interface serial 0/0 command; the interface is reporting it is administratively shut down.

Answer 107

A

C. Traceroute should be used from the originating IP when the problem is to the destination IP. When the traceroute times out is most likely where the problem is located.

Answer 108

A

C. When you’re checking for speed and/or duplex issues, the show interface status command will detail all of the ports with their negotiated speed and duplex.

Answer 109

A

B. When you’re diagnosing frame forwarding on a switch, the MAC address table needs to be inspected to see if the switch has learned the destination MAC address.

Answer 110

A

A. When you’re trying to diagnose port security, the first command should be show port-security. This will detail all of the ports with port security and their expected behavior when port security is violated.

Answer 111

A

D. After isolating the problem, performing root cause analysis, and ultimately solving the problem, the implemented solution should be monitored or verified.

Answer 112

A

A. The first step to troubleshooting a problem is isolating the problem. This can be done various ways and can sometime include documenting the problem to understand the root cause.

Answer 113

A

B. The first command used to diagnose a VLAN forwarding issue is the show vlan command. This command will show all of the VLANs that are defined on the switch either manually or dynamically through the VLAN Trunking Protocol (VTP).

Answer 114

A

C. Since you only have access to the local switches at your facility and you have checked the local user’s connection status, your only option is to escalate the problem.

Answer 115

A

A. The command that you should begin with is show interfaces fast 0/0 switchport. This command will show the trunk status of the port as well as the operational status.

Answer 116

A

B. The IP address of 172.23.23.2 is a Class B address.

Answer 117

A

A. The default subnet mask of a Class A address is 255.0.0.0.

Answer 118

A

C. The multicast range begins with 224 to 239 in the first octet. Therefore, only the IP address 238.20.80.4 is correct.

Answer 119

A

B. The IP address 135.20.255.255 is a Class B broadcast address.

Answer 120

A

B. The CIDR notation for 255.255.240.0 is /20. The first two subnets are 8 bits (8
× 2 = 16), and the 240 is 4 more bits (16 + 4 = 20).

Answer 121

A

A. The mask you will need to use is 255.255.255.252. This will allow for two hosts per network for a total of 64 networks. The formula for solving for hosts is: 2X – 2 is
equal to or greater than 2(hosts), which in this case is (22 – 2) = (4 – 2) = 2. So 2 bits are used for the host side, leaving 6 bits for the subnet side. 6 bits + 24 bits (original subnet mask) = /30, or 255.255.255.252.

Answer 122

A

D. The mask you will need to use is 255.255.255.224. This will allow for 30 hosts per network for a total of eight networks. The formula for solving for hosts is: 2X – 2 is
equaltoorgreaterthan22hosts,whichinthiscaseis(25 –2)=(32–2)=30.So5 bits are used for the host side, leaving 3 bits for the subnet side. 3 bits + 24 bits (original subnet mask) = /27, or 255.255.255.224

Answer 123

A

A. The valid IP address range for the 192.168.32.0/26 network is 192.168.32.1 to 192.168.32.62, 192.168.32.65 to 192.168.32.126, etc. Therefore, 192.168.32.59 is within the valid IP range of 192.168.32.61/26.

Answer 124

A

124. B. The subnet mask will be 255.255.240.0. Since you need to solve for the number
of networks, the equation is: 2x is equal to or greater than 15 networks. 24 = 16 completed the equation; the 4 bits represent the subnet side; you add the 4 bits to the 16 bits of the class B subnet mandated by the IETF. 16 + 4 = /20 = 255.255.240.0.

Answer 125

A

C. The valid IP address range for 209.183.160.45/30 is 209.183.160.45– 209.183.160.46. Both IP addresses are part of the 209.183.160.44/30 network. 209.183.160.47/30 is the broadcast address for the network.

Answer 126

A

C. Computer A’s default gateway address is 192.168.1.63. This address is the broadcast address for the 192.168.1.0/26 network and cannot be used as that network’s gateway.

Answer 127

A

A. Computer A needs to have its IP address changed to align with the network that its gateway is in. Computer A is in the 192.168.1.32/27 network, while its gateway address is in the 192.168.1.0/27 network. Although changing the gateway address would work, the least amount of effort needs to be done. Changing the gateway address, which is a valid IP address, would create more work for other clients.

Answer 128

A

B. The /21 subnet mask has subnets in multiples of 8. So the networks would be 131.50.8.0/21, 131.50.16.0/21, 131.50.32.0/21, and 131.50.40.0/21. The IP address of 131.50.39.23/21 would belong to the 131.50.32.0/21 network with a valid range of 131.50.32.1 to 131.50.39.254.

Answer 129

A

D. The network for the computer with an IP address of 145.50.23.1/22 is 145.50.20.0/22. Its valid range is 145.50.20.1 to 145.50.23.254; the broadcast address for the range is 145.50.23.255.

Answer 130

A

B. The valid IP address range for the network of 132.59.34.0/23 is 132.59.34.1 to 132.59.35.254. The first address of 132.59.34.0/23 is the network ID and the last address of 132.59.35.255 is the broadcast ID.

Answer 131

A

B. The /20 CIDR notation written out is 255.255.240.0. The first two 8 bits are 255.255, and the last 4 bits make up the subnet mask of 250 to make a complete mask of 255.255.240.0.

Answer 132

A

C. The network mask of 255.255.255.248 borrows 5 bits for the network mask. Using the formula of 2x = subnets, 25 = 32 subnets.

Answer 133

A

D. The valid number of hosts for a network with a subnet mask

Answer 134

A

D. The valid IP range for the network of 141.23.64.0/19 is 141.23.64.1 to 141.23.95.254. The IP address of 141.23.90.255/19 is a valid IP address within this range.

Answer 135

A

C. Summarization is similar to subnetting, with the exception that you are grouping IP addresses together. Think of it as reverse subnetting. Since /22 is multiples of 4, the statement of 141.24.4.0/22 would give the following range of IP addresses to be blocked: 141.24.4.1 to 141.24.7.254.

Answer 136

A

B. Summarization is similar to subnetting, with the exception that you are grouping IP addresses together. Think of it as reverse subnetting. Since /21 is multiples of 8, the statement of 132.22.24.0/21 would give the following range of IP addresses to be blocked: 132.22.24.1 to 132.22.31.254.

Answer 137

A

A. Using the subnet of 198.33.20.0/25 will give you 126 nodes. Since you are using 1 bit of the 8 bits in the 4th octet for the network ID, you have 7 bits left for the hosts.
Usingtheformulaof2x –2=validhosts,27 –2=128–2=126validhosts.

Answer 138

A

C. Using the subnet of 198.33.20.0/26 will give you 62 nodes. Since you are using 2 bits of the 8 bits in the 4th octet for the network ID, you have 6 bits left for the
hosts. Usingtheformulaof2x –2=validhosts,26–2=64–2=62validhosts.

Answer 139

A

D. Using the subnet of 198.33.20.0/28 will give you 16 nodes. Since you are using 4 bits of the 8 bits in the 4th octet for the network ID, you have 4 bits left for the
hosts. Usingtheformulaof2x –2=validhosts,24 –2=16–2=14validhosts.

Answer 140

A

D. The computer had an IP address of 172.18.40.5/12 and it belongs to the 172.16.0.0/12 network, which has a range of 172.16.0.1 to 172.31.255.254. Therefore, the internal server is within the same network as the computer, and the default gateway has no effect on the problem. The conclusion is that the network is not the problem.

Answer 141

A

C. The computer and the gateway address are correct; the IP address of the remote server is wrong. It is a loopback address and can only be internally used by the local computer. The valid range for loopback is 127.0.0.1 to 127.255.255.254.

Answer 142

A

B. A layer 3 broadcast is always all ones in the host portion of the IP address. When the IP stack see this, it puts all Fs in the destination Ethernet MAC address.

Answer 143

A

A. A unicast address is a single valid IP address for direct communications purposes between two hosts.

Answer 144

A

D. Anycast is a way of allowing the same IP address on multiple machines in different geographical areas. The routing protocol is used to advertise in routing tables the closest IP by the use of metrics. Currently this is how DNS root servers work.

Answer 145

A

C. Multicast is used to allow computers to opt into a transmission. Examples of uses for multicast are imaging of computers, video, and routing protocols, to name a few.

Answer 146

A

D. The multicast address range is 224.0.0.0 to 239.255.255.255. The /4 depicts a subnet of 16.

Answer 147

A

B. IGMP, or Internet Group Messaging Protocol, allows switches to join computers to the multicast group table. This allows the selective process of snooping to occur when a transmission is sent.

Answer 148

A

B. DHCP uses a packet called a Discover packet. This packet is addressed to 255.255.255.255. Although ARP uses a broadcast, it is a layer 2 broadcast, not a layer 3 broadcast.

Answer 149

A

B. A broadcast will forward a message to all computers in the same subnet.

Answer 150

A

C. The multicast address range is 224.0.0.0 to 239.255.255.255.

Answer 151

A

C. RFC 1918 defines three private address ranges, which are not routable on the Internet.

Answer 152

A

A. The private IP address space was created to preserve the number of public IP addresses.

Answer 153

A

D. Network Address Translation (NAT) is required to communicate over the Internet with private IP addresses.

Answer 154

A

A. The Class A private IP address range is defined as 10.0.0.0/8. The address range is 10.0.0.0 to 10.255.255.255.

Answer 155

A

C. The Class B private IP address range is defined as 172.16.0.0/12. The address range is 172.16.0.0 to 172.31.255.255.

Answer 156

A

C. Although a Class C address has a classful subnet mask of 255.255.255.0, the private IP address range put aside for Class C addresses is 192.168.0.0 to 192.168.255.255, written in CIDR notation as 192.168.0.0/16.

Answer 157

A

D. Any address in the range of 169.254.0.0/16 is a link-local address. It means that the computer has sensed that a network connection is present, but no DHCP is present. The network only allows local communications and no routing. Microsoft refers to this as an APIPA address.

Answer 158

A

C. The network seems to be configured properly. You have received a valid address in the Class A space of the RFC 1918 private address range.

Answer 159

A

D. 198.168.55.45 is a valid IPv4 public address. All of the other addresses are RFC 1918 compliant and thus non-routable on the Internet.

Answer 160

A

A. IANA, or the Internet Assigned Numbers Authority, is the governing body, which distributes public IP addresses and registers them to ISPs.

Answer 161

A

B. IPv4 allows for 232 = 4.3 billion addresses. However, only 3.7 billion are usable, because of reservations and classful addressing. The current IPv4 address space is
128 38 exhausted and IPv6 allows for 2 = 3.4 × 10 .

Answer 162

A

C. An IPv6 address is 128 bits: 64 bits is the network ID, and 64 bits is the host ID.

Answer 163

A

D. A 6to4 tunnel can be achieved between the routers. This encapsulates the IPv6 header in an IPv4 header so that it can be routed across the Internet.

Answer 164

A

D. In order to enable IPv6 on a router, you must globally configure the router with the command ipv6 unicast-routing. Although ipv6 enable will work, it will allow only link-local addressing.

Answer 165

A

D. When you configure routers, always use the rule of major/minor. The major protocol is ipv6, and the minor command is address. So the correct command is ipv6 address 2001:0db8:85aa:0000:0000:8a2e:1343:1337/64. The additional rule is to specify the network portion with a /64.

Answer 166

A

A. The first 4 bits of an IPv6 header contain the version number. In an IPv4 packet, this is set to 0100, but in an IPv6 packet, this number is set to 0110. This allows for the host to decide which stack to process the packet in.

Answer 167

A

D. When you configure routers, always use the rule of major/minor. The major protocol is ipv6 and the minor command is route. So the correct command is ipv6 route ::0/0 s0/0, specifying the ::0/0 s0/0 to mean everything out of the existing interface of s0/0.

Answer 168

A

A. When you use a show command, always follow it with the major protocol and then the parameters. The show ipv6 interfaces brief command would show all of the interfaces configured with an IPv6 address.

Answer 169

A

D. RIPng, OSPFv3, and EIGRPv6 are all dynamic routing protocols that work with IPv6.

Answer 170

A

C. The command show ipv6 route will display only the IPv6 routes in the routing table.

Answer 171

A

D. You can remove leading 0s in the quartet, and you can condense four zeros to one zero. However, you can use the :: to remove zeros only once.

Answer 172

A

C. Expanding out the IP of 2001::0456:0:ada4, you first expand the :0: to four zeros. Then expand the remainder of the quartets to 0s to make a 32-digit number again.

Answer 173

A

B. The first 48 bits of an IPv6 address is the global prefix; the next 16 bits is the subnet portion of the IPv6 address. 48 bits + 16 bits = 64 bits for the network ID.

Answer 174

A

A. The network prefix is 2001:db8::/64. Expanded it is written as 2001:0db8:0000:0000/64. However, the condensed version written in the answer is valid

Answer 175

A

C. The command to ping an IPv6 address is ping6. The valid condensed address for fc00:0000:0000:0000:0000:0000:0000:0004 is fc00::4. You cannot condense trailing zeros such as fc00. You can only condense leading zeros

Answer 176

A

B. The address 2001:db8::2435 is a valid IP address. It is shortened by removing leading zeros and condensed. You cannot clip off the trailing zeros in an address like fe80::1. Also, ff02::1 is a multicast address and cannot be used for host addressing.

Answer 177

A

C. A single interface can be configured with multiple addresses. Most host interfaces will have a link-local address for duplicate address detection.

Answer 178

A

B. The answer is 4,096 subnets. You have been given the first 52 bits from your ISP. However, the complete network ID is 64 bits. You subtract 52 bits from 64 bits =
12 bits, then 212 = 4,096.

Answer 179

A

B. The answer is 16,384 networks. You subtract 34 bits from 48 bits = 14 bits, then 214 = 16384

Answer 180

A

D. In between each set of colons or field there are four hex numbers, and each hex number represents 4 bits. Four numbers × 4 bits = 16 bits. In an IPv6 address, there are eight fields of 16 bits. Eight fields x 16 bits = 128 bit address.

Answer 181

A

D. The correct command to configure Stateless Address Autoconfiguration is ipv6 address autoconfig. Although ipv6 address dhcp is a valid command, it requires a stateful DHCP server.

Answer 182

A

B. Router solicitations are sent on a multicast address of ff02:2. This address is a local scope multicast to all IPv6 routers.

Answer 183

A

D. Router advertisements are sent on a multicast address of ff02:1. This address is a local scope multicast to all IPv6 hosts.

Answer 184

A

A. The Neighbor Discovery Protocol uses Neighbor Solicitation and Neighbor Advertisements messages to look up an IP address from a MAC address through the use of multicast.

Answer 185

A

C. The layer 3 protocol that Neighbor Discovery Protocol uses to process Stateless Address Autoconfiguration are ICMPv6 messages.

Answer 186

A

D. Stateless DHCPv6 servers are used to configure DHCP options only. The one option that all clients need is the DNS server.

Answer 187

A

D. You can set the IPv6 DHCP relay agent on the interface for a stateful DHCPv6 server using the command ipv6 dhcp relay destination 2001:db8:1234::1.

Answer 188

A

B. Duplicate Address Detection, or DAD, uses Neighbor Solicitation and Neighbor Advertisement messages to avoid duplicate addresses when SLAAC is being used.

Answer 189

A

B. Stateful DHCPv6 uses a process similar to DORA for IPv4. However, IPv6 uses multicast in lieu of broadcasts via the DHCPv6 Solicit multicast address.

Answer 190

A

C. Before a host can communicate via an RS packet, it first needs a valid IP address. The first address is a link-local address so that it can send an RS packet and receive an RA packet. The client performs DAD on both the link-local address and the proposed address.

Answer 191

A

B. The global unicast address is defined as 2000::/3. This provides a valid range of 2000:: to 3fff::

Answer 192

A

A. The link-local address is defined as fe80::/10. Any address starting with fe80 is non-routable.

Answer 193

A

A. The first 23 bits are allotted to the ISP by the RIR for the region of the world for which the ISP is requesting the prefix

Answer 194

A

C. The unique-local address is defined as fc00::/7. Unique-local addresses have replaced site-local addresses as of 2004 and are non-routable. The valid IPv6 range is fc00:: to fd00:: despite IANA reserving fc00::/7 as the fc00:: range. The range should not be used since the 8th bit is considered the “local bit” and is required to be a 1, as in, for example, 1111 1101 = fd.

Answer 195

A

D. The multicast address is defined as ff00::/8. Multicast addresses always start with ff.

Answer 196

A

A. IPv4 RFC 1918 addresses are defined as private non-routable IP addresses. In IPv6, link-local addresses are the equivalent to RFC 1918 addresses and are non- routable.

Answer 197

A

D. The command to configure an anycast address on an interface would be ipv6 address 2001:db8:1:1:1::12/128 anycast. The /128 defines a single IP to advertise in routing tables.

Answer 198

A

A. When converting a MAC address to an EUI-64 host address, the first step is to split the MAC address into 6-byte sections of f42356 and 345623 and place fffe in between them, f423:56ff:fe34:5623. This gives you a 64-bit value comprised of a 48-bit MAC address and a 16-bit filler. You must then invert “flip” the 7th bit. Example: f4 = 1111 010 = flipped = 1111 0110 = f6.

Answer 199

A

C. The EUI-64 address can always be found by looking at the last 64 bits. In between the last 64 bits of the address, you will always find fffe.

Answer 200

A

C. The command to set an EUI-64 address for the host portion of the IPv6 address on an interface is ipv6 address 2001:db8:1234::/64 eui-64.

Answer 201

A

C. When converting a MAC address to an EUI-64 host address, the first step is to split the MAC address into 6-byte sections of e5eef5 and 562434 and place fffe in between them: e5ee:f5ff:fe56:2434. This gives you a 64-bit value comprised of a 48-bit MAC address and a 16-bit filler. You must then invert “flip” the 7th bit. Example: e5 = 1110 011 = flipped = 1110 0111 = e7.

Answer 202

A

B. The output of show ipv6 interface gi 0/1 shows the multicast groups the

Answer 203

A

A. A one-to-many IPv6 address is a multicast address. One multicast address will allow many IPv6 clients to receive the transmission.

Answer 204

A

D. The ::1 address is a special address called a loopback address, similar to 127.0.0.1 in IPv4.

Answer 205

A

B. A one-to-closest IPv6 address is an anycast address. Many routers or services can have the same address. However, routing protocols allow for the client to be directed to the closest resource.

Answer 206

A

C. Stateful DHCPv6 addressing will not allow EUI-64 addressing. This is because the DHCPv6 server is responsible for allocating an IPv6 address from a predefined pool.

Answer 207

A

A. Link-local addresses starting with fe80::/10 always configure the host portion of the address with an EUI-64 address. Note that Microsoft products default to a random host ID and can be configured to generate the host ID with EUI-64.

Answer 208

A

C. The IPv6 address has been given to you by the ISP with your company’s unique identifier. The first 32 bits are allocated to the ISPs, and they in turn add a unique 16-bit address for your company. This makes 32 bits + 16 bits = 48 bits. You have 16 bits for subnetting after the first 48 bits to make a full 64-bit network ID.

Answer 209

A

B. When converting a MAC address to an EUI-64 host address, the first step is to split the MAC address into 6-byte sections of 401e32 and e4ff03 and place fffe in between them: 401e:32ff:fee4:ff03. This gives you a 64-bit value comprised of a 48 bit MAC address and a 16 bit filler. You must then invert “flip” the 7th bit. Example: 40 = 0100 000 = flipped = 0100 0010 = 42.

Answer 210

A

C. Although the unique-local address scope is defined as fc00::/7, RFC 4193 states that the 8th bit must equal a one for the local (L) bit. This requires the address to always start with fd which in binary is 1111 = f and 1101 = d or 1111 1101 = fd.