CIS 444 exam 2 (final) Flashcards
computer information systems
The network administrator for a small business is installing a computer to function as a firewall protecting their internetwork from Internet intrusion. At which of the following locations should the administrator install the firewall system?
Between the Internet access router and the rest of the private internetwork
Anywhere on the private internetwork, as long as the Internet is accessible
At the ISP’s network site
Between the Internet access router and the Internet Service Provider’s (ISP’s) network
Between the Internet access router and the rest of the private internetwork
VLANs create the administrative boundaries on a switched network that are otherwise provided by which of the following devices?
Hubs
Domains
Bridges
Routers
Routers
Which of the following statements about hubs and switches are true?
All of the devices connected to a hub are not part of a single collision domain.
Hubs operate at the physical layer, whereas switches operate at the network layer.
Switches create a separate broadcast domain for each connected device, whereas hubs create a single broadcast domain for all of the connected devices.
There are switches available with network layer functionality, but there are no hubs with that capability
There are switches available with network layer functionality, but there are no hubs with that capability
When a packet collision between two systems occurs on an Ethernet network, Carrier-Sense Multiple Access with Collision Detection (CSMA/CD) causes the two systems to stop transmitting and generate a jam signal. After sending the jam signal, why do the two systems wait for a randomized backoff interval before retransmitting their packets?
They need to rebuffer the packet.
To recalculate the packets’ checksum values.
To prevent another collision from occurring.
They need time to reassemble the packets
To prevent another collision from occurring.
Ralph is a freelance network consultant installing a three-node small business network. The computers are all in the same room and use wired Ethernet to connect to the switched ports of a multifunction device. The device also functions as a Network Address Translation (NAT) router for a cable modem connection to the Internet. NAT provides a measure of security, but Ralph wants to be sure that the network is protected from unauthorized Internet traffic and attacks against open ports. Which of the following solutions would enable Ralph to accomplish this goal with the minimum cost to the client?
Install a hardware firewall between the multifunction device and the cable modem.
Install an Intrusion Prevention System (IPS) between the multifunction device and the cable modem.
Install a personal firewall on each of the computers.
Connect an Intrusion Detection System (IDS) to one of the switched ports in the multifunction device
Install a personal firewall on each of the computers.
Each of the following Carrier-Sense Multiple Access with Collision Detection (CSMA/CD) events occurs on an Ethernet network when two stations transmit simultaneously, although not in the order listed. Which of the following events occurs immediately after the collision?
The two stations transmit a jam signal.
The two stations observe a random backoff interval.
The two stations begin retransmitting their frames.
The two stations stop transmitting
The two stations stop transmitting
Network Address Translation (NAT) operates at which layer of the Open Systems Interconnection (OSI) model?
Data link
Transport
Network
Application
Network
Which of the following terms refers to methods by which network traffic is prioritized to prevent applications from suffering faults due to network congestion?
Dynamic routing
QoS
Port forwarding
VLANs
QoS
The jumbo frame capability is associated with which networking protocol?
Transmission Control Protocol (TCP)
Internet Protocol (IP)
Point-to-Point Protocol (PPP)
Ethernet
Ethernet
Control plane policing (CPP or CoPP) is a feature on some routers and switches that limits the rate of traffic on the device’s processor, to prevent Denial-of-Service (DoS) and reconnaissance attacks, using which of the following technologies?
IPSec
802.1X
RA Guard
QoS
QoS
Which of the following is the Maximum Transmission Unit (MTU) size for an Ethernet frame?
512
1024
1518
1500
1500
Some networks are designed with a switching fabric that contains redundant paths, for fault tolerance purposes. However, in this type of design, it is possible for packets to circulate endlessly around the network, which is called a switching loop. Which of the following protocols prevents network switching loops from occurring by shutting down redundant links until they are needed?
STP
RIP
VLAN
NAT
STP
Which of the following are terms for an area of an enterprise network, separated by firewalls, which contains servers that must be accessible both from the Internet and from the internal network?
EGP
Stateless network
DMZ
Intranet
DMZ
Which of the following are mechanisms by which IPv6 traffic can be transmitted on an IPv4 network through the use of tunneling?
FTP
Teredo
IPsec
ICMPv6
Teredo
Which of the following devices enable users on private networks to access the Internet by substituting a registered IP address for their private addresses?
UTM appliance
Switch
NAT router
RADIUS server
NAT router
Ralph has been hired by a company to redesign its Local Area Network (LAN). Right now, it has a single 100 Mbps Ethernet LAN with 40 users and 2 shared servers, all connected through 3 hubs. The users on the network must be able to share files with one another and also access the shared servers. The users are complaining that the network is too slow. Management states that cost is a factor that must be considered. Which of the following upgrade scenarios should Ralph recommend in this situation?
Split the network into smaller segments with dedicated hubs as opposed to shared hubs.
Replace the hubs with switches to define separate collision domains and filter unnecessary traffic from each segment.
Split the network into two routed LANs with 20 users each.
Replace the hubs with a layer 3 switch and define two Virtual LANs (VLANs) with 20 users each.
Replace the hubs with switches to define separate collision domains and filter unnecessary traffic from each segment.
Which of the following best defines the concept of the dual stack?
A computer with connections to two different network segments
A computer with two network interface adapters
A computer with two sets of networking protocols
A computer with two installed operating systems
A computer with two sets of networking protocols
Which of the following terms is used to describe the method by which a firewall examines the port numbers in transport layer protocol headers?
IP address filtering
Service-dependent filtering
Deep Packet Inspection (DPI)
Next-Generation Firewall (NGFW)
Service-dependent filtering
Which of the following physical network devices can conceivably be implemented as software in a computer’s operating system?
Hub
Transceiver
Firewall
Switch
Firewall
Which of the following is not a method of traffic shaping?
Rate limiting
Bandwidth throttling
Self-limiting
WAN optimization
WAN optimization
Which of the following Virtual Private Network (VPN) protocols does not provide encryption within the tunnel?
IPSec
PPTP
SSL
L2TP
L2TP
Which of the following is the best description of geofencing?
Somewhere you are
Something you have
Something you know
Something you do
Somewhere you are
Social engineering has become an increasingly serious problem on your company network. Which of the following is an effective method for preventing sensitive data from being compromised through social engineering?
Use IPSec to encrypt all network traffic.
Install an antivirus software product on all user workstations.
Install a firewall between the internal network and the Internet.
Implement a program of user education and corporate policies.
Implement a program of user education and corporate policies.
In which of the following ways is VLAN hopping a potential threat?
VLAN hopping enables an attacker to access different VLANs using 802.1q spoofing.
VLAN hopping enables an attacker to rename the default VLAN on a switch.
VLAN hopping enables an attacker to scramble a switch’s patch panel connections.
VLAN hopping enables an attacker to change the native VLAN on a switch.
VLAN hopping enables an attacker to access different VLANs using 802.1q spoofing.
Which of the following security protocols used to protect traffic exchanged by web browsers and servers was created first?
DTLS
SSL
SSH
TLS
SSL
Which of the following types of systems are frequently used to collect information from Intrusion Detection Systems (IDSs)?
NGFW
VoIP
RADIUS
SIEM
SIEM
Which of the following network devices does not employ Access Control Lists (ACLs) to restrict access?
Hubs
Switches
Routers
Wireless Access Points (WAPs)
Hubs
A user swipes a smartcard through the reader connected to a laptop and then types a password to log on to the system. Which of the following actions is the user performing?
Auditing
Authorization
Authentication
Accounting
Authentication
At which layer of the Open Systems Interconnection (OSI) reference model does Dynamic Host Configuration Protocol (DHCP) snooping operate?
Network
Transport
Data link
Application
Data link
In the hacker subculture, which of the following statements best describes a zombie?
A program that attackers use to penetrate passwords using brute-force attacks
A user that has fallen victim to a phishing attack
A computer that is no longer functioning because it is the target of a Denial-of-Service (DoS) attack
A computer that is remotely controllable because it has been infected by malware
A computer that is remotely controllable because it has been infected by malware
In a client-to-site Virtual Private Network (VPN) connection, which of the following combinations of endpoint devices would most likely be involved?
Two workstations
Two VPN concentrators
A workstation and a server
A workstation and a VPN concentrator
A workstation and a VPN concentrator
Which of the following security protocols for web servers or browsers was deprecated in 2015 in favor of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)?
SSL
SSH
IPsec
RDP
SSL
Dynamic ARP Inspection (DAI) is a feature in some network switches that prevents on-path (man-in-the-middle) attacks facilitated by Address Resolution Protocol (ARP) poisoning, the deliberate insertion of fraudulent information into the ARP cache. A switch with DAI inspects incoming ARP packets and rejects those that contain incorrect pairs of IP and Media Access Control (MAC) addresses. Which of the following is the means by which the switch compiles a table of the correct ARP information for comparison with the incoming packets?
Secure SNMP
DNS name resolution
DHCP snooping
NDP
DHCP snooping
Which of the following types of network devices can provide authentication services for multiple remote access servers using the device’s own account database?
NGFW
Hub
IDS
NAS
NAS
Alice is implementing a new password policy that requires all users to change their passwords every seven days. What further modification can she make to the password policy to prevent users from thwarting the password change requirement?
Require the creation of unique passwords
Require the use of special characters
Specify a maximum password change interval
Specify a minimum password length
Require the creation of unique passwords
You are working at a client site with a managed router that includes a console port for administrative access, which you can use to connect a laptop and run a terminal program to access the device’s interface. Which of the following is the best term for this type of access to the device?
BYOD
Client-to-site
In-band
Out-of-band
Out-of-band
Which of the following types of Virtual Private Network (VPN) connection is the best solution for allowing clients limited access to your corporate network?
Host-to-host
Extranet
Host-to-site
Site-to-site
Extranet
When starting her new position as a network administrator, Alice was given two user accounts. One account is intended for standard user activities, and another has the additional permissions needed for Alice to perform administrative tasks. This is an example of which of the following security concepts?
Defense in depth
Multifactor authentication
Least privilege
Zero
Least privilege
Combining elements like something you know, something you have, and something you are to provide access to a secured network resource is a definition of which of the following types of authentication?
Multifactor
Multimetric
Multisegment
Multifiltered
Multifactor
Password policies frequently require users to specify complex passwords. Which of the following are characteristic of a complex password?
Passwords that do not duplicate the user’s account name, birth date, or other personal information
Passwords that contain mixed upper- and lowercase letters, numbers, and symbols
Passwords that exceed a specific length
Passwords that do not duplicate a specific number of the user’s previous passwords
Passwords that contain mixed upper- and lowercase letters, numbers, and symbols
Which of the following Virtual Private Network (VPN) protocols is generally considered to be obsolete?
L2TP
IPSec
SSL/TLS
PPTP
PPTP
Which of the following terms refers to a Denial-of-Service (DoS) attack that involves zombies?
Permanent
Amplified
Reflective
Distributed
Distributed
Which of the following services are methods of tracking a user’s activities on a network?
Accounting
Authentication
Authorization
Access control
Accounting
Which of the following prefixes must you use in the URL you type into a web browser when the website you want to access has been secured with Transport Layer Security (TLS)?
HTTP://
TLS://
HTTPS://
HTLS://
HTTPS://
Which of the following statements best describes a ransomware attack?
A website is rendered inaccessible by a Denial-of-Service (DoS) attack until its owner agrees to pay a fee.
A message appears on a user’s screen, stating that system is locked and will only be released on payment of a fee.
A user’s access to a specific resource, such as a bank’s website, is blocked until the user pays a fee.
An application is supplied with limited usability until the user pays a license fee.
A message appears on a user’s screen, stating that system is locked and will only be released on payment of a fee.
Which of the following technologies can maintain an account database that multiple remote access servers can employ to authenticate remote users?
RADIUS
NAS
NGFW
IDS
RADIUS
You have just received notification of a new software release for an application you are running on your servers. The release is intended to address a newly discovered security vulnerability. Which of the following is the correct term for a software release containing a fix designed to address one specific issue?
A service pack
An upgrade
An update
A patch
A patch
In a host-to-host Virtual Private Network (VPN) connection, which of the following combinations of endpoint devices would most likely be involved?
A workstation and a server
Two workstations
A workstation and a VPN concentrator
Two VPN concentrators
Two workstations
Which of the following terms refers to the process by which a system tracks a user’s network activity?
Authorization
Access control
Authentication
Accounting
Accounting
Ed receives an email through his personal account, warning him that his checking account has been locked due to excessive activity. To confirm that the activity is fraudulent, the email instructs Ed to click the enclosed hyperlink, log on to his account, and review the list of charges. Ed clicks the link and is taken to a web page that appears to be that of his bank. He then supplies his username and password to log on. Which of the following types of attacks is Ed likely to be experiencing?
Social engineering
Phishing
Spoofing
Logic bomb
Phishing
Which of the following are not considered to be Denial-of-Service (DoS) attacks?
An attacker connects a rogue access point to a company’s wireless network, using their Service Set Identifier (SSID) in the hope of attracting their users.
An attacker uses the
An intruder breaks into a company’s datacenter and smashes their web servers with a sledgehammer.
An attacker captures the packets transmitted only from a domain controller to obtain encrypted passwords.
An attacker connects a rogue access point to a company’s wireless network, using their Service Set Identifier (SSID) in the hope of attracting their users.
Which of the following types of Virtual Private Network (VPN) connection is the best solution for connecting a home user to a corporate network?
Extranet
Host-to-site
Host-to-host
Site-to-site
Host-to-site
In most cases, a Denial-of-Service (DoS) attack refers to a deliberate attempt to overwhelm a server with incoming traffic. However, this is not always the case. Which of the following types of DoS attacks does not involve flooding a server with traffic?
Distributed
Amplified
Permanent
Reflective
Permanent
Which of the following standards defines a framework for the authentication process, but does not specify the actual authentication mechanism?
TLS
WPA
TKIP
EAP
EAP
Regularly applying operating system updates and patches to network computers is an important mitigation procedure for which of the following security problems?
Port security
Denial-of-Service attacks
Social engineering
Malware
Malware
A server’s firewall is configured using a default policy that does not allow any users remote access to the server unless an administrator creates a rule granting them access. Which of the following terms describes this default policy?
Explicit deny
Explicit allow
Implicit deny
Implicit allow
Implicit deny
Which of the following is not a means of preventing physical security breaches to a network datacenter?
Badges
Tailgaters
Key fobs
Locks
Tailgaters
A multifactor authentication system consists of at least two different identifying criteria, typically falling into two of the following categories: something you have, something you do, something you know, and something you are. Which of the following authentication factors is an example of something you have?
A finger gesture
A smartcard
A password
A fingerprint
A smartcard
A senior IT administrator at your company was terminated two weeks ago. Today, Friday, you arrived at the office and found that all of the hosts in the web server farm had had their data deleted. There are no unauthorized entries to the datacenter recorded, but you suspect the terminated administrator is responsible for deleting the data. Which of the following attack types might the administrator have directed at the web server farm?
Social engineering
ARP poisoning
Logic bomb
Evil twin
Logic bomb
Many managed switches and routers include a console port for administrative access, to which you can connect a laptop and run a terminal program to access the device’s interface. Which of the following is the best term for this type of access to the device?
Out-of-band
BYOD
In-band
Client-to-site
Out-of-band
When designing a wireless LAN installation, what is a valid reason to install a unidirectional antenna in an Access Point (AP), rather than an omnidirectional one?
A unidirectional antenna can be focused to a specific signal pattern width.
All of the above
There are many interior walls between the AP and the most distant workstation.
The AP will be located against an outside wall.
All of the above
Alice is attempting to deploy an IEEE 802.11b/g wireless LAN on the fifth floor of a 10-story office building that is surrounded on all sides by other office buildings, all of which seem to be running many wireless LANs. Scanning the 2.4 GHz band, she sees literally dozens of networks, spread across all of the available channels. As a result, her wireless devices have trouble connecting to their Access Point (AP), and when they do, they achieve only low speeds. Which task should Alice perform to enable the wireless clients to connect to the network more reliably?
Configure all of the network devices to use WPA2 encryption with AES.
Upgrade all of the network devices to the latest firmware.
Configure the AP to suppress SSID broadcasts.
Upgrade all of the wireless network devices to IEEE 802.11n.
Upgrade all of the wireless network devices to IEEE 802.11n.
Which of the following is the maximum theoretical download speed for a 5G cellular network?
150 megabits per second
42 megabits per second
1 gigabit per second
10 gigabits per second
10 gigabits per second
Which of the following encryption protocols was introduced in the WiFi Protected Access (WPA) wireless security standard?
CCMP-AES
TACACS+
TKIP
EAP-TLS
TKIP
Which of the following wireless LAN security protocols was rendered obsolete after it was found to be extremely easy to penetrate?
WEP
WPA
WPA2
EAP
WEP
Ralph is having trouble providing satisfactory wireless network performance to some executive offices at the far end of the building. The wireless Access Point (AP) is based on the 802.11g standard. The offices have heavy doors and insulated walls for sound dampening, and the occupants typically leave their doors closed during work hours. Which of the following actions can Ralph take to provide the users in these offices with better wireless network performance?
Install an additional AP nearer to the offices.
Upgrade the AP to a model based on the 802.11n standard.
Modify the AP to use higher number channels.
Configure the AP to disable SSID broadcasting.
Install an additional AP nearer to the offices.
How does Media Access Control (MAC) address filtering increase the security of a Wireless Local Area Network (WLAN)?
By allowing traffic sent to or from specific MAC addresses through the Internet firewall
By substituting registered MAC addresses for unregistered ones in network packets
By permitting only devices with specified MAC addresses to connect to an access point
By preventing access points from broadcasting their presence
By permitting only devices with specified MAC addresses to connect to an access point
CCMP-AES is an encryption protocol used with which of the following wireless network security standards?
WPA
WEP
EAP
WPA2
WPA2
Alice is a consultant working in your office, who has been given the Secure Set Identifier (SSID) and the passphrase for the company’s main wireless network, but she is unable to connect with her laptop. Which of the following security measures might be preventing her from connecting?
Disabling SSID broadcast
Geofencing
MAC filtering
Using WPA2
MAC filtering
A Wireless Access Point (WAP) enables computers equipped with wireless network interface adapters to function in which of the following topologies?
Ad hoc
Bus
Star
Infrastructure
Infrastructure
At which layer of the Open Systems Interconnection (OSI) model do wireless range extenders operate?
Network
Physical
Transport
Data link
Physical
Which of the following can be described as a wireless network hardening technique?
Encryption
Social engineering
Deauthentication
MAC addressing
Encryption
Ed has installed a separate 802.11n wireless network for guest users working in his company’s offices. The guest network is unsecured, and Ed has recently become aware that people outside the building are able to access it. It is not possible to move the Access Point (AP), and it must run at maximum power to reach the entire building. Which of the following is the most convenient way to prevent users outside the building from accessing the guest network while leaving it available to users inside the building?
Disable SSID broadcasting
Switch the network frequency
Change the passphrase daily
Implement MAC filtering
Disable SSID broadcasting
Alice is trying to provide users in a warehouse with wireless network connectivity for their tablets. The warehouse is a huge concrete structure with many internal cinderblock walls. Which of the following types of signal interference are inhibiting Alice’s efforts?
Reflection
Refraction
Absorption
Diffraction
Absorption
Which of the following wireless security protocols was substantially weakened by its initialization vector?
WEP
WPA
PEAP
WPA2
WEP
Which of the following topologies enables wireless devices to access resources on a wired network?
Star
Ad hoc
Infrastructure
Bus
Infrastructure
CCMP is based on which of the following encryption standards?
802.1X
RC4
TKIP
AES
AES
Which of the following wireless LAN standards include the ability to use Multiple Input, Multiple Output (MIMO) antennae?
IEEE 802.11g
IEEE 802.11b
IEEE 802.11a
IEEE 802.11n
IEEE 802.11n
Which of the following components are required for two computers to communicate using an IEEE 802.11 wireless LAN in an ad hoc topology?
A router connected to the Internet
A Wireless Access Point (WAP)
An external antenna
None of the above
None of the above
You are deploying an 802.11n wireless network for a client that is asking for the best possible security you can provide without deploying additional servers. When setting up the Wireless Access Point (WAP), you disable Service Set Identifier (SSID) broadcasts, select WiFi Protected Access with Pre-Shared Keys (WPA-PSKs), and configure Media Access Control (MAC) address filtering. Which of the following statements about the security of this arrangement is true?
You should not use MAC address filtering since it exposes MAC addresses to possible attacks.
You should not disable SSID broadcasts since this prevents users from connecting to the network.
You should use WiFi Protected Access II (WPA2) instead of WPA, since it is more resistant to certain types of attacks.
The configuration is as secure as you can make it with the specified equipment
You should use WiFi Protected Access II (WPA2) instead of WPA, since it is more resistant to certain types of attacks.
Which of the following wireless security protocols uses CCMP-AES for encryption?
WPA2
WEP
WPA
TKIP
WPA2
Ralph is installing a wireless LAN that includes three Access Points (APs) to provide coverage for a large building. What must Ralph do to ensure that users are able to roam without interruption from one AP to another using their portable devices?
Configure each AP with the same IP address.
Configure each AP with the same security passphrase.
Configure each AP with different SSIDs.
Configure each AP to use different security protocols
Configure each AP with the same security passphrase.
Which of the following is the fastest speed achievable by a wireless LAN using the currently ratified IEEE 802.11 standards?
600 Mbps
1.3 Gbps
2.6 Gbps
54 Mbps
1.3 Gbps
Which form of the WiFi Protected Access (WPA) and WPA2 protocols require a RADIUS server?
WPA-Local
WPA-Personal
WPA-PSK
WPA-Enterprise
WPA-Enterprise
Which of the following wireless networking standards is capable of supporting speeds of 54 Mbps and is also backward compatible with IEEE 802.11b?
Bluetooth
IEEE 802.11n
IEEE 802.11g
IEEE 802.11a
IEEE 802.11g
On a wireless network, which of the following best describes an example of a captive portal?
A series of two doors with an intervening airlock through which people must pass before they can enter a secured space
A web page with which a user must interact before being granted access to a wireless network
A web page stating that the data on a user’s computer has been locked and will only be unlocked after payment of a fee
A dedicated switch port used to connect to other switches
A web page with which a user must interact before being granted access to a wireless network
Upgrading a wireless network from the Wired Equivalent Privacy (WEP) security protocol to WiFi Protected Access (WPA) enables it to use the Temporal Key Integrity Protocol (TKIP) for encryption, which generates a unique key for each packet. Which of the following types of attacks does this capability prevent?
Deauthentication attacks
Replay attacks
Brute-force attacks
Denial-of-Service (DoS) attacks
Replay attacks
Which of the following is not a factor that weakens the security of the Wired Equivalent Privacy (WEP) protocol used on early IEEE 802.11 wireless LANs?
Open System Authentication
24-bit initialization vectors
Static shared secrets
40-bit encryption keys
Open System Authentication
You are installing a wireless network in a site that has a great many 2.4 GHz wireless telephones. Which wireless networking technology can you use which will never experience interference from the telephones?
IEEE 802.11ac
IEEE 802.11b
IEEE 802.11n
IEEE 802.11g
IEEE 802.11ac
You are a consultant with a client who wants to have you install a wireless network with the highest throughput currently available. What can you tell your client is the fastest speed achievable by a Wireless Local Area Network (WLAN) using the currently ratified IEEE 802.11 standards?
1.3 Gbps
2.6 Gbps
600 Mbps
54 Mbps
1.3 Gbps
Which of the following was the first wireless LAN security protocol to come into common usage?
WPA2
WPA
WEP
TKIP
WEP
A wireless network is configured to allow clients to authenticate only when the signal strength of their connections exceeds a specified level. Which of the following terms best describes this configuration?
Geofencing
Port security
Local authentication
Motion detection
Geofencing
You have installed a new Wireless Access Point (WAP) on your network and configured it to use an SSID that is not broadcasted and WPA2 for security. Which of the following describes what you must do to configure your wireless clients?
Type the SSID manually and then select WPA2 from the security protocol options provided.
Type the SSID manually and allow the client to automatically detect the security protocol.
Select the SSID from a list and then select WPA2 from the security protocol options provided.
Select the SSID from a list and allow the client to automatically detect the security protocol
Type the SSID manually and then select WPA2 from the security protocol options provided.
Which of the following is a power measurement of a specific transmitter and antenna combination, as used in a wireless access point?
MIMO
RSSI
SSID
EIRP
EIRP
Which of the following IEEE wireless LAN standards provides the greatest possible throughput?
802.11ac
802.11n
802.11g
802.11b
802.11ac
You are starting work at a new company, and on your first day, you ask about wireless access for your laptop. You are given a Service Set Identifier (SSID) and a WiFi Protected Access II (WPA2) passphrase. Later, in the lunchroom, when you try to connect your laptop to the network, you cannot see the SSID you were given in the list of available networks, although you can see other networks. What should you do next to try to resolve the problem?
Type the SSID in manually.
Type in the WPA2 passphrase.
Move closer to the Wireless Access Point (WAP).
Move away from the microwave in the lunchroom
Type the SSID in manually.
EAP and 802.1X are components that help to provide which of the following areas of wireless network security?
Authorization
Authentication
Encryption
Accounting
Authentication
Which of the following is a wireless topology that does not require the use of an access point?
Bus
Star
Infrastructure
Ad hoc
Ad hoc
Which of the following did the second version of the WiFi Protected Access (WPA) protocol add to the standard?
CCMP-AES
MIMO
TKIP
WEP
CCMP-AES
Some users are having a problem connecting to an application server on their local network. You go to their department and start to troubleshoot the problem by testing connectivity using the ping tool at one of the user workstations. You discover that you can ping the server successfully using its computer name, but pinging the computer’s fully qualified domain name (FQDN) fails. As a result of these tests, which of the following can you determine is the most likely source of the problem?
EMI
ACL
DHCP
DNS
DNS
Which of the following Domain Name System (DNS) resource records is not used for forward name resolution?
MX
CNAME
PTR
AAAA
PTR
Which IP address allocation method is not supported by Dynamic Host Configuration Protocol (DHCP)?
Stable
Dynamic
Manual
Automatic
Stable
Dynamic Host Configuration Protocol (DHCP) clients rely on which of the following types of transmissions to locate and initiate contact with DHCP servers on the local network?
Multicast
Broadcast
Unicast
Anycast
Broadcast
In the Domain Name System (DNS), a zone is a contiguous area of the DNS namespace for which authority is delegated to one or more DNS servers. Which of the following DNS resource record types specifies the IP addresses of the authoritative DNS servers for a particular zone?
NS
MX
PTR
SRV
NS
Which of the following is the range of IPv4 addresses that Automatic Private IP Addressing (APIPA) assigns to DHCP clients that cannot access a DHCP server?
224.0.0.0 to 224.0.255.255
169.254.0.0 to 169.254.255.255
192.168.0.0 to 192.168.0.255
10.0.0.0 to 10.0.255.255
169.254.0.0 to 169.254.255.255
Ralph is troubleshooting a workstation that cannot access the network. The workstation is plugged into a wall plate that should provide it with access to a DHCP-equipped network using the 192.168.4.0/24 network address. No one else on that network is reporting a problem. Ralph checks that the patch cable is properly plugged into the workstation and the wall plate, which they are, and then runs
The Subnet Mask is incorrect.
The Default Gateway address is missing.
The DNS server addresses are incorrect.
The DHCPv4 scope is exhausted
The DHCPv4 scope is exhausted
Which of the following DHCP address allocation methods enables the server to reclaim IP addresses when they are no longer in use by clients?
Dynamic
Manual
Automatic
Static
Dynamic
Which of the following technologies enables the IP addresses assigned to clients by a Dynamic Host Configuration Protocol (DHCP) server to be automatically added to the DNS namespace?
Reverse name resolution
Automatic allocation
HOSTS
Dynamic DNS
Dynamic DNS
Which of the following is a tool that integrates DHCP and DNS so that each is aware of the changes made by the other?
IPAM
DHCPv6
HOSTS
APIPA
IPAM
In designing a network for a client, Ed has decided to use both internal and external DNS servers. Which of the following resources should Ed register with the external DNS server?
Company database servers
Internet web servers
Admin workstation
Domain controllers
Internet web servers
Which of the following Domain Name System (DNS) resource records is used only for reverse name resolution?
PTR
AAAA
MX
CNAME
PTR
Alice is troubleshooting a problem that some users are having connecting to an application server on the local network. While testing connectivity using the ping tool, she discovers that she can ping the server successfully using its computer name, but pinging the computer’s fully qualified domain name (FQDN) fails. Which of the following is most likely the source of the problem?
ACL
EMI
DNS
DHCP
DNS
Which of the following protocols are responsible for assigning IP addresses to hosts?
Name Server(NS)
Dynamic Host Configuration Protocol (DHCP)
File Transfer Protocol (FTP)
Domain Name System (DNS)
Dynamic Host Configuration Protocol (DHCP)
Which of the following mechanisms enables administrators to maintain current DNS database information on multiple name servers, for fault tolerance and load balancing purposes?
UDP forwarding
Zone transfer
Multi-master replication
Iterative query
Zone transfer
In which of the following DNS transactions does the querying system generate a recursive query?
A client’s DNS server sends a request to the
A client’s DNS server sends a request to the com top-level domain server to find the authoritative server for the
A DNS client sends the server name
A client’s DNS server sends a request to a root domain server to find the authoritative server for the com top-level domain.
A client’s DNS server sends a request to a root domain server to find the authoritative server for the com top-level domain.
Which of the following best describes what happens when a DNS server receives an iterative name resolution query?
The DNS server attempts to resolve the requested name by checking its own resource records and cache, or failing that, by forwarding the name resolution request to another DNS server in a recursive query.
The DNS server responds immediately to the query with the best information it has in its resource records or in its cache, or failing that, with an error message stating that it could not resolve the requested name.
The DNS server attempts to resolve the requested name by checking its own resource records and cache, or failing that, by issuing its own iterative queries to other DNS servers.
The DNS server responds immediately if it is the authoritative server for the domain in which the requested name is located. Otherwise, it returns an error message stating that it could not resolve the requested name.
The DNS server responds immediately to the query with the best information it has in its resource records or in its cache, or failing that, with an error message stating that it could not resolve the requested name.
Which of the following Dynamic Host Configuration Protocol (DHCP) options prevents the client from transmitting IP datagrams that circulate endlessly around the network?
ARP cache timeout
Interface MTU
Default IP TTL
TCP keepalive interval
Default IP TTL
Which of the following is the IPv6 equivalent of Automatic Private IP Addressing (APIPA)?
EUI-64
DHCPv6
SLAAC
APIPAv6
SLAAC
Ralph has configured a server called NE6 to function as a web server. He does not want to change the server’s existing name, but he wants it to also be accessible to clients using the name
Create an additional A resource record.
Create a new CNAME resource record.
Create a new PTR resource record.
Modify the existing A resource record
Create a new CNAME resource record.
Your company has a seven-node failover cluster hosting databases on SQL Server. Each server has three network interface adapters installed in it. Two are standard Gigabit Ethernet adapters that provide the nodes with access to each other and clients with access to the cluster. One is a Fibre Channel adapter that provides the cluster nodes with access to a dedicated network that also hosts a large hard disk array. Which of the following terms describe the networks to which the cluster nodes are connected?
WAN
PAN
SAN
MAN
SAN
Which of the following Storage Area Network (SAN) protocols are capable of sharing a network medium with standard Local Area Network (LAN) traffic?
Fibre Channel
FCoE
InfiniBand
InfiniChannel
FCoE
In which of the following ways does a vSwitch (virtual switch) differ from a physical switch?
Virtual switches cannot forward traffic to the host server running them, whereas physical switches can forward traffic to all connected computers.
Physical switches always include layer 3 functionality, whereas virtual switches do not.
Virtual switches have an unlimited number of ports, whereas physical switches have a specific number.
Physical switches typically support the creation of VLANs, whereas virtual switches do not.
Virtual switches have an unlimited number of ports, whereas physical switches have a specific number.
Ralph is designing a hybrid deployment for a corporate client that will require a connection between the client’s private network and a public cloud provider. The client is concerned about this connection becoming a speed bottleneck at times of heavy user traffic. Which of the following options can Ralph offer the client that will best address this potential problem?
Use a cloud direct connection for the hybrid link.
Use a leased line connection to the ISP
Use a different ISP for the cloud connection.
Use a VPN for the cloud connection
Use a cloud direct connection for the hybrid link.
Which of the following protocols are included in an FCoE packet?
TCP
Ethernet
UDP
None of the above
Ethernet
Which of the following layers in a Software-Defined Network (SDN) architecture consists of hardware devices?
Infrastructure
Core
Application
Control
Infrastructure
Which of the following cloud service models provides the consumer with the least amount of control over the cloud resources?
SaaS
IaaS
PaaS
IaaS, PaaS, and SaaS all provide the same degree of control
SaaS
Which of the following is the term for the client that accesses an iSCSI device on a storage area network?
Adapter
Controller
Target
Initiator
Initiator
Which of the following is not one of the advantages of iSCSI over Fibre Channel?
iSCSI includes its own internal flow control mechanism, whereas Fibre Channel does not.
iSCSI is less expensive to implement than Fibre Channel.
iSCSI is routable, whereas Fibre Channel is not.
iSCSI can share the same network as standard local area network traffic, whereas Fibre Channel cannot.
iSCSI includes its own internal flow control mechanism, whereas Fibre Channel does not.
Which of the following best describes the difference between east-west and north-south traffic in a datacenter?
East-west describes traffic between devices at the same layer of the OSI model, while north-south describes traffic between OSI model layers.
East-west traffic stays within the datacenter, while north-south traffic does not.
East-west is backbone traffic among switches and routers, while north-south is traffic to end systems, such as servers.
East-west is switch-to-switch traffic, while north-south is switch-to-router traffic
East-west traffic stays within the datacenter, while north-south traffic does not.
Which of the following cloud service models enables you to perform a new installation of an operating system of your choice?
PaaS
IaaS
DaaS
SaaS
IaaS
Which of the following is not the name of one of the layers in the three-tier datacenter architecture?
Access
Distribution
Core
Intermediate
Intermediate
Which of the following protocols are included in a Fibre Channel packet?
UDP
IP
TCP
None of the above
None of the above
In its primary functionality, a network attached storage (NAS) device is most closely associated with which of the following devices?
Failover cluster
JBOD
RAID
File server
File server
On which of the following virtual networking components can you create VLANs?
Virtual firewall
Virtual switch
Virtual router
Virtual NIC
Virtual switch
Ralph, the administrator of a 500-node private internetwork, is devising a plan to connect the network to the Internet. The primary objective of the project is to provide all of the network users with access to web and email services while keeping the client computers safe from unauthorized users on the Internet. The secondary objectives of the project are to avoid having to manually configure IP addresses on each one of the client computers individually and to provide a means of monitoring and regulating the users’ access to the Internet. Ralph submits a proposal calling for the use of private IP addresses on the client computers and a series of proxy servers with public, registered IP addresses, connected to the Internet using multiple T-1 lines. Which of the following statements about Ralph’s proposed Internet access solution is true?
The proposal satisfies the primary objective and one of the secondary objectives.
The proposal fails to satisfy both the primary and secondary objectives.
The proposal satisfies the primary objective and both of the secondary objectives.
The proposal satisfies the primary objective but neither of the secondary objectives
The proposal satisfies the primary objective and one of the secondary objectives.
Which of the following components is responsible for providing a virtualized hardware environment and running virtual machines?
vSwitch (virtual switch)
Virtual server
Hypervisor
VPN concentrator
Hypervisor
Top-of-rack switches most commonly form which layer of the datacenter topology?
Core
Spine
Leaf
Backbone
Leaf
Which of the following statements about the differences between Network Attached Storage (NAS) and Storage Area Networks (SANs) are true?
NAS devices typically provide a filesystem, whereas SAN devices do not.
NAS devices typically contain integrated iSCSI targets.
SAN provides file-level storage access, whereas NAS provides block-level storage access.
SAN devices have an operating system, whereas NAS devices do not
NAS devices typically provide a filesystem, whereas SAN devices do not.
Which of the following are examples of Virtual IP (VIP) addresses?
A public IP address substituted for a host’s own private IP address by a switch
An IP address assigned to a host workstation by a DHCP server
An IP address assigned to a host workstation by APIPA
An IP address assigned to a virtual NIC
An IP address assigned to a virtual NIC
For a complete restore of a computer that failed at noon on Tuesday, how many jobs would be needed if you performed full backups to tape at 6:00 a.m. every Wednesday and Saturday and incremental backups to tape at 6:00 a.m. every other day?
Two
Four
Three
One
Four
After using a tape backup solution for years, you have recently started backing up your server to an external hard disk drive. Your backup schedule calls for weekly full backups and daily incremental backups. In the past, performing a restore required multiple jobs, but now only a single job is needed. Why does performing incremental backups to a hard drive, rather than a tape drive, make it possible to restore a server with a single job, rather than multiple jobs?
Because hard drives use a different block size than tape drives
Because hard drives hold more data than tape drives
Because hard drives can transfer data faster than tape drives.
Because hard drives are random access devices and tape drives are not
Because hard drives are random access devices and tape drives are not
You are installing a new Windows server with two hard disk drives in it, and you want to use RAID to create a fault-tolerant storage system. Which of the following RAID levels can you configure the server to use?
RAID 10
RAID 0
RAID 5
RAID 1
RAID 1
You are negotiating an agreement with a provider for your company’s email service. You have been told to require a 99.99 percent guaranteed rate of service reliability, but the provider is only willing to guarantee 99 percent. Eventually, you and the provider agree on a compromise of 99.9 percent. Which of the following documents will include the negotiated language on this particular point?
BYOD
AUP
SLA
NDA
SLA
Which of the following is not a load balancing mechanism?
DNS round-robin
NIC teaming
RAID 1
Server clustering
RAID 1
Which of the following indicators is typically not included in an operating system’s performance monitoring tool, such as the Windows Performance Monitor or the MacOS Activity Monitor?
Memory consumption
CPU/processor activity
Network utilization
Temperature
Temperature
Which of the following syslog message severity levels indicates that a system is unusable?
3
1
0
2
0
If you have a server with dual power supplies, one of which is plugged into a single Uninterruptible Power Supply (UPS) and the other into a wall socket with a surge protector, and the building’s power circuit is connected to a backup generator, which failure can the server survive and keep running indefinitely?
Failure of two NICS
Failure of one NIC
Failure of the building power circuit
Failure of one server power supply
Failure of one server power supply
Disk mirroring and disk duplexing are both fault tolerance mechanisms for hard disk data storage. Which of the following statements about disk mirroring and disk duplexing is true?
Disk duplexing enables a server to survive a failure of a disk drive or a disk controller.
Disk mirroring enables a server to survive the failure of a disk drive.
Disk duplexing enables a server to survive the failure of a disk controller.
Disk mirroring enables a server to survive a failure of a disk drive or a disk controller.
Disk duplexing enables a server to survive a failure of a disk drive or a disk controller.
Which of the following is an element of high availability systems that enables them to automatically detect problems and react to them?
Backups
Failover
Snapshots
Cold sites
Failover
You have just completed negotiating an annual contract with a provider to furnish your company with cloud services. As part of the contract, the provider has agreed to guarantee that the services will be available 99.9 percent of the time, around the clock, seven days per week. If the services are unavailable more than 0.1 percent of the time, your company is due a price adjustment. Which of the following terms describes this clause of the contract?
SLA
AUP
MTTR
MTBF
SLA
Which of the following is the primary difference between the Power Distribution Units (PDUs) used in datacenters and the standard power strips used in offices and homes?
More outlets
Larger power output
All of the above
Larger power input
Larger power input
Which of the following port numbers is assigned to a Unix logging services program?
514
636
389
993
514
Which of the following is not one of the criteria typically used by load balancers to direct incoming traffic to one of a group of servers?
Which server has the fastest response time
Which server is next in an even rotation
Which server has the fastest processor
Which server has the lightest load
Which server has the fastest processor
When you configure NIC teaming on a server with two network adapters in an active/passive configuration, which of the following services is provided?
Server clustering
Load balancing
Fault tolerance
Traffic shaping
Fault tolerance
Which statement about backing up a firewall’s state and backing up its configuration is true?
A backup of a firewall’s state contains less data than a backup of its configuration.
A backup of a firewall’s state contains the exact same data as a backup of its configuration.
A backup of a firewall’s state includes its configuration.
A backup of a firewall’s configuration contains more data than a backup of its state.
A backup of a firewall’s state includes its configuration.
You are the network administrator of your company’s network. Your company wants to perform a baseline analysis of network-related traffic and statistics. They want to track broadcasts, Cyclical Redundancy Check (CRC) errors, and collisions for all traffic traversing a switched network. In addition, they want to provide historical and daily reports for management. They also want to keep track of software distribution and metering. What type of network software product best meets these needs?
SNMP management
Protocol analyzer
Performance Monitor
Network traffic monitor
SNMP management
Which of the following can be provided by clustering servers?
Load balancing
All of the above
Fault tolerance
Failover
All of the above
Which RAID level provides fault tolerance with the smallest amount of usable disk space?
RAID 0
RAID 5
RAID 1+1
RAID 10
RAID 1+1
Which of the following backup job types does not reset the archive bits of the files it backs up?
Differential
Full
Supplemental
Incremental
Differential
You are a new hire at Adatum Corp., and this is your first day on the job. You are setting up your workstation, but you are unsure whether you are permitted to install your favorite software on the company’s computer. The Human Resources server has a large library of employee documents. Which of the following is a document that you might want to consult to determine whether personal software is allowed?
BYOD
AUP
SLA
NDA
AUP
Which of the following best describes the difference between cold, warm, and hot backup sites?
The age of the most recent backup stored at the site
The time needed to get the site up and running
The cost of the hardware used at the site
Whether the backup site is owned, borrowed, or rented
The time needed to get the site up and running
To build a network with redundant Internet connections that ensures full fault tolerance, it is necessary to use which of the following?
Different WAN connections
Different ISPS
Different routers
All of the above
All of the above
Which network application is most likely to be affected by the wired network connectivity problem known as jitter?
Streaming video
Website access
Instant messaging
Streaming video
If you back up your network by performing a full backup every Wednesday at 6:00 p.m. and incremental backups in the evening of the other days of the week, how many jobs would be needed to completely restore a computer with a hard drive that failed on a Monday at noon?
Six
Two
One
Five
Five
You are installing a new server that is equipped with two power supplies. The server’s firmware enables you to set the mode in which the power supplies will be used. In which of the following modes must the dual power supplies be running for the system to be fault tolerant?
Combined mode
Individual mode
Hot backup mode
Redundant mode
Redundant mode
Redundant servers running in an active-active configuration provide what advantage that the same servers in an active-passive configuration do not?
Physical security
Increased performance
Data encapsulation
Fault tolerance
Increased performance
Which RAID level provides fault tolerance by storing parity information on the disks, in addition to the data?
RAID 0
RAID 10
RAID 1
RAID 5
RAID 5
If you back up your network by performing a full backup every Wednesday at 6:00 p.m. and differential backups in the evening on the other six days of the week, how many jobs would be needed to completely restore a computer with a hard drive that failed on a Tuesday at noon?
Seven
Six
Two
One
Two
Which type of backup job is supported by the Windows Server Backup program?
Full
Differential
Tape
Supplemental
Full
Delays in the transmission of data packets over a network can result in temporary service interruptions, dropouts, or even data loss. Which of the following terms is used to describe these delays?
Crosstalk
Attenuation
Electromagnetic interference (EMI)
Jitter
Jitter
Which of the following terms best describes a connectivity problem on wired networks that is caused by individual packets that are delayed due to network congestion, different routing, or queuing problems?
Bottleneck
Jitter
Attenuation
Latency
Jitter
Which of the following datacenter disaster recovery mechanisms is the least expensive to implement?
A cloud site
A warm site
A cold site
A hot site
A cloud site
Which of the following disaster recovery mechanisms is the least expensive to implement?
All of the options cost the same.
A cold site
A warm site
A hot site
A cold site
Parity is a fault tolerance technique used by disk storage arrays in which an additional parity bit is stored for a specified number of data bits. By using the parity information, the storage subsystem can calculate the values of bits that have been lost due to a disk failure, enabling the system to re-create the lost data. Redundant Array of Independent Disks (RAID) is a type of storage array that sometimes uses parity to provide fault tolerance. Which RAID level provides fault tolerance by using parity data?
RAID 0
RAID 1
RAID 5
RAID 10
RAID 5
When you run a port scanner on a server, which of the following is the result?
A list of the computer’s hardware ports that are currently in use
A list of the servers currently running user processes
A list of open ports through which the system can be accessed
A list specifying the numbers of packets transmitted and received by each network adapter on the system
A list of open ports through which the system can be accessed
Which of the following storage techniques prevents version skew from occurring during a system backup?
Incrementals
Iterations
Snapshots
Differentials
Snapshots
Which of the following RAID levels uses disk striping with distributed parity?
RAID 10
RAID 0
RAID 1
RAID 5
RAID 5
In a disaster recovery scenario, which of the following terms applies to devices that are not repairable?
MDT
MTBF
MTTR
MTTF
MTTF
Which RAID level provides fault tolerance without using parity data?
RAID 1
RAID 11
RAID 0
RAID 5
RAID 1
Alice receives a call from a user who cannot connect to the company’s 802.11n wireless network with a laptop that has an 802.11g network adapter. Other users working in the same area are able to connect to the network without difficuity. Which step should Alice take first to try to resolve the problem?
Check whether the wireless adapter in the user’s laptop is enabled
Provide the user with an 802.11n wireless network adapter
Change the channel used by the Wireless Access Point (WAP)
Check whether the user is connecting to the correct LAN
Check whether the wireless adapter in the user’s laptop is enabled
You are installing an ADSL router for your company’s new branch office. The router has a switch module containing four Ethernet ports, all of which are assigned to the default VLAN1. When you plug a laptop into one of the Ethernet ports, you can access the Internet with no difficulties. You now need to connect the ADSL router to the company network so that the Wireless Access Points (WAPs) on the network can provide users with Internet access through the ADSL router. However, when you plug the router into a network switch port that is assigned to VLAN4, the switch starts generating “Native VLAN mismatch detected” errors once every minute. Which step should be part of the solution you implement to stop the error messages from appearing?
Create a VLAN1 on the network switch.
Configure the router port connected to the network switch to use VLAN4.
Create a VLAN1 on the ADSL router’s switch module.
Configure the network switch port connected to the router to use VLAN1
Create a VLAN1 on the ADSL router’s switch module
You are working your company’s IT help desk, where you are required to follow a specific troubleshooting protocol when handling calls from users. In which of the following troubleshooting steps would you create a trouble ticket?
Document findings, actions, and outcomes
Test the theory to determine the cause
Implement the solution or escalate as necessary
Identify the problem
Identify the problem
You are working your company’s IT help desk, and you have had several calls from users who are reporting problems with their Voice over Internet Protocol (VoIP) and streaming video connections. In each case, the audio or video connection experiences frequent dropouts in sound or video, causing frustrating interruptions. Which of the following terms describes a connectivity problem on a wired network that could cause these symptoms?
Jitter
Attenuation
Bottleneck
Latency
Jitter
Ralph is having trouble providing satisfactory wireless network performance to some executive offices at the far end of the building. The offices have heavy doors and insulated walls for sound dampening, and the occupants typically leave their doors closed during work hours. Which of the following types of radio signal interference is Ralph trying to overcome?
Absorption
Reflection
Diffraction
Refraction
Absorption
You receive a call at the IT help desk from a user who has recently moved to a new office in the company building, down the hall from her old one. Since the move, she has only been able to access the company’s wireless network with her laptop intermittently. The network is based on 802.11n equipment, and it is using the 2.4 GHz frequency and the WPA2 security protocol. The user never had a problem in her previous office location. Which of the following could not possibly be the cause of her problem?
The user’s laptop is configured with the wrong WPA2 passphrase.
The user’s new office is farther from the access point than her old one.
The user’s laptop is connecting to the wrong SSID.
The user’s laptop is configured to use the 5 GHz frequency.
The user’s new office is farther from the access point than her old one
You have constructed a network on which all of the computers are connected to a single switch. You then create Virtual Local Area Networks (VLANs) on the switch, corresponding to the company’s departments, and add the switch port for each user workstation and department server to the appropriate VLAN. Later, users report that while they can access their departmental servers and the workstations of other users in the same department, they cannot communicate with any of the other departments. What is the problem, and what must you do to correct it?
VLANs are limited to data link layer communication only. To enable communication between the VLANs, you must install a router or a layer 3 switch on the network and configure it to route traffic between the VLANs.
There is a faulty VLAN configuration on the switch. You must re-create all of the VLANs and configure each VLAN for routing
One of the VLANs is configured to filter all of the other VLAN traffic for security purposes. You must change the filter on this one VLAN.
The VLANS using different data link layer protocols. You must configure the VLANs to use the same data link layer protocol in order for them to communicate with each other.
VLANs are limited to data link layer communication only. To enable communication between the VLANs, you must install a router or a layer 3 switch on the network and configure it to route traffic between the VLANs.
Clients of Ralph’s company are calling to complain that, when they try to access the company’s website, they see an error message stating that the website has an untrusted security certificate. They are afraid that they are connecting to an unprotected site or that the site has been taken over by hackers. What must Ralph do to address this problem?
Install a certification authority on one of the network servers
Configure the web servers to generate a self-signed certificate
Explain to the clients that it is safe to bypass the error message and proceed to the website
Obtain an SSL certificate from a trusted third-party company
Obtain an SSL certificate from a trusted third-party company
Alice is having trouble with a new fiber-optic cable run that has just been installed between two buildings on her company’s campus. To confirm that there is a problem with the cables, Alice consults the wiring diagram provided by the cable installer and begins to calculate the optical power loss resulting from cable installation factors such as the type of cable used, the attenuation resulting from the length of the cable runs, and the number and type of splices. Which of the following terms describes the calculations that Alice is performing?
Optical link budget
Protocol analysis
Received Signal Strength Indication (RSSI)
Routing loop
Optical link budget
A user, Ed, is reporting what appear to be intermittent traffic interruptions on his workstation. Sometimes he receives responses to his server requests, and sometimes not. It does not seem to be an Internet issue, because the problem also occurs with local server requests. While troubleshooting the problem, Ralph performs a series of packet captures and analyzes the network traffic. He discovers that all of the request messages generated by Ed’s workstation have responses on the network, but in some cases, the responses are going to a workstation other than Ed’s. Which of the following conditions could be causing this to happen?
Duplicate IP addresses
Incorrect host firewall settings
Blocked TCP/UDP ports
Duplicate MAC addresses
Duplicate MAC addresses
Which of the following is not a general troubleshooting step?
Verify that the router is forwarding.
Implement the solution or escalate as necessary
Verify full system functionality and, if applicable, implement preventive measures
Document findings, actions, and outcomes
Verify that the router is forwarding.
Ralph has begun to receive calls from users reporting that they cannot access the local network or the Internet. Ralph checks their computers and discovers that all of the users with a problem have IP addresses in the 169.254.0.0/16 network, which is not the address used on Ralph’s network. Which of the following might be the cause of the problem?
There is a rogue DHCP server somewhere on the network.
The users have tried to modify their IP configuration settings.
The IP address leases assigned by the DHCP server have expired.
The users’ workstations have been infected by a form of malware
The IP address leases assigned by the DHCP server have expired.
Despite having imposed password policies on your network that compel users to change their passwords frequently, create passwords of a specific length, and use complex passwords, you have still had several reports of account penetrations. After investigating the incidents, you determine that the victims had all apparently shared a “tip” suggesting that users cycle through the names of their children, nephews, nieces, and other relatives when forced to create new passwords, changing letters to numbers as needed. Which of the following actions can you take to remedy the situation without creating a larger problem?
Assign the users long passwords consisting of random-generated characters and change them often.
Change the minimum password age policy to a larger value.
Modify the password policies to force users to change passwords more frequently.
Distribute a list of common passwords that are insecure, such as those based on names, birth dates, etc.
Distribute a list of common passwords that are insecure, such as those based on names, birth dates, etc.
Trixie has recently moved to a new office in her company’s building, down the hall from her old one. Since the move, she has only been able to access the wireless network with her laptop intermittently. She never had a problem in her previous location. Which of the following could possibly be the cause of her problem?
There are too many walls between Trixie’s new office and the AP
Trixie’s new office is too close to the Access Point (AP).
Her laptop is connecting to the wrong SSID.
The AP is using an omnidirectional antenna.
There are too many walls between Trixie’s new office and the AP
Ralph is setting up a network connection for a new vice president, who is supplying his own laptop under the company’s Bring Your Own Device (BYOD) policy. He plugs the computer into the wall plate, and the link pulse Light-Emitting Diode (LED) lights up. Then, back in the datacenter. he uses a patch cable to connect the corresponding port in the patch panel to a port in the network switch. Later, the VP calls Ralph to report that data transfers between his laptop and the network servers are extremely slow. Which of the following could explain the problem?
The network adapter drivers on the laptop are outdated.
There is a duplex mismatch between the laptop and the network switch.
The switch port is disabled.
Ralph used a crossover cable to connect the laptop to the wall plate.
There is a duplex mismatch between the laptop and the network switch.
A user calls Alice at the help desk to report that her mouse has stopped working, she cannot access the Internet, and all of her email has disappeared from her inbox. Which of the following would be the best course of action for Alice to take?
Create a separate trouble ticket for each problem
Have the caller’s computer replaced with a new one
Escalate the call to a senior technician
Send a technician to the user’s site to address all of the problems.
Create a separate trouble ticket for each problem
Ralph has installed a new Category 5e (Cat 5e) cable run himself. He has attached keystone connectors to both ends of the cable, mounted the office-side connector to a wall plate, and mounted the datacenter connector into a patch panel. Then he took a patch cord and connected the patch panel port to an open port in one of the network switches. However, the Light-Emitting Diode (LED) on the switch port does not light. What should Ralph do?
Plug a computer into the wall plate
Repull the cable run using Category 6 cable
Make sure the switch port is not disabled
Check the cable run for wiring faults
Plug a computer into the wall plate
Which of the following is considered a systemwide error?
A problem with a router that affects only one Local Area Network (LAN)
A fatal error that causes a single computer to fail
A problem with an order entry or customer service call center resource
A problem with an email server that affects all network users
A fatal error that causes a single computer to fail
Ralph is the administrator of a small company’s wireless network. He has recently discovered evidence that users outside of the company’s office space have been accessing its wireless network. The office is located in a narrow space against the building’s outside wall. Ralph is concerned that the network’s Wireless Access Point (WAP) is extending coverage outside the building. Speaking with a consultant friend of his Ralph is advised to install a different type of antenna on his Access Point (AP). Which of the following antenna types would most likely help Ralph to alleviate the problem?
Unidirectional
Dipole
Yagi
Patch
Patch
Which of the following network interface occurrences is considered to be a malfunction on a full-duplex Ethernet network but is not a malfunction on a half-duplex Ethernet network?
Giants
Late collisions
Runts
Collisions
Late collisions
Which step of the troubleshooting model involves replacing components until a faulty hardware device is identified?
Test the theory to determine the cause
Document findings, actions, and outcomes
Verify full system functionality.
Establish a plan of action to resolve the problem
Test the theory to determine the cause
Ed is a first-tier support technician. He receives the help calls listed here. His job is to prioritize them based on their severity. Which of the following should be the problem that receives the lowest priority?
A problem with a mission-critical backbone router that affects an entire network
A fatal error that causes a single computer to fail
A problem with an application server that affects a single LAN
A problem with an order entry or customer service call center resource that affects an entire department, with multiple Local Area Networks (LANs)
A fatal error that causes a single computer to fail
Alice’s network has been experiencing intermittent service slowdowns and outages ever since the company moved into their new building. She has tried every troubleshooting procedure she can think of and has not been able to determine the cause. One particular user, hoping to be the squeaky wheel that gets the grease, has taken to calling Alice every time he experiences a problem. One day, as she is working in the datacenter, Alice notices that the user calls her every time she hears an additional humming noise begin. After examining the doors in the hallway, Alice realizes that the racks containing her switches are located right next to the building’s elevator machinery room. Which of the following conditions is probably causing the network communication problem?
EMI
Attenuation
NEXT
FEXT
EMI
Ralph is working with an Asymmetric Digital Subscriber Line (ADSL) router that has a switch module containing four Ethernet ports, all of which are assigned to the default VLAN1. Ralph can plug a laptop into one of the router’s ports and access the Internet with no problems. Ralph now needs to connect the ADSL router to the company network, so that the wireless access points on the network can provide users with Internet access through the ADSL router. However, when Ralph plugs the router into a network switch port in VLAN4, the switch starts generating “Native VLAN mismatch detected” errors every minute. Which step should be part of the solution Ralph implements to stop the error messages?
Configure the network switch port connected to the router to use VLAN1
Create a VLAN1 on the network switch
Configure the router port connected to the network switch to use VLAN4
Create a VLANS on the network switch
Configure the router port connected to the network switch to use VLAN4
Which statement about prioritizing help calls is true?
Departmental problems take precedence over networkwide problems.
Individual desktop problems take precedence over problems with shared resources.
Problems with shared resources take precedence over individual desktop problems.
Networkwide problems take precedence over security problems.
Problems with shared resources take precedence over individual desktop problems
In which troubleshooting step is a trouble ticket created?
Test the theory to determine cause
Establish a plan of action to resolve the problem and identify potential effects
Document findings, actions, and outcomes
Identify the problem
Identify the problem
A user calls you at the IT help desk and reports that she is having intermittent problems accessing both local servers and internet websites. Which of the following potential problems can you rule out immediately?
Duplicate Media Access Control (MAC) addresses
Malfunctioning Domain Name System (DNS) server
Malfunctioning router
Duplicate IP addresses
Duplicate IP addresses
A user calls the company’s IT help desk to report that she has received an error message on her Windows workstation. The error states that her computer has an IP address that is duplicated on the network. Ralph is concerned that there might be a configuration problem with the DHCP servers on the network. He suspects that there are DHCP servers configured with scopes that overlap, resulting in two DHCP servers assigning the same IP addresses to different clients. He is worried that they are about to receive a flood of calls reporting the same problem. Alice reassures Ralph, telling him that it cannot be a DHCP problem, and that there must be two computers that are manually configured with the same IP address. How does Alice know this?
Because DHCP servers use DNS queries to check for duplicate IP addresses
Because Windows computers check the routing table before accepting an IP address from a DHCP server
Because it is only possible to have one DHCP server on a given subnet
Because DHCP clients use ARP broadcasts to check for duplicate IP addresses
Because DHCP clients use ARP broadcasts to check for duplicate IP addresses
You are in the process of troubleshooting a user’s computer that is malfunctioning. Which step of the troubleshooting model involves replacing computer components until you have identified a faulty hardware device?
Test the theory to determine the cause
Verify full system functionality
Gather information.
Document findings, actions, and outcomes
Test the theory to determine the cause
Alice receives a call in which a user reports that he is unable to send print jobs to the network-attached workgroup printer near his desk. Which of the following tasks should Alice perform first?
Reinstall the printer driver on the user’s workstation.
Check to see if there are printer firmware upgrades available.
Examine the switches to which the user’s workstation and the printer are connected.
Test network connectivity to the printer using the ping command.
Test network connectivity to the printer using the ping command.
In the standard troubleshooting methodology, which of the following steps appears last, but must actually be practiced throughout the troubleshooting process?
Verify full system functionality and, if applicable, implement preventive measures
Establish a plan of action to resolve the problem and identify potential effects
Document findings, actions, and outcomes
Implement the solution or escalate as necessary
Document findings, actions, and outcomes
Alice’s company is opening a new branch office, and Alice is responsible for building the domain controller for that office. She installs a new Windows server and configures it as a domain controller, and then ships it to the new office site. However, once it arrives and is connected to the home office network, the new domain controller fails to synchronize with the existing ones at the home office. Which of the following could be the cause of the problem?
Incorrect default gateway address
Server hardware failure
Duplicate IP addresses
Incorrect time
Incorrect time
You are troubleshooting a workstation that cannot access the network. The workstation is plugged into a wall plate that should provide it with access to a DHCP-equipped network using the 192.168.4.0/24 network address. No one else on that network is reporting a problem. You check that the patch cable is properly plugged into the workstation and the wall plate, which they are, and then run
The DHCP scope is exhausted.
The DNS server addresses are incorrect.
The Default Gateway address is missing.
The Subnet Mask value is incorrect.
The DHCP scope is exhausted
A user reports that she cannot connect to a server on her network. You want to identify the scope of the problem, so you try to reproduce the problem on the user’s computer. The problem persists. No other users are reporting the same problem. What is the next logical step that you should perform to identify the affected area?
Confirm that the switch the client is connected to is functioning
Perform the same task on another computer connected to the same segment.
Verify that the local router is forwarding traffic.
Examine the server’s configuration for the correct settings.
Perform the same task on another computer connected to the same segment
Ralph is a first-tier technician working the help desk. After identifying a network problem submitted by multiple users, Ralph comes up with a theory specifying a possible source of the problem and sets about testing his theory. Unfortunately, testing indicates that Ralph’s theory is wrong; the source he suspected is not the cause of the problem. Which of the following should not be the next step in Ralph’s troubleshooting process?
Repeat the process of establishing a theory of probable cause
Begin replacing components that might contribute to the problem
Escalate the problem to a second-tier technician
Reinterview the users to gather more information about the problem
Begin replacing components that might contribute to the problem
When troubleshooting, you begin by taking steps to identify the problem. After you do this, which of the following steps should you perform next?
Establish a plan of action
Verify full system functionality
Establish a theory of probable cause
Implement the solution
Establish a theory of probable cause
Which step of the troubleshooting model involves identifying whether hardware or software has been recently installed or reconfigured?
Establish a plan of action to resolve the problem and identify potential effects
Determine if anything has changed.
Document findings, actions, and outcomes
Test the theory to determine cause
Determine if anything has changed.
Ralph is experiencing long Access Point (AP) association times and generally poor performance on his home 802.11n wireless network. Ralph lives in a large apartment complex, and when he runs a WiFi analyzer, he sees many other nearby networks using the often-recommended channels 1, 6, and 11 on the 2.4 GHz frequency. Using the 5 GHz frequency is not an option for Ralph’s equipment. What should Ralph do to improve his network performance?
Configure his equipment to use channel 5
Configure his equipment to use channel 10
Configure his equipment to use channel 9
Configure his equipment to use channel 2
Configure his equipment to use channel 9
Which of the following troubleshooting steps involves prioritizing trouble tickets based on the severity of the problem?
Establish a theory of probable cause
Identify symptoms of the problem
Establish a plan of action to resolve the problem and identify potential effects.
Test the theory to determine cause
Identify symptoms of the problem
In which troubleshooting step do you create a record of your activities and inform the user of what happened and why?
Verify full system functionality and, if applicable, implement preventive measures
Document findings, actions, and outcomes
Establish a plan of action to resolve the problem and identify potential effects
Implement the solution or escalate as necessary
Document findings, actions, and outcomes
