Comptia Network+ (N10-008) Flashcards

Question 1

Q

Generic Routing Encapsulation (GRE) is a protocol for wrapping data packets inside secondary data packets in order to set up a direct point-to-point network connection..

Which of the following extends this capability from a limited number of sites by dynamically establishing tunnels without the need to explicitly configure mapping entries?

a. GRE2

b. zGRE

c. xGRE

d. mGRE

Answer

A

d. mGRE

While GRE provides a secure private path for packets through a public network using a point-to-point tunnel between two sites, Multipoint Generic Routing Encapsulation (mGRE) extends this capability from a limited number of sites by dynamically establishing tunnels without the need to explicitly configure mapping entries.

The other options presented do not exist and are, thus, incorrect.

Question 2

Q

Which of the following is designed to keep the system’s uptime running in the event of a disaster?

a. High availability
b. Load balancing
c. Quality of Service
d. Caching engines

Answer

A

a. High availability

High availability (HA) is a component of a technology system that eliminates single points of failure to ensure continuous operations or uptime for an extended period. If a network switch or router stops operating correctly (meaning that a network fault occurs), communication through the network could be disrupted, resulting in a network becoming unavailable to its users. Therefore, network availability, called uptime, is a major design consideration for high availability networks.

Question 3

Q

A cable operator needs to transition from one cable type to another.

Which of the following would be best help?

a. MDI
b. Repeater
c. Hub
d. Media converter

Answer

A

d. Media converter

Where a repeater connects two cable segments of the same type, a media converter transitions from one cable type to another.

Media converters also work at Layer 1, the Physical Layer of the OSI model.

When Ethernet gets wired with a hub, there needs to be a means of distinguishing the interface on an end system with the hub. The end system interface is known as Medium Dependent Interface (MDI)

**Repeaters **overcome distance limitations by boosting the signal somewhere along the cable run. A repeater works at the physical layer (Layer 1) of the OSI model and is transparent concerning the rests of the network infrastructure.

A **Hub **acts like a multiport repeater, so that every port receives transmissions sent from any other port.

Question 4

Q

Which of the following is the IEEE specification developed to ensure interoperability of VLAN technologies from the various vendors?

a. 802.1X

b. 802.1z

c. 802.1Q

d. 802.1s

Answer

A

c. 802.1Q

IEEE 802.1Q is the networking standard that supports Virtual LANs (VLANs) on an Ethernet network and was developed to ensure interoperability of VLAN technologies from the various vendors.

The standard defines a system of VLAN tagging for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames.

Question 5

Q

Which of the following is MOST likely to generate significant East-West traffic in a datacenter?

a. A backup of a large video presentation to cloud storage for archival purposes

b. A duplication of a hosted virtual server to another physical server for redundancy

c. A download of navigation data to a portable device for offline access

d. A query from an IoT device to a cloud-hosted server for a firmware update

Answer

A

b. A duplication of a hosted virtual server to another physical server for redundancyis MOST likely to generate significant East-West traffic in a datacenter

Question 6

Q

A branch of a company recently switched to a new ISP. The network engineer was given a new IP range to assign. The ISP assigned 196.26.4.0/26, and the branch gateway router now has the following configurations on the interface that peers to the ISP:

IP Address: 196.26.4.30
Subnet Mask: 255.255.255.224
Gateway: 196.24.4.1

The network engineer observes that all users have lost Internet connectivity.

Which of the following describes the issue?

a. The incorrect subnet mask was configured
b. The incorrect gateway was configured
c. The incorrect IP address was configured
d. The incorrect interface was configured

Answer

A

a. The incorrect subnet mask was configured

A CIDR of /26 would give a subnet of 255.255.255.192

Question 7

Q

In a crossover cable, which wire is wire 1 crossed with?

a. 4

b. 5

c. 3

d. 2

Answer

A

c. 3

In a crossover cable, wires 1 and 3 and wires 2 and 6 are crossed.

Question 8

Q

After a recent breach, the security technician decides to aggregate and analyse its security logs. Which system should be used?

a. Event log
b. Syslog
c. SIEM
d. SNMP

Answer

A

c. SIEM

Security information and event management (SIEM) is a term for software products and services combining security information management (SIM) and security event management (SEM).

A SIEM can consolidate syslog, SNMP, and event log data into a single repository. Security logs can be analysed and aggregated.

Question 9

Q

What speed and frequency does Wireless standard 802.11n have?

Answer

A

802.11n:

74Mbs-600Mbs
2.4GHz & 5GHz

Question 10

Q

A network technician has set up a link where the cable length exceeds the distance limitation and may not achieve the required speed or be unreliable. What should the network technician use in this case?

a. Media Converter
b. Repeater
c. MDI
d. Hub

Answer

A

b. Repeater

A repeater works at the physical layer (Layer 1) of the OSI model and overcomes distance limitations by boosting the signal somewhere along the cable run.

a. Media Converter
Where a repeater connects two cable segments of the same type, a media converter transitions from one cable type to another. Media converters also work at the Physical Layer of the OSI model.

c. MDI
When Ethernet gets wired with a hub, there needs to be a means of distinguishing the interface on an end system with the hub. The end system interface is known as Medium Dependent Interface (MDI).

d. Hub
A hub acts like a multiport repeater so that every port receives transmissions sent from any other port.

Question 11

Q

What is the network ID associated with the host located at 205.12.35.26/27?

a. 205.12.35.32
b. 205.12.35.48
c. 205.12.35.0
d. 205.12.35.16

Answer

A

c. 205.12.35.0

In classless subnets using variable length subnet mask (VLSM), the network ID is the first IP address associated within an assigned range. In this example, the CIDR notation is /27, so each subnet will contain 32 IP addresses.

This means that there eight networks in this class C range: 205.12.35.0, 205.12.35.32, 205.12.35.64, 205.12.35.96, 205.12.35.128, 205.12.35.160, 205.12.35.196, and 205.12.35.224.

Since the IP address provided is 205.12.35.26, it will be in the 205.12.35.0/27 network.

Question 12

Q

At which layer of the OSI model does STP operate?

a. Transport

b. Session

c. Data link

d. Presentation

Answer

A

c. Data link

Protocols and technologies such as Spanning Tree Protocol (STP) operate at the data link layer.

Question 13

Q

What type of connector is this?

a. MTRJ Connector.
b. RJ-45
c. SC (Subscriber Connector)
d. LC (Lucent Connector)
e. FC (Ferrule Core Connector)
f. RJ-11
g.ST (Straight Tip Connector)

Answer

A

d. LC (Lucent Connector)

The LC Connectors have a flange on top, similar to an RJ-45 connector that aids secure connection.

Question 14

Q

This week, you’ve been assigned to help solve connectivity problems between the home office and several remote locations. What type of legacy device provides serial communication capabilities across phone lines?

a. A router

b. A modem

c. PBX

d. A switch

Answer

A

b. A modem

A traditional modem provides serial communication capabilities across phone lines.

Question 15

Q

aA helpdesk technician is reviewing the network layout in various areas. What is the purpose of subnetting?

A. Layer 2 tracking
b. Layer 3 segments
c. Port security
d. Flow control

Answer

A

b. Layer 3 segments

Subnetting creates Layer 3 broadcast domain segments with fewer hosts.

Question 16

Q

A network administrator updated an internet server to evaluate some new features in the current release. A week after the update, the internet server vendor warns that the latest release may have introduced a new vulnerability, and a patch is not available for it yet.

Which of the following should the administrator do to mitigate the risk?

a. Utilize WAF to restrict the malicious activity to the internet server
b. Downgrade the server and defer the new feature testing
c. Enable the host-based firewall on the internet server
d. Enable HIPS to protect the server until the patch is released

Answer

A

c. Enable the host-based firewall on the internet server

Enabling the host-based firewall adds an additional layer of protection to the server by controlling incoming and outgoing network traffic based on a set of predefined rules. This can help in restricting access to vulnerable services or applications on the server, reducing the potential impact of the identified vulnerability.

Utilize WAF (Web Application Firewall) A WAF is generally used to protect web applications from various attacks. While it adds security, it might not directly address vulnerabilities introduced by the specific update on the internet server.

Downgrade the server and defer the new feature testing: While downgrading may temporarily remove the new feature, it might not be a feasible or recommended solution, especially if the new feature is essential or brings significant improvements.

Enable HIPS (Host-based Intrusion Prevention System) to protect the server: HIPS can provide additional security by monitoring and preventing malicious activities on the host. However, enabling the host-based firewall is a more specific and targeted measure in response to a known vulnerability.

In summary, enabling the host-based firewall is a proactive step to mitigate the risk until a patch becomes available.

Question 17

Q

What are the meanings of cloud basics:

A. Elasticity
B. Scalability
C. Multi-tenancy?

Answer

A

A. Elasticity is the ability to increase or decrease resources based on the demand of the your applications, services etc.

B. Scalability enables quickly increasing resources without the investment of more on-site hardware by utilizing the cloud’s resources.

C. Multi-tenancy refers to a cloud provider’s ability to host multiple tenants on the same infrastructure.

Question 18

Q

Which type of media is used to connect telecommunication rooms, server rooms, and remote locations and offices?

a. Vertical

b. Tracer

c. PLC

d. Plenum

Answer

A

a. Vertical

Vertical cable, or backbone cable, refers to the media used to connect telecommunication rooms, server rooms, and remote locations and offices.

Plenum cable is used in the space between the structural ceiling and a drop-down ceiling.

PLC and Tracer are fictitious choices.

Question 19

Q

A network technician wants to upgrade the company’s hub to avoid collisions.

Which solution would help the technician accomplish this to the fullest extent?

a. Router
b. Switch.
c. Bridge
d. Hub

Answer

A

b. Switch

An Ethernet Layer 2 Switch performs a similar function as a bridge, but in a more granular way, and for many more ports than bridges support. Each switch port is a separate collision domain.

The router’s other interfaces divide the network into 3 logical subnetworks. These subnets map to Layer 2 segments, each implemented using a Switch.

An Ethernet **bridge **works at the Data Link Layer (Layer 2), establishing separate physical network segments while keeping all nodes in the same logical network, reducing the number of collisions

Hubs have no configuration options. The technician connects the device to a power source and then connects the network cables for the hosts, becoming part of the network segment served by the hub.

Question 20

Q

What is SIEM?

Answer

A

Security Information and Event Management (SIEM)

SIEM gathers logs and data from all sorts of different systems.

It provides real-time or near real-time analysis of security alerts generated by network hardware and applications

Question 21

Q

What are Hash values used for?

Answer

A

Hashes values are used for verifying data, not for encryption.

Hash values are always fixed in size
Two common hashes are MD5 and SHA-1

A hash function is any function that can be used to map data of arbitrary size to fixed-size values, though there are some hash functions that support variable length output. The values returned by a hash function are called hash values, hash codes, digests, or simply hashes

Question 22

Q

What might be an example of a network metric?

A. Bandwidth Usage
B. Memory Timings
C. CPU Usage
D. Dropped Packets

Answer

A

A. Bandwidth Usage

Bandwidth usage is very important when determining if your network is running at optimal performance.

Memory timings and CPU usage are more of a local hardware issue.

Dropped packets is something left from pinging another device.

Question 23

Q

A User moves seamlessly between access points when walking between two campus buildings. Which of the following provides this functionality?

a. Cellular Roaming

b. MU-MIMO

c. ESSID

d. CSMA/CA

e. WPA3

Answer

A

c. EESID

Extended Service Set Identification (ESSID)

Mesh WiFi uses standards (such as 802.11s) where the mesh topology is more complex and the repeaters or access points are all part of the same ESSID (Extended Service Set Identification) which provides a seamless connection.

Question 24

Q

Which of the following DNS record types is a pointer to the canonical name, which is used to perform a reverse DNS lookup?

a. NS

b. PTR

c. CNAME

d. MX

Answer

A

b. PTR

A PTR record is a pointer to the canonical name, which is used to perform a reverse DNS lookup, in which case the name is returned when the query originates with an IP address.

Question 25

Q

What Is the Principle of Least Privilege?

Answer

A

The principle of least privilege (PoLP) is an information security concept which maintains that a user or entity should only have access to the specific data, resources and applications needed to complete a required task.

Organizations that follow the principle of least privilege can improve their security posture by significantly reducing their attack surface and risk of malware spread.

The principle of least privilege is also a fundamental pillar of zero trust network access (ZTNA) 2.0 which provides the ability to accurately identify applications and specific application functions across any and all ports and protocols, including dynamic ports, regardless of the IP address or fully qualified domain name (FQDN) an application uses.

Question 26

Q

Which metric defines the largest data unit that can be passed without fragmentation?

a. DMZ

b. QoS

c. MTU

d. OSPF

Answer

A

c. MTU

The maximum transmission unit (MTU) defines the largest data unit that can be passed without fragmentation.

Question 27

Q

Which of the following technologies could be used to ensure that users who log into the network are physically in the same building as the network they are attempting to authenticate on? (Select TWO)

a. GPS location
b. NAC
c. Port Security
d. Geo-IP

Answer

A

a. GPS location and b. NAC

GPS (Global Positioning System) can provide accurate geographic location information. It can be used to verify the physical location of a device, ensuring it is within the specified building or area.

NAC (Network Access Control) solutions can enforce policies based on various factors, including the physical location of the device. NAC may integrate with other technologies, such as endpoint security software or network infrastructure, to assess and control access based on location.
The other options are not directly related to verifying the physical location of users in a building:

Port Security is more focused on controlling access to switch ports based on MAC addresses and is not designed to verify the physical location of users.

Geo-IP is a technology that determines the geographical location of a device based on its IP address. While it can provide a general location, it may not be as precise as GPS and may not be suitable for ensuring users are within a specific building.

Question 28

Q

What is the network ID associated with the host located at 192.168.0.123/29?

a. 192.168.0.64
b. 192.168.0.112
c. 192.168.0.120
d. 192.168.0.96

Answer

A

c. 192.168.0.120

Question 29

Q

Which of the following is an architecture that specifies a simple and coarse-grained mechanism for classifying and managing network traffic and providing QoS on modern networks?

a. PPoE

b. CoS

c. Diffserv

d. PoE

Answer

A

c. Diffserv

Diffserv (Differentiated services code point) is an architecture that specifies a simple and coarse-grained mechanism for classifying and managing network traffic and providing QoS on modern networks.

a. PPoE (Point-to-Point Protocol over Ethernet) is a network protocol that facilitates communication between network endpoints.

b. CoS (Class of Service) in an Ethernet trunk, CoS is used to define trunk connections as full-duplex, incoming only, or outgoing only.

d. PoE (Power over Ethernet) is technology that passes electric power over twisted-pair Ethernet cable to powered devices (PD)

Question 30

Q

A network architect is assessing network performance.

Which of the following is part of the CSMA/CD protocol to identify collisions early? (Select ALL that apply):

a. CRC
b. FCS
c. Preamble
d. SFD

Answer

A

c. Preamble and d. SFD

The preamble and the Start Frame Delimiter (SFD) are for clock synchronization and as part of the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) protocol to identify collisions early.

The error checking field contains a 32-bit (4-byte) checksum called the Cyclic Redundancy Check (CRC) The CRC is calculated based on the contents of the Frame.

The Cyclic Redundancy Check is also known as the Frame Check Sequence (FCS). There is no mechanism for retransmission if the damage is detected, nor is the CRC completely accurate at detecting damage.

Question 31

Q

How do you break down an IPv6 Address?

Answer

A

All IPv6 addresses are 128 bits long.

They are written as 8 groups of 4 hexadecimal digits (16 bits each) and the hexadecimal groups range from 0 to FFFF.

Each group is separated by colons (:)

Question 32

Q

Which of the following is a fiber standard for Gigabit Ethernet that utilizes single-mode fiber?

a. 1000BASE-SX

b. 1000BASE-LX

c. TIA/EIA 568a

d. RG-6

Answer

A

b. 1000BASE-LX

The 1000BASE-LX fiber standard for Gigabit Ethernet utilizes single-mode fiber.

1000BASE-SX is intended for use with multimode fiber and has a maximum length of 220 meters for default installations.

TIA/EIA 568A (and 568B) are telecommunications standards that specify the pin arrangements for the RJ-45 connectors on UTP or STP cables.

RG-6 is a common type of coaxial cable often used for cable TV and cable modems.

Question 33

Q

You experience connectivity problems with your SOHO network. What can you change in an attempt to solve this problem?

a. Raise the transfer rate.

b. Lower the transfer rate.

c. Remove all encryption.

d. Shorten the SSID.

Answer

A

b. Lower the transfer rate.

If you experience connectivity problems between wireless devices, try using the lower transfer rate in a fixed mode to achieve a more stable connection.

The higher the transfer rate, the shorter the connection distance.

Question 34

Q

What utilises Ports 2427 & 2727?

Answer

A

Media Gateway Control Protocol (MGCP)

A protocol used within a distributed Voice over IP system.

TCP, UDP: MGCP uses TCP or UDP as its transport protocol.

The well known port for MGCP gateway traffic is 2427.

The well known port for MGCP call agent traffic is 2727

Question 35

Q

What is the IPv6 equivalent of 127.0.0.1? (Choose two.)

a. ::1
b. ::24
c. 0:0:0:0:0:0:0:1
d. 0:0:0:0:0:0:0:24

Answer

A

a. ::1 and c. 0:0:0:0:0:0:0:1

The IPv4 address 127.0.0.1 is reserved as the loopback address, and IPv6 has the same reservation. IPv6 addresses 0:0:0:0:0:0:0:0 and 0:0:0:0:0:0:0:1 are reserved as the loopback addresses.

The address 0:0:0:0:0:0:0:1 can be shown using the :: notation with the 0s removed, resulting in ::1.

Question 36

Q

A multilayer switch is one that can operate at both Layer 2 and Layer 3 of the OSI model, which means the multilayer device can operate as which two of the following devices?

a. A switch and a hub

b. A switch and a router

c. A bridge and a hub

d. A bridge and a switch

Answer

A

b. A switch and a router

A multilayer switch can operate at both Layer 2 and Layer 3 of the OSI model, which means the multilayer device can operate as both a switch and a router.

Question 37

Q

What kind of connector is this?

Answer

A

ST Connector

Straight Tip connector

The ST Connector uses a half-twist bayonet type of lock.

Question 38

Q

Which of the following is a method of virtualizing network services instead of running them on proprietary hardware?

a. WLAN

b. NFC

c. NFV

d. SDWAN

Answer

A

b. NFV

Network function virtualization (NFV) is a method of virtualizing network services instead of running them on proprietary hardware.

This is not true of the other options presented.

Question 39

Q

IPv4 has automatic private IP addressing within the range beginning 169.254.0.0. What is the equivalent addressing in IPv6?

a. There is not an equivalent

b. 0000:: prefix

c. FE80:: prefix

d. FFFF:: prefix

Answer

A

c. FE80:: prefix

In IPv6, the FE80:: prefix is equivalent to the 169.254.0.0 range (automatic private IP addressing) in IPv4.

The other choices are incorrect because the FE80:: prefix is equivalent to the 169.254.0.0 range in IPv4

Question 40

Q

Which of the following is a proprietary protocol from Cisco used to reduce administration in the switched network?

a. VNMP

b. VCPN

c. VTP

d. VNMC

Answer

A

c. VTP

VLAN Trunking Protocol (VTP) is used to reduce administration in the switched network.

Question 41

Q

What is the 1st Octet value range of a Class A subnet and how many possible Hosts does that provide?

Answer

A

Class A:

1st Octet value range is from 1 to 127
Provides 16.7 million possible hosts

Question 42

Q

A switch forwards data only to the port that connects to the destination device. It knows which port to forward it to based on which value?

a. Conf value

b. Port number

c. IP address

d. MAC address

Answer

A

d. MAC address

Whereas a hub forwards the data it receives to all the ports on the device, a switch forwards it only to the port that connects to the destination device.

It does this by checking the MAC address of the devices attached to it and then matching the destination MAC address in the data it receives.

Question 43

Q

What is the cable type for 10Base2?

Answer

A

Thin Coaxial

Question 44

Q

Which implementation of DSL is the most common?

a. ADSL

b. SDSL

c. VDSL

d. IDSL

Answer

A

a. ADSL

The most common implementation of DSL is ADSL (asymmetric), which provides a high data rate in only one direction.

While the other variants of DSL are available, they are not as popular as ADSL.

All variants of DSL are decreasing in popularity in recent years as more are turning to cable and fiber solutions for high-speed Internet and network access.

Question 45

Q

A network administrator is trying to power off a Cisco switch, but it is not working. The administrator needs to be in which mode to perform this task?

a. Global configuration
b. User
c. Autonegotiate
d. Enable

Answer

A

d. Enable

Privileged EXEC mode (also called ENABLE mode) allows the user to reboot or shut down the appliance and to backup and restore the system configuration.

Global configuration mode allows the user to write configuration updates. This is important to consider when automatically pushing out configuration updates as well.

User EXEC mode is a read-only mode where commands can report the configuration, show system status, or run basic troubleshooting tools.

Autonegotiate is not a user mode, but the network administrator sets the port on the switch to autonegotiate speed (10/100/1000) and full – or half-duplex operation.

Question 46

Q

Which of the following is a technology that uses short path labels instead of longer network addresses to direct data from one node to another?

a. MPLS

b. Metropolitan Ethernet

c. PPPoE

d. GSM/CDMA

Answer

A

a. MPLS

MPLS (Multiprotocol Label Switching) is a technology that uses short path labels instead of longer network addresses to direct data from one node to another.

This is not true of the other options presented.

Question 47

Q

A security analyst is reviewing malicious packets and trying to understand the IPv4 header.

What is the first field in an IPv4 header?

a. Header Length
b. Version
c. Protocol
d. Source address

Answer

A

b. Version

The version field is the first field in an IPv4 packet and indicates the version of the internet protocol in use, which in the case of IPv4, is 4.

The field after Version is field length.

The protocol field describes what is contained (encapsulated) in the payload.

The source and destination addresses do not occur until the end of the header, before options and data. (The options field is not as common in IPv4)

Question 48

Q

Which of the following statements are associated with a bus LAN network? (Choose all correct answers.)

a. All devices connect to a central device.
b. A single cable break can cause complete network disruption.
c. It uses a single backbone to connect all network devices.
d. It uses a dual-ring configuration.

Answer

A

b. A single cable break can cause complete network disruption. and d. It uses a single backbone to connect all network devices.

In a bus network, a single break in the network cable can disrupt all the devices on that segment of the network, a significant shortcoming.

A bus network also uses a single cable as a backbone to which all networking devices attach.

A star network requires networked devices to connect to a centralized device such as a hub, switch, or MSAU.

Answer D is also incorrect because it does not use a dual-ring configuration.

Question 49

Q

Which of the following OSI layers is responsible for establishing connections between two devices?

a. Network

b. Data link

c. Session

d. Transport

Answer

A

d. Transport

The transport layer is responsible for establishing a connection between networked devices.

The network layer is most commonly associated with route discovery and datagram delivery.

Protocols at the session layer synchronize the data exchange between applications on separate devices.

Protocols at the data link layer perform error detection and handling for the transmitted signals and define the method by which the medium is accessed.

Question 50

Q

A system administrator wants to verify that external IP addresses cannot collect software versioning from servers on the network.

Which of the following should the system administrator do to confirm the network is protected?

a. Analyze packet captures
b. Use Nmap to query known ports
c. Review the ID3 logs on the netowrk
d. Utilize netstat to locate active connections

Answer

A

a. Analyze packet captures

Packet captures contain every packet that is sent and received by the network.

By using a program like Wireshark to analyze the packet captures, you can see what kind of information and metadata is contained within the packets.

By conducting this type of packet analysis, an attacker (or cybersecurity analyst) can determine if software versions are being sent as part of the packets and their associated metadata.

Question 51

Q

You’ve been summoned to a small law firm to help a client with networking issues that cropped up when it added a number of new workstations.

The CIDR notation appearing in the documentation kept onsite is 192.168.12.0/26.

What is the range of IPv4 addresses that can be assigned to workstations?

a. 192.168.12.1 to 192.168.12.128

b. 192.168.12.1 to 192.168.12.62

c. 192.168.12.1 to 192.168.12.32

d. 192.168.12.1 to 192.168.12.255

Answer

A

b. 192.168.12.1 to 192.168.12.62

The IP addresses available beneath 192.168.12.0/26 range from 192.168.12.1 to 192.168.12.62.

With 26 mask bits, only 62 hosts can exist on a subnet. The other choices are incorrect because they do not represent the correct range of IPv4 addresses that can be assigned to workstations.

Question 52

Q

A network technician is setting up a connection between switches, but is not establishing a connection.

Which of the following would be the most likely cause for it not to work?

A. Duel MDI-X ports
B. Uplink port
C. Crossover cables
D. Autonegotiation

Answer

A

a. Duel MDI-X ports

When a switch needs to connect to another switch, communications would fail if BOTH interfaces used media dependent interface crossover (MDI-X). One switch should use MDI and the other switch should use MDI-X

Historically (in the days of hubs and very early 10/100 switches), dedicated uplink ports connected to switches.

Network administrators used crossover cables in conjunction with dedicated uplink ports to connect switches.

Nowadays, network administrators configure most switch interfaces to use auto-MDI/MIDX by default. This means that the switch senses the configuration of the connected device and cable wiring and ensures that an MDI uplink to an MDIX port gets configured.

Question 53

Q

Users are complaining that the network’s performance is unsatisfactory. It takes a long time to pull files from the server, and, under heavy loads, workstations can become disconnected from the server. The network is heavily used, and a new videoconferencing application is about to be installed. The network is a 1000BASE-T system created with Ethernet hubs. Which device are you most likely to install to alleviate the performance problems?

a. Firewall

b. Media converter

c. Switch

d. Router

Answer

A

c. Switch

Replacing Ethernet hubs with switches can yield significant performance improvements. Of the devices listed, switches are also the only ones that can be substituted for hubs.

A router is used to separate networks, not as a connectivity point for workstations.

A media converter is used to connect two dissimilar types of network media.

A firewall is not a solution to the problem presented.

Question 54

Q

Name 3 or more different Antenna Types:

Answer

A

Omni Antenna: Sphere shaped radiation pattern
Dipole Antenna: Flat doughnut shaped radiation pattern
Patch Antenna: Half of a sphere radiation pattern (e.g. ceiling mount)
Directional (Yagi) Antenna: Stretched Football shaped radiation pattern (e.g. building to building mount)
Directional (Parabolic) Antenna: Point to Point for miles

Question 55

Q

When might 0.0.0.0/8 be used?

Answer

A

0.0.0.0/8 can be used when a specific address is unknown.

It may be used as a source address by a client seeking a DHCP lease.

Question 56

Q

What is a VLAN and what do VLANs do?

Answer

A

A virtual local area network (VLAN).

A VLAN breaks a single network into multiple sections, splitting one broadcast domain into two or more broadcast domains.

It is a logical subnetwork that groups a collection of devices from different physical LANs and is often employed to help improve traffic management.

Several kinds of physical networks support VLANs, including Ethernet and Wi-Fi .

By logically separating ports and additional switches from one another, a VLAN effectively creates multiple standalone networks out of the same networking backbone. This is more secure, and it reduces the number of broadcasts individual devices receive.

Question 57

Q

What is the lowest layer (bottom layer) of a bare metal virtualization environment?

a. Hypervisor
b. Host Operating System
c. Physical Hardware
d. Guest Operating System

Answer

A

c. Physical Hardware

Question 58

Q

You need to purchase a wireless router that operates on 2.4GHz and 5GHz bands.

Which standard would cover this?

a. 802.11a
b. 802.11b
c. 802.11g
d. 802.11n
e. 802.11ac

Answer

A

d. 802.11n covers both 2.4GHz and 5GHz

a. 802.11a only operates at 5GHz
b. 802.11b only operates at 2.4GHz
c. 802.11g both operates at 2.4GHz
e. 802.11ac operates at 5GHz

Question 59

Q

Which would be an example of a Denial of Service (DoS) attack:

1. A Ping Flood
2. Masquerading
3. Opening Multiple Web Browser Pages
4. VLAN Hopping

Answer

A

A Ping Flood is an example of a Denial of Service (DoS).

A ping flood will send continuous ping requests to a computer which will eventually crash it.

Masquerading is a social engineering tactic to get someone to give you personal information.

Opening a bunch of web browser pages will simply crash a system that doesn’t have enough memory to handle it.

VLAN hopping is more of a way to access data rather than crash a system.

Remember, the point of DoS is to deny service to resources.

Question 60

Q

Which of the following can be thought of as the “fiber to the home” connection?

a. mGRE

b. PAN

c. Metro-optical

d. SDWAN

Answer

A

c. Metro-optical

Metro-optical networks can span up to several hundred kilometers and are used to serve metropolitan areas in which there is a large, concentrated population: one way to think of them is as the “fiber to the home” connection.

Multipoint Generic Routing Encapsulation (mGRE) is used to connect multiple remote sites through a VPN.

PAN is a Personal Area Network

Question 61

Q

A network administrator is setting up a simple connection point for multiple devices to connect to and become part of the same network segment.

Which of the following cannot be configured?

A. Bridge
B. Switch
C. Hub
D. Router.

Answer

A

c. Hub

Hubs have no configuration options. The technician connects the device to a power source and then connects the network cables for the hosts, becoming part of the network segment served by the hub.

An Ethernet bridge works at the Data Link Layer (Layer 2), establishing separate physical network segments while keeping all notes in the same logical network, reducing the number of collisions.

An Ethernet Layer 2 Switch performs a similar function as a bridge, but in a more granular way, and for many more ports than bridges support. Each Switch port is a separate collision domain.

The router’s other interfaces divide the network into 3 logical subnetworks. These subnets map to Layer 2 segments, each implemented using a Switch

Question 62

Q

What device is used to configure various hypervisor guests to use different VLANs in the same virtualization environment?

a. Virtual Switch
b. NIC teaming
c. Virtual router
d. Virtual firewall

Answer

A

a. Virtual Switch

A Virtual Switch is used to configure various hypervisor guests to use different VLANs in the same virtualization environment

Question 63

Q

Which of the following is PoE+ also known as?

a. 802.3at

b. 802.3aa

c. 802.3ac

d. 802.3af

Answer

A

a. 802.3at

IEEE 802.3at is more commonly known as PoE+ which is Power over Ethernet enhancements at 25.5 W

There is no specific “802.3aa standard within the IEEE 802.3 series.

802.3ac is a 1998 VLAN tag which expanded the maximum frame size to 1522 bytes.

IEEE 802.3af is Power over Ethernet at 15.4 W

Question 64

Q

Which type of network is depicted in the figure?

a. Local-area network (LAN)

b. Wide-area network (WAN)

c. Metropolitan-area network (MAN)

d. Campus-area network (CAN)

Answer

A

b. Wide-area network (WAN)

A wide-area network (WAN) spans more than one geographic location, often connecting separated LANs. WANs are slower than LANs and often require additional and costly hardware, such as routers, dedicated leased lines, and complicated implementation procedures.

Answer 65

A

c. Stratum

NTP uses a hierarchical, semi-layered system of time sources wherein each level of the hierarchy is termed a stratum.

Each stratum/level is assigned a number starting with zero for the reference clock at the top and incrementing from there with the number representing the distance from the reference clock: this means that a server synchronized to a stratum n server runs at stratum n + 1.

All other choices presented (Lease, Relay, and Scope) are associated with DHCP and not with NTP.

Answer 66

A

e. Kerberos

Kerberos is an authentication protocol, which provides a Single Sign On (SSO) based on a trusted 3rd party mutal authentication service.

It’s default Port is 88.

Answer 67

A

a. Multipathing

On a VLAN, multipathing creates multiple paths to the storage resources and can be used to increase availability and add fault tolerance.

Answer 68

A

Complexity
Password age
Lock-out

Answer 69

A

b . Reverse Address Resolution Protocol

Reverse Address Resolution Protocol (RARP) is a protocol that allows a device to obtain its MAC address from its IP address.

A MAC spoofing attack is an attack where a device pretends to have a different MAC address than its actual one. RARP can be used to detect a MAC spoofing attack by comparing the MAC address obtained from RARP with the MAC address obtained from other sources, such as ARP or DHCP.

Answer 70

A

a. CPU Usage

High CPU usage can contribute to slow performance, especially in virtualized environments where multiple VMs share the same physical resources.

b. Memory

Insufficient memory or high memory usage can lead to performance issues, as VMs may struggle to allocate the necessary resources.

Temperature is more related to hardware health.

Bandwidth, latency, and jitter are more relevant to network performance.

Answer 71

A

a. 56 Kbps

Almost without exception, ISPs offer 56 Kbps access, the maximum possible under current dial-up standards.

Answer 72

A

b. BGP

BGP is the protocol that makes the Internet work by enabling data routing.
Border Gateway Protocol (BGP) is the postal service of the Internet. When someone drops a letter into a mailbox, the Postal Service processes that piece of mail and chooses a fast, efficient route to deliver that letter to its recipient.

Similarly, when someone submits data via the Internet, BGP is responsible for looking at all of the available paths that data could travel and picking the best route, which usually means hopping between autonomous systems.

Answer 73

A

b. Port mirroring

Port mirroring enables administrators to monitor the traffic outbound and inbound to the switch.

Answer 74

A

A Hypervisor is a special type of operating system that enables many Virtual Machine ‘guests’ to run on the same physical hardware.

Answer 75

A

b. Configure VTP and 802.1q on the inter-switch connections with native VLAN 100

VTP (VLAN Trunking Protocol): VTP is used for managing VLAN configuration across multiple switches. By configuring VTP, the technician can ensure that VLAN information is shared centrally, making it easier to manage VLANs consistently across all switches.

802.1q (IEEE 802.1Q): This is the standard for VLAN tagging. It allows for the implementation of VLANs on a network and supports the use of VLAN IDs. In this case, configuring 802.1q on the inter-switch connections ensures that VLAN information is carried between the switches.

Native VLAN 100: Setting the native VLAN to 100 on the inter-switch connections ensures that untagged frames (frames without VLAN tags) are treated as belonging to VLAN 100. This aligns with the requirement of using VLAN 100 as the management subnet.

a. is incorrect because 802.1x is related to port-based network access control, not VLAN management.

c. is incorrect because STP (Spanning Tree Protocol) is used for loop prevention, and while it is important in a network, it doesn’t directly address the requirement for centrally managing VLANs.

d. is incorrect because 802.1w is a version of the Rapid Spanning Tree Protocol (RSTP), and it’s not directly related to VLAN management.

e. is incorrect because VLSM (Variable Length Subnet Masking) is used for optimizing IP address allocation. Configuring VLSM for the IP address range is not relevant to the requirement of centrally managing switches and segmenting into separate broadcast domains.

Answer 76

A

c. Multilayer switches and DNS servers

Multilayer switches and DNS servers can serve as load balancers.

Answer 77

A

Protocol Data Units (PDUs).

In networking, a protocol data unit (PDU) is the basic unit of exchange between entities that communicate using a specified networking protocol.

When working with a multilayer protocol stack, like the TCP/IP networking suite, use of the correct PDU is important when discussing protocol interactions.

Answer 78

A

c. Punchdown tool

You use a punchdown tool (RJ-45 or Krone) to terminate the Ethernet cables by inserting the cable wires into the insulation-displacement connector (IDC).

All the other tools are associated with making and troubleshooting cables; they are not associated with IDCs.

Answer 79

A

RIP and EIGRP are both distance-vector protocols

a. RIP (Routing Information Protocol) is a distance-vector protocol

b. EIGRP (Enhanced Interior Gateway Routing Protocol) is a distance vector protocol

c. Intermediate System-to-Intermediate System (IS-IS) is a link-state protocol.

d. Open Shortest Path First (OSPF) is a link-state protocol

Answer 80

A

b. Default gateway

Although most people have never seen “U.U.U.U” before, it seems that this response would indicate that the packets are being transmitted, but a downstream router is having trouble routing them.

This error message is usually seen when the destination network is unreachable.

Answer 81

A

d. AuthPriv

SNMPv3 defines communication with authentication and privacy (AuthPriv) as one of three mechanisms available. It uses MD5 and SHA for authentication and either DES or AES for privacy.

SHA and MD5 are used in the solution, however they are not sufficient on their own.

An authentication passphrase would be insufficient to sustain confidentiality of the data.

Answer 82

A

c. 2000 Mbps

1000BASE-T is a network standard that runs at 1000 Mbps.

A full-duplex configuration in a switched environment gives a maximum throughput between two devices of 2000 Mbps.

Answer 83

A

a. ARP

Content Addressable Memory (CAM) table is a system memory construct used by Ethernet switch logic which stores information such as MAC addresses available on physical ports with their associated VLAN Parameters.

The Transmission Control Protocol/Internet Protocol (TCP/IP) suite includes the Address Resolution Protocol (ARP). The ARP performs the task of resolving an IP address to a hardware address. ARP messaging is only available to use with Ethernet.

Answer 84

A

a. Omni antenna

The signal from an OMNI antenna spreads out to all directions, so it is good to place in the centre of the room, so it emanates to every device on the floor.

A Patch antenna is meant to go on a wall and radiate in one direction.

A Yagi antenna is used to send a strong signal in one direction.

Answer 85

A

UPC is the acronym for Ultra Physical Contact.

Aqua and blue denote a straight through (or UPC) polish and green denotes an angled (or APC) polish.

UPC is an improvement over the APC fiber connector. It has a better surface finish after an extended polishing and the return loss is better by -50dB or higher.

Answer 86

A

d. Block-level

A storage-area network (SAN) consists of networked/shared storage devices, are a subset of LANs, and allow you to use multiple devices to increase performance at block-level data storage.

Note: Block level storage, or block storage, is storage used for structured data and is commonly deployed in Storage Area Network (SAN) systems. It uses Internet Small Computer Systems Interface (iSCSI) and Fibre Channel (FC) protocols.

Answer 87

A

a. An Evil Twin

An Evil Twin is another WAP on your network that isn’t supposed to be there.

While this scenario can lead to a rogue DHCP server, there isn’t enough information to prove this.

This Evil Twin COULD be used for a Man-In-The-Middle attack, but again, there isn’t enough information in the scenario.

A Rogue Firewall really isn’t a thing.

Answer 88

A

a. Encryption and c. Authentication

As opposed to earlier versions, Simple Network Management Protocol version 3 (SNMPv3) supports both authentication and encryption.

Answer 89

A

b. A Successful WPS attack has occurred

Wi-Fi Protected Setup (WPS) allows users to configure a wireless network without typing in the passphrase. Instead, users can configure devices by pressing buttons or by entering a short personal identification number (PIN).

Unfortunately, WPS is fairly easy to hack and unknown devices can then connect to your network without permission. This is the most likely cause of the issue described in the question.

Answer 90

A

IPv6 addresses are hexadecimal and since they are 128-bit, they are quite long:.

Original: 2041:0000:140F:0000:0000:0000:875B:131B

Method 1:
If there is a string of zeros then you can remove them once. In the example above I removed the entire 0000:0000:0000 part. You can only do this once, your IPv6 device will fill up the remaining space with zeros until it has a 128 bit address.

Short: 2041:0000:140F::875B:131B

Method 2:
If you have a “hextet” with 4 zeros then you can remove those and leave a single zero. Your IPv6 device will add the remaining 3 zeros.

Short: 2041:0000:140F::875B:131B
Shorter: 2041:0:140F::875B:131B

Answer 91

A

RFC 1918 is used to document how organizations could conduct address allocation for private Internets (Intra-nets)

Answer 92

A

Infrastructure as a service (IaaS) is a type of cloud computing service that offers essential compute, storage and networking resources on demand, and on a pay-as-you-go basis.

IaaS is one of the most well known types of cloud services. Others include Software as a service (SaaS), Platform as a Service (PaaS), and Coding as a Service (CaaS), and Serverless.

Answer 93

A

d. Assign the interface a 802.1q tag to it’s own VLAN

The WAN interface (eth1/1) is currently untagged and is being assigned to the default VLAN (VLAN !). If there are numerous devices in the default VLAN, the VLAN may be overloaded or oversubscribed, leading to a reduction in the network performance.

To solve this issue, you would assign the WAN interface to a VLAN with less traffic or to it’s own VLAN.

By adding an 802.1q (VLAN tag) to the interface, you can assign it to it’s own individual VLAN and eliminate potential overloading or oversubscription issues. Theinterface is already set to full duplex (fdx) and operating in full duplex (fdx). Therefore the issue is not a duplexing mismatch.

The configuration shows tha the interface is already using a GigabitEthernet, so you do not need to replace the transceiver with a 1000Base-T module.

Also the physical layer is working properly and a link is established, as shown by the output “GigabitEthernet 1/1 is up”, showing the current transceiver is functioning properly at 1Gbps.

While issuing the shutdown command and then re-enabling the interface would clear any errors, based onthe interface status show, we have no indications that errors are being detected or reported.

Answer 94

A

b. OSPFv3 was developed to support IPv6 and e. RIPng was developed to support IPv6 routing

Answer 95

A

a. To provide NAT services and d. To centrally control Internet access

A proxy server acts as a centralized point for Internet access, thus making it easy to control a user’s Internet use.

Also, the proxy server provides Network Address Translation services as requests are sent to the Internet using the address of the proxy server’s external interface, not the system that sent it.

Answer 96

A

a. Gigabit Ethernet and b. Fast Ethernet

Most Ethernet adapters support Gigabit Ethernet, as they are designed for use with copper cabling and are capable of 10/100/1000 operation.

Most Ethernet adapters support Fast Ethernet, meaning that they support Gigabit Ethernet, Fast Ethernet and 10BASE-T.

A sysadmin would have to provision for a different king of adapter for 10GbE or 40GbE, which come at a considerable price premium over basic Gigabit models.

Answer 97

A

d. Demarcation

A network’s demarcation point is the connection point between the operator’s part of the network and the customer’s portion of the network.

Answer 98

A

a. Signature based

A signature-based system, also commonly known as misuse-detection system (MD-IDS/MD-IPS), is primarily focused on evaluating attacks based on attack signatures and audit trails.

Answer 99

A

b. TACACS+

Terminal Access Controller Access-Control System (TACACS), is a network protocol that was developed by Cisco.

TACACS is a network protocol designed for centralized authentication, authorization, and accounting (AAA) services for network devices, such as routers

It allows granular access control. Packet Encryption. RADIUS encrypts only the password in the access request packet.

TACACS+ encrypts the entire packet content, ensuring a higher level of security.

Answer 100

A

Top: Tier 1 - Core Layer

Middle: Tier 2 - Distribution/
Aggregation Layer

Bottom: Tier 3 - Access/Edge Layer

Answer 101

A

c. Wires 1 and 3 and wires 2 and 6

In a crossover cable, wires 1 and 3 and wires 2 and 6 are crossed.

Answer 102

A

Class C:

1st Octet value range is from 192 to 223
Provides 254 possible hosts

Answer 103

A

a. 192.168.67.33 to 192.168.67.46

The IP addresses available beneath 192.168.67.32/28 range from 192.168.67.33 to 192.168.67.46.

With 28 mask bits, only 14 hosts can exist on a subnet.

The other options are incorrect ranges for the address and subnet values given.

Answer 104

A

Unshielded Twisted Pair

Answer 105

A

Internet Control Message Protocol (ICMP) is a Layer 3, supporting protocol, in the Internet protocol suite.

It is used by network devices, including routers, to send error messages and operational information indicating success or failure when communicating with another IP address, for example, an error is indicated when a requested service is not available or that a host or router could not be reached.

ICMP differs from transport protocols such as TCP and UDP in that it is not typically used to exchange data between systems, nor is it regularly employed by end-user network applications (with the exception of some diagnostic tools like ping and traceroute).

ICMP for IPv4 is defined in RFC 792. A separate ICMPv6 is defined by RFC 4443. ICMP has nothing to do with Port Numbers.

Answer 106

A

a. Data link

A Wireless Access Point (AP) operates at the data link layer of the OSI model.

An example of a network layer device is a router.
An example of a physical layer device is a hub.

Session layer components normally are software, not hardware.

Answer 107

A

d. Coaxial

F-type connectors are used with coaxial cables.

They are not used with fiber-optic, unshielded twisted-pair (UTP), or shielded twisted-pair (STP) cabling.

Answer 108

A

a. Broadcast and b. ff:ff:ff:ff:ff:ff

One method of addressing multiple hosts is to perform a broadcast. An administrator performs a broadcast by sending a packet to the network or subnet’s broadcast addresses.

Implemented broadcasts occur at layer 2 by sending them to the MAC address ff:ff:ff:ff:ff:ff. All hosts connected to the switch (or in the same VLAN) will recieve them.

Answer 109

A

Variable Length Subnet Mask (VSLM)

Where the subnet design uses more than one mask in the same network, which means more than one mask is used for different subnets of a single class A, B, C or a network.

It is used to increase the usability of subnets as they can be of variable size.

Answer 110

A

802.11g:

54 Mbps
2.4 GHz

Answer 111

A

a. Use the same SSIDs on different channels and with AP isolation

Answer 112

A

a. TCP and b. UDP

Both TCP and UDP are transport protocols.

IP is a network protocol.

THC is not a valid protocol.

Answer 113

A

Zero Day Vulnerability:

Any unknown vulnerabilities, e.g. weakness in the system design, implementation, software code, or a lack of preventative mechanisms in place.

Answer 114

A

a. Switch

A switch is more efficient than a hub because it forwards data only to intended ports.

A hub directs data packets to all devices connected to the hub.

The other answer choices are incorrect because they are not network devices.

Answer 115

A

c. Stackable

Stackable means that Switches can be connected together and operate as a group. The sysadmin can manage the switch stack as a single unit.

On a corporate network, switches are most likely to be managed. This means the sysadmin can configure the switch settings. If a managed switch is left unconfigured, it functions the same as an unmanaged switch does.

A modular switch has slots for plug-in cards, meaning a sysadmin can configure them with different numbers and types of ports.

The design on most larger switches allows them to fit in the standard size racks used to hold networking equipment.

Answer 116

A

c. Flow control

IEEE 802.3x flow control allows a server to instruct the switch to pause traffic temporarily to avoid overwhelming its buffer and causing it to drop frames.

A jumbo frame is one that supports a data payload of up to around 9,000 bytes. This reduces the number of frames that need to be transmitted.

Port mirroring copies all packets sent to one or more source ports to a mirror (or destination) port.

Port aggregation means combining two or more separate cabled links into a single logical channel. From the host end, this can also be called NIC teaming.

Answer 117

A

Split horizon is a method used by distance vector protocols to prevent network routing loops.

The basic principle is simple: Never send routing information back in the direction from which it was received.

Why do we need split horizon? Because distance vector protocols, such as Routing Information Protocol (RIP), are susceptible to routing loops, which occur when a data packet is caught in an endless circle and continuously routed through the same routers.

Answer 118

A

QoS controls help you better manage available bandwidth.
One type of QoS Control is traffic shaping.

Simple QoS on SOHO routers allows you to set priorities for different protocols.

Answer 119

A

a. Rollover

Typically, a router or switch’s console port is connected using a rollover cable, which has an RS-232 (DB-9) port on one side and an RJ-45 on the other.

A rollover or console cable is a type of null-modem cable that is used to connect a computer terminal to a router’s console port.

An RG-6 cable is a coaxial cable used to connect to a cable modem or television.

An Ethernet crossover cable is a network cable used to connect two Ethernet network devices directly, such as two computers without a switch or router in between.

A straight-through cable is a type of twisted pair cable that is used in local area networks to connect a computer to a network switch

Answer 120

A

c. BGP

Border Gateway Protocol (BGP) is considered a hybrid routing protocol.

RIPv2 is a distance-vector routing protocol.

Both OSPF and IS-IS are link-state routing protocols.

Answer 121

A

d. Network

Protocols and technologies such as Multiprotocol Label Switching (MPLS) operate at the network layer.

Answer 122

A

a. route

The route command in Windows is used to display and manipulate the IP routing table. It allows you to add static routes to specify how network traffic should be directed.

By configuring static routes, Rick can control the networks and systems with which the Jumpbox communicates.

b. tracert: Traceroute is used to trace the route that packets take to reach a destination, showing the IP addresses of the routers along the way.

c. nslookup: Nslookup is used to query DNS (Domain Name System) to obtain domain name or IP address information.

d. ip: The ip command in Windows is part of the Netsh (network shell) utility. It is a more comprehensive command that allows you to configure various networking parameters on Windows, including addressing, routing, and more. However, for static routing specifically, the route command is commonly used.

Answer 123

A

c. Core layer

The core layer is the backbone of the network where the fastest routers and switches operate to manage separate networks.

The distribution/aggregation layer is between the access/edge and core layers. This is the “boundary” layer where ACLs and Layer 3 switches operate.

The access/edge layer is the place where switches connect to and ensure data is delivered to edge/end devices.

The application layer is the seventh and top layer of the OSI reference model.

Answer 124

A

Multimode Fiber

Answer 125

A

c. MPLS

Used in high-performance-based telco networks, Multiprotocol Label Switching (MPLS) is a technology that uses short path labels instead of longer network addresses to direct data from one node to another.

Metropolitan Ethernet is nothing more than an Ethernet-based MAN (metropolitan-area network).

**DMVPN **offers the capability to create a dynamic-mesh VPN network without having to preconfigure all the possible tunnel endpoints.

**PPP **is a data link protocol that is used to establish a connection between two nodes. PPP works with plain old telephone service (POTS), ISDN, fiber links such as SONET, and other faster connections, such as T1.

Answer 126

A

b. Systems with an APIPA-assigned address cannot access the Internet.

d. Systems with an APIPA-assigned address can communicate with each other.

Systems that have APIPA-assigned addresses can talk to each other but not with any other systems.

Systems with APIPA-assigned addresses cannot access the Internet because the APIPA-assigned information does not include default gateway information.
Therefore, communication is limited to the local network.

The systems with APIPA addresses can talk to each other, even though they cannot communicate with any other systems.

Answer 127

A

b. VLANs

VLANs are useful to divide a network into logically distinct zones for security and administrative control.

The CAM table tracks Layer 2 and implements it as Content Addressable Memory (CAM). It is a special type of memory, optimized for searching rather than random access.

A **port security **configuration validates the MAC address of end systems that connetc to a switch port. In most scenarios, the MAC address of servers and workstations does not change often.

IEEE 802.3x flow control, allows a server to instruct the switch to pause traffic temporarily to avoid overwhelming its buffer and causeing ti to drop frames.

Answer 128

A

Effective Isotropic Radiated Power (EIRP)

EIRP is a measurement of radiated output power from an ideal isotropic antenna in a single direction.

It is equal to the transmit power of the AP radio plus the antenna gain, minus any cable loss between the antenna and transmitter.

Answer 129

A

802.1X

IEEE 802.1X is part of the IEEE 802.1 group of networking protocols and provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.

It is a standard for port-based network access control. (Think Network Access Control (NAC) where you don’t get access until you authenticate)

Answer 130

A

Dynamic WEP changes an RC4 encryption key periodically to enhance security.

Dynamic WEP refers to the combination of 802.1x technology and the Extensible Authentication Protocol (EAP).

With Dynamic WEP security, WEP keys are changed dynamically. EAP messages are sent over an IEEE 802.11 wireless network using a protocol called EAP Encapsulation Over LANs (EAPOL).

Answer 131

A

b. DHCP Snooping and d. ARP inspection

DHCP Snooping is a security feature that helps prevent unauthorized DHCP servers from providing IP addresses to clients on the network. It works by allowing the switch to monitor and control DHCP messages received from untrusted sources.
By enabling DHCP Snooping, the switch can verify the legitimacy of DHCP servers and ensure that only authorized servers are able to provide IP addresses to clients..

Address Resolution Protocol (ARP) inspection is a security feature that helps prevent malicious ARP traffic on the network. ARP is vulnerable to various attacks, including ARP spoofing, where an attacker sends falsified ARP messages to associate their MAC address with the IP address of a legitimate device on the network.
ARP Inspection mitigates these types of attacks by inspecting ARP packets and ensuring that the mappings between IP addresses and MAC addresses are legitimate. If an ARP packet is deemed suspicious or inconsistent with the established mappings, it can be dropped or logged, protecting the network from potential ARP-based attacks.

VLAN Provisional is not a term recognized as a network security feature.

The other options are not directly related to preventing unauthorized DHCP or ARP attacks:

a. MAC Filtering is a method of controlling access to a network based on the MAC addresses of devices. While it can be a security measure, it does not specifically address the prevention of unauthorized DHCP or ARP activities.

e. DNS Inspections is not directly related to preventing unauthorized DHCP or ARP activities. DNS inspection is more focused on monitoring and controlling DNS traffic for security purposes, such as detecting and preventing DNS-based attacks.

Answer 132

A

d. ISAKMP

Internet Security Association and Key Management Protocol (ISAKMP) is a protocol defined by RFC 2408 for establishing security association (SA) and cryptographic keys in an Internet environment. It is used in IPsec, which is commonly used in securing the key exchange during the establishment of a client-to-server VPN connection.

a. TKIP (Temporal Key Integrity Protocol) is an encryption protocol included as part of the IEEE 802.11i standard for wireless LANs (WLANs).

b. Kerberos is a computer network authentication protocol that works based on tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.

c. AES (The Advanced Encryption Standard) is a symmetric key encryption and is not used for key exchanges.

Answer 133

A

b. 1000BaseSX

1000BaseSX is used for Multimode Fiber

1000BaseLX is for Single Mode Fiber

1000BaseCX and 1000BaseTX do not exist.

Answer 134

A

a. MAN

A MAN connects multiple networks within a city range.

A WAN connects larger networks using routers.

A LAN is limited to a small area like an office.

A CAN is used to interconnect many networks on a campus, like a college.

Answer 135

A

d. BGP

If a WAN link goes down, BGP will route data through another WAN link if redundant WAN links are available.

Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information betwwn autonomous systems (AS) on the internet. The protocol is often classified as a path vector protocol, but is sometimes also classed as a distance-vector routing protocol.

Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol (IGP), therefore it will not help to reroute the organization’s WAN connections.

The Virtual Router Redundancy Protocol (VRRP) is a computer networking protocol that provicdes for automatic assignment of available internet protocol routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork. VRRP is used for your internal clients and will not effect the routing of traffic between WANs or autonomous systems.

Load balancing refers to the process of distributing a set of tasks over a set of resources, with the aim of making their overall processing more efficient. :Load balancing can optimize the response time and avoid unevenly overloading some compute nodes while other compute nodes are left idele. A load balancer would work at one site, but would not allow routing of the WAN connections at all of the other sites since they rely on autonomous systs and BGP is used to route traffeic between autonomous systems.

Answer 136

A

b. 124.254.254.254

Class A subnets use the range 1 to 126 for the value of the first octet.

127.0.0.1 is the IPv4 loopback address, which enables the IP stack functionality to be tested.

131.17.25.200 and 128.16.200.12 are both addresses in the Class B range (128 to 191).

Answer 137

A

C. Source address by client seeking a DHCP lease

The system uses the subnet 0.0.0.0/8 when a specific address is unknown and typically used as a source address by a client seeking a DHCP lease.

Answer 138

A

a. object identifier (OID)

SNMP Object Identifiers (OIDs) point to network objects stored in a database called the Management Information Base, often referred to as the “MIB”.

An object identifier (OID) is a string, of decimal numbers, that uniquely identifies an object.

A MIB holds the structure of the network alarms being monitored (like a map of the “city”), and it uses the OIDs to keep track of the individual components (like the address to a house or other location).

Answer 139

A

Kerberos is designed to do Authentication for Local Area Networks (WIRED NETWORKS)

When you setup a Windows Server to be a Domain Controller, it becomes a Key Distribution Centre and uses Kerberos by Default.

Uses include:
* Authentication Server
* Ticket Granting Tocken (TGT)
* Ticket Graning Service
* Token back to Client (lasts 8 hours as standard)

Using Kerberos, both Windows and Linux can authenticate under the same Domain Controller

Answer 140

A

b. AES

Advanced Encryption Standard (AES) is a higher end (WPA2/802.11i) encryption protocol. AES is much more secure because it uses longer encryption keys. It has been on almost all new Wi-Fi routers sold in the last few years.

a. TKIP (Temporal Key Integrity Protocol) TKIP is a lower end encryption protocol (WEP2)

c. WEP introduced in 1997, Wired Equivalent Privacy (WEP) was the first attempt at wireless protection and it is not very secure. It has several security flaws and vulnerabilities, including problematic authentication mechanisms, which makes WEP a risky choice for wireless security..

d. OPEN is not secure at all.

Answer 141

A

c. MSAU configuration

A Multi-Station Access Unit (MSAU) is a standalone device or connector that is used to connect devices attached to a network over a token-ring network.

To create the complete ring, the ring-in (RI) port on each MSAU is connected to the ring-out (RO) port on another MSAU.

The last MSAU in the ring is then connected to the first to complete the ring.

Answer 142

A

a. SDWAN

The concept behind a software-defined wide-area network (SDWAN) is to take many of the principles that make cloud computing so attractive and make them accessible at the LAN level. This is done by adopting a virtual WAN architecture leveraging a combination of transport services (MPLS, 5G, LTE, broadband, etc.) to securely connect users to applications.

Answer 143

A

With Spine and Leaf Architecture, each top-of-rack switch is connected to the layer three switches on the spine layer

Answer 144

A

802.11ac:

5 GHz
Up to 3 Gbps
MU-MIMO (multi-user, multiple input, multiple output)

Side Note:
802.11ax, or WiFi 6, is the latest WiFi standard and is the highest performing. WiFi 6 operates in the 2.4 GHz and 5 GHz bands and is capable of speeds up to 9.6 Gbps

Answer 145

A

b. Physical

The physical layer of the OSI seven-layer model is responsible for placing the signal on the network medium.

The data link layer is responsible for physical addressing and media access. MAC and LLC are sublayers of the data link layer.

Answer 146

A

Image 1 -> (H) RJ11
Used for analogue (POTS) telephone connectivity
Image 2 -> (B) ST
Straight Tip/Straight Through (think Stick n Twist) Connector used for Single Mode Fibre
Image 3 -> (A) SC
Square Connector for Fibre
Image 4 -> (D) DB-9
Serial Port RS232 Connector

RJ45 - Ethernet Connector
F Connector - Coxial Connector for Cable Modems etc.
BNC Connector - DS3 / Video Connector
LC Connector - Lucent Fibre Connetor and miniaturized version of the fiber-optic SC connector

Answer 147

A

a. Port Security

Port Security is specifically designed for controlling access to switch ports based on MAC addresses. It allows the switch to remember the first MAC address seen on a port, specify a maximum number of MAC addresses that are allowed on a port, and it can dynamically learn. It can also take actions such as shutting down the port or sending an alert if it detects a different MAC address.
.
802.1X is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server.

NAC is more focused on controlling access to the network based on various factors such as device health, compliance, or user identity.

ACLs are used to control traffic flow within a network by specifying rules about what traffic is allowed or denied.

Answer 148

A

c. 51

Answer 149

A

d. 8

LUNs came from the SCSI world and carry over, acting as unique identifiers for devices. Both NAS and SAN use “targets” that hold up to eight devices.

Answer 150

A

Bridge Protocol Data Units (BPDU)

In a network that contains redundant paths, bridges need to continually understand the topology of the network to control the flow of traffic and prevent looping. To do this, they exchange bridge protocol data units (BPDUs) via an extended LAN that uses a spanning tree protocol. BPDUs are data messages that provide the bridges with network information that’s used to carry out STP operations.

At the heart of STP is the spanning tree algorithm that runs on each STP-enabled bridge. The algorithm was specifically designed to avoid bridge loops when redundant paths exist. It uses the BPDUs to identify redundant links and select the best data path for forwarding messages. The algorithm also controls packet forwarding by setting the port state.

Answer 151

A

SC Connector

Square Connector

The SC Fibre Connector which uses a push-pull connector similar to common audio and video plugs and sockets.

Answer 152

A

DHCP snooping is a series of techniques applied to improve the security of a DHCP infrastructure.

DHCP servers allocate IP addresses to clients on a LAN. DHCP snooping can be configured on LAN switches to exclude rogue DHCP servers and remove malicious or malformed DHCP traffic.

Answer 153

A

d. 255.255.255.224.

The correct subnet mask for six subnets on a Class C IPv4 address space would be option (d) 255.255.255.224.

Explanation in simple terms:

The default subnet mask for a Class C address is 255.255.255.0, which has 24 bits allocated for the network.

To create the number of subnets Nina needs, she must change the number of network (1’s) and host bits (0’s) in the last Octet.

Changing 3 host bits (0’s) for 3 network bits (1’s) in the last octet, she gets what she needs, as 2^3 = 8 (which is the closest she could get to the 6 required).

Now that she has what she needs, the new subnet mask will be made of the 24 (original network bits up until the last octet) +3 (borrowed bits) = 27 bits. So the new subnet will now look like 11111111.11111111.11111111.11100000 (as this now shows the additional +3 network bits in the last octet).

The network bits in the last octet now add up to 224 (128+64+32+0+0+0+0+0), so the last octet = 224, and the correct answer to this question is: d. 255.255.255.224.

Answer 154

A

An F-type connector is a coaxial radiofrequency connector commonly used for cable television with an RG-6 cable.

RG-6 is a type of coaxial cable used to transmit audio and video signals to devices such as television sets. It is also used with cable modems to transmit data.

Answer 155

A

a. Repeater and d. Switch

Data signals weaken as they travel down a particular medium; this is known as attenuation. To increase the distance a signal can travel, you can regenerate the data signal to give it more strength.

A hardware repeater regenerates the data signal as it passes, enabling it to travel farther. Repeaters typically are no longer standalone devices; instead, they are included with the function of a switch.

The other answer choices are incorrect because a passive hub and DHCP server are not designed to deal with attenuation.

Answer 156

A

a. SFP

Small Form-factor Pluggable (SFP) connectors are widely used in networking equipment, particularly in the context of fiber optic connections.

SFP modules are hot-swappable and support various types of transceivers, including different types of fiber and copper interfaces.

This modularity and flexibility make SFP connectors suitable for a wide range of networking scenarios, allowing for different types of connections based on the specific needs of the network.

Answer 157

A

Nslookup uses the IP Address of a website to test connectivity without DNS.

You can use it to check the status of a DNS server.

Answer 158

A

c. Broadcast

A key difference between IPv4 and IPv6 is in the address types.

IPv6 addressing has three main types of addresses: unicast, multicast, and anycast.

IPv4 uses broadcast addressing, but IPv6 doesn’t.

Answer 159

A

d. MIBs

Simple Network Management Protocol (SNMP) uses databases of information called MIBs to define what parameters are accessible, which of the parameters are read-only, and which can be set.

Management Information Base (MIB), is a hierarchical database that contains configuration and other vital management information of SNMP devices in the form of data objects.

Answer 160

A

c. 1 and 2

Bridging is done at the first two layers of the OSI model.

Answer 161

A

d. CSU/DSU

A Channel Service Unit/Data Service Unit (CSU/DSU) acts as a translator between the LAN data format and the WAN data format.

Such a conversion is necessary because the technologies used on WAN links are different from those used on LANs.

Answer 162

A

MTRJ Fibre Connector

Mechanical Transfer Registered Jack Fibre Connector

Answer 163

A

b. 110

In the network wiring closet, the 110 block is used to connect a network cable to patch panels.

Answer 164

A

Hubs connect collision domains

Answer 165

A

c. Broadcast

IPv4 broadcast addresses are IP addresses that can target all systems on a subnet or network instead of single hosts. In other words, a broadcast message goes to everyone on the network or to a specific network segment.

Multicast sends data to an entire identified group of network users. Unicast sends data to a specific system. Multiplecast is not a valid networking term.

Answer 166

A

A Local Connector, also known as a Lucent Connector (LC)

is a Small form factor, tabbed push/pull, small compared to SC, higher port density, for Gigabit Ethernet and 10/40 GbE

Answer 167

A

a. OTDR

An Optical Time Domain Reflectometer (OTDR) is a device that tests the integrity of a fiber cable and is used for the building, certifying, maintaining, and troubleshooting fiber optic systems.

Hand-held OTDRs build a virtual image of the fiber optic cable to determine the condition and performance capability of the fiber cable.

These tools can also test components along the cable path like connection points, bends, or splices to analyze the cable’s capability from start to finish.

Answer 168

A

c. Communities

SNMP communities are logical groupings of systems.

When a system is configured as part of a community, it communicates only with other devices that have the same community name.

Answer 169

A

A Virtual Machine (VM) is a system that runs on the virtual computer resources through the use of a Hypervisor.

Answer 170

A

a. MTTF - The Mean Time To Failure

b. MTTR - The Mean Time to Repair

c. MTBF - The Mean Time Between Failures

Answer 171

A

d. Failed Posture Assessment

This module enables the VPN client to identify the operating system, antivirus, anti-spyware, and firewall software installed on the host. An application called HostScan gathers this information, so a Posture assessment requires HostScan to be installed on the host.

Answer 172

A

Link-state protocols include a. IS-IS and b. OSPF

a. IS-IS (Intermediate System-to-Intermediate System) is a link-state protocol.

b. OSPF (Open Shortest Path First) is a link-state protocol.

c: RIP (Routing Information Protocol) is a distance-vector protocol

d. IGRP (Interior Gateway Routing Protocol) is a distance-vector protocol

Answer 173

A

a. Uptime

Uptime | Linux Man page UPTIME(1), to show how long the system has been running.

Answer 174

A

c. ip addr and e. ifconfig

c. ip addr: This command is part of the iproute2 suite in Linux and superceeds ifconfig. It is used to both display and manage network interfaces on a system. Running ip addr will show information about the network interfaces, including their IP addresses, status, and configuration. It also fully supports IPv6 addresses and configurations, while ifconfig might have limited or no support for IPv6.

e. ifconfig: This command is a traditional tool for configuring and displaying network interfaces on Linux systems.

Both ‘ip’ and ‘ifconfig’ provide information about the current status and configuration of the network interfaces and can set IP addresses, netmasks, broadcast addresses, and other network-related parameters.

Answer 175

A

c. Poison reverse

A poison reverse loop dictates that the route is advertised back on the interface from which it was learned, but it has a hop count of infinity, which tells the node that the route is unreachable.

Answer 176

A

SQLnet

The SQLNET protocol is used by Oracle SQL servers to execute SQL commands from clients, including load balancing and application-specific services.

Support of stateful firewall and NAT services requires that you configure the SQLNET ALG for TCP port 1521.

Answer 177

A

d. Spectrum analyzer

Spectrum Analyzer is a tool that measures the frequency and amplitude of signals in a wireless network.

It can be used to troubleshoot issues related to interference from other networks and non-802.11 devices, such as microwave ovens or cordless phones, by identifying the sources and levels of interference in the wireless spectrum.

A spectrum analyzer can also help to optimize the channel selection and placement of wireless access points.

a. NetFlow Analyzer is a tool used for monitoring and analyzing network traffic flow. It collects and analyzes flow data, providing insights into the sources and destinations of network traffic, the types of applications and protocols being used, and the amount of data transferred. NetFlow is often used for network performance monitoring, troubleshooting, and security analysis.

b. Bandwidth Analyzer is a tool used to monitor and analyze the utilization of network bandwidth. It provides information about the amount of data transmitted and received over a network, helping administrators identify bandwidth-hungry applications, users, or devices. This type of tool is crucial for optimizing network performance, planning capacity, and detecting potential bottlenecks.

c. Protocol Analyzer (or packet analyzer) is a tool used to capture, analyze, and decode network packets. It allows network administrators and analysts to inspect the contents of network packets, including headers and payloads. Protocol analyzers are essential for troubleshooting network issues, identifying protocol-specific problems, and gaining detailed insights into network communication.

Answer 178

A

Automatic Private IP Addressing (APIPA)

e.g. 169.254.x.x

Answer 179

A

b. Star bus

A popular hybrid topology is the star bus—a combination of the star topology and the bus topology. The term hybrid topology also can refer to the combination of wireless and wired networks. None of the other options presented are shown in the figure.

Answer 180

A

c. QSFP+

QSFP+ stands for Quad Small Form-Factor Pluggable Plus.

A parallel and hot-swappable fiber optical module that provides high-density 40G connectivity options for high-performance computing networks and modern data centers.

QSFP+ is the modern incarnation of QSFP. In most data centers, it has completely replaced its predecessor.

QSFP+ can reach speeds of 10 Gbps per line. This makes it a 40G connection type that still maintains the small form factor that is essential to so many network designs.

Answer 181

A

d. Cut-through

In a cut-through switching environment, the packet begins to be forwarded as soon as it is received.

a. Ready-set-go switching environment is a fictitious choice.

b. Store-and-forward switching environment is where the entire packet is received and error-checked before being forwarded.

c. Fragment-free switching environment is when enough of the packet is read so that the switch can determine whether the packet has been involved in a collision.

Answer 182

A

1. Routers filter and forward based on IP Addresses

2. Switches filter and forward based on MAC Addresses

Answer 183

A

c. It includes data that has changed since the last full backup.

Answer 184

A

40GBASE-T:

Cat 8 Ethernet Cable
40Gbps
30m

Answer 185

A

c. The switchport is configured for 802.1q trunking

If the switchport is configured for 802.1q trunking instead of as an access host port, the workstation will be unable to reach the DHCP server through the port and will fall back to using an APIPA address.

APIPA is not configured through the VLAN’s Switch, it is configured by default on the client and server devices, such as the workstation in this scenario.

A small form-factor pluggable (SFP) transciever is used on routers as a hot-pluggable network interface module, they are not used in workstations.

The workstation’s OS update status is unlikely to cause the network connectivity issue, but a network interfae driver might. Therefore, the most likely cause of this issue is the switchport was configured as a trunking port instead of an access port.

Answer 186

A

b. show config

The “show config” command is used on a Cisco networking device to display the device’s current configuration. This would show whether or not the DHCP Snooping was enabled on the device.

The “show interface” command is used on a Cisco networking device to display the statistics for a given network interface.

The “show diagnostic” command is used on a Cisco networking device to display details about the hardware and software on each networked device.

The “show route” command is used on a Cisco networking device to display the current state of the routing table for a given network device.

Answer 187

A

a. IS-IS and c. OSPF

Link-state protocols include Open Shortest Path First (OSPF) and Intermediate System-to-Intermediate System (IS-IS).

Interior Gateway Routing Protocol (IGRP) and Routing Information Protocol (RIP) are examples of distance-vector protocols.

Answer 188

A

Multitenancy is when several different cloud customers are accessing the same computing resources, such as when several different companies are storing data on the same physical server.

Answer 189

A

c. Nonrepudiation

Nonrepudiation provides proof of the origin, authenticity and integrity of data.

It provides assurance to the sender that its message was delivered, as well as proof of the sender’s identity to the recipient.

This way, neither party can deny that a message was sent, received and processed.

Answer 190

A

c. Add a layer 3 switch and create a VLAN

Answer 191

A

b. EIGRP and c. RIP

Enhanced Interior Gateway Routing Protocol (EIGRP) and Routing Information Protocol (RIP) are examples of distance-vector protocols.

Link-state protocols include Open Shortest Path First (OSPF) and Intermediate System-to-Intermediate System (IS-IS).

Answer 192

A

b. NIC teaming

Port aggregation combines two or more separate cabled links into a single logical channel. From the front end this is also known as NIC teaming.

A switch learns MAC addresses by reading the source address for a frame. The address mapping normally gets cached in a MAC address table that implements as Content Addressable Memory (CAM).

A port security configuration validates the MAC address of the end systems that connect to a switch port. In most scenarios, you would not expect the MAC address of servers and workstations to change often.

Auto-MDI/MDIX means that the switch senses the configuration of the connected device and cable wiring and ensures that a Media Dependent Interface (MDI) uplink to an MDIX port gets configured.

Answer 193

A

a. PaaS

PaaS provides a cloud platform to run an application.
SaaS is used to provide cloud-based software for users such as Adobe Creative Cloud.
IaaS provides an entire network infrastructure.
IaC is a method of updating server farms using prewritten code.

Answer 194

A

b. CSMA/CD

Answer 195

A

Thick Coaxial

Answer 196

A

a. Extended service set

Answer 197

A

Baseline Configuration Document

A baseline configuration document contains details about all the installed hardware and software in a data centre, and provides the foundation for future upgrades.

Answer 198

A

c. Session

The session layer synchronizes the data exchange between applications on separate devices.

The presentation layer converts data from the application layer into a format that can be sent over the network.

The transport layer establishes, maintains, and breaks connections between two devices.

The network layer provides mechanisms for the routing of data between devices across single or multiple network segments.

Answer 199

A

Syslog Severity Levels:

0. Emergency Panic: The network is useless.
1. Alert: Something bad happened, deal with it NOW!
2 Critical: Something bad is about to happen, deal with it NOW!
3. Error: A failure in the system that needs attention.
4 Warning: Something will happen if it is not dealt within a timeframe.
5. Notification Normal but significant conditions.
6. Informational: Informative but not important.
7. Debugging: Lots of unnecessary messages. Only relevant for developers

Answer 200

A

Single Mode Fibre

100BaseBX and 1000BaseBX are standards for Ethernet transmission over optical fibers, typically used in fiber-optic communication. The “BX” stands for “Bi-directional Gigabit Ethernet.”

Answer 201

A

STP (Spanning Tree Protocol)

Spanning Tree Protocol is a Layer 2 protocol that runs on bridges and switches.

The specification for STP is IEEE 802.1D.

The main purpose of STP is to ensure that you do not create loops when you have redundant paths in your network.

Answer 202

A

a. MONs

Metro-optical networks (MONs) are optical networks that can span up to several hundred kilometers and are used to serve metropolitan areas in which there is a large, concentrated population.

Answer 203

A

Note: It is OK to combine these rules!

Rule 1: Omit groups of all zeros

The first rule that we are going to look at is called Zero Compression. It says that a double colon (::) can replace a single, contiguous string of one or more groups consisting of all 0s.

Note: The :: can only appear once in an IPv6 address

Rule 2: Omit Leading zeros
The other way to shorten addresses is to omit Leading zeros in any group of 4 hexadecimal digits.

Note: The rule applies only to leading zeros and no trailing zeros.

Answer 204

A

d. 42DE:7E55:63F2:21AA:CBD4:D773:CC21:554F

IPv6 uses a 128-bit address, which is expressed as eight octet pairs in hexadecimal format, separated by colons. (7 sets of colons!)

Because it is hexadecimal, only numbers and the letters A through F can be used.

Answer 205

A

a. 802.11ac and c.802.11ax

MU-MIMO is used by the 802.11ac and 802.11ax standards and makes multiuser MIMO possible (increasing the range and speed of wireless networking).

MIMO, itself, enables the transmission of multiple data streams traveling on different antennas in the same channel at the same time.

Answer 206

A

a. 50

The 66 block has 50 rows of Insulation Displacement Contacts (IDC contacts) to accommodate 25-pair twisted-pair cable.

Answer 207

A

b. Active tap

An Active tap is a powered device that performs signal regeneration. Gigabit signalling over copper wire is too complex for a passive tap to monitor.

SPAN (Switched Port Analyzer/mirror port) refers to a sensor, attached to a specifically configured port on the switch, that receives copies of frames. This method is not completely reliable.

A passive tap is a box with ports for incoming and outgoing network cabling and an inductor or optical splitter that physically copies the signal from the cabling to a monitor port.

The I/G bit of a MAC address determines whether the frame addresses an individual node (0) or a group (1). The latter is for broadcast and multicast transmissions.

Answer 208

A

d. SDWAN

The concept behind a Software-defined wide area network (SDWAN) is to take many of the principles that make cloud computing so attractive and make them accessible at the WAN level. This is done by adopting a virtual WAN architecture leveraging a combination of transport services (MPLS, 5G, LTE, broadband, and so on) to securely connect users to applications.

WPAN refers to the technologies involved in connecting devices in very close proximity to exchange data or resources, usually through the use of Bluetooth, infrared, or NFC.

GRE provides a secure private path for packets through a public network using a point-to-point tunnel between two sites.

mGRE extends this capability from a limited number of sites by dynamically establishing tunnels without the need to explicitly configure mapping entries.

Answer 209

A

DORA stands for Discover, Offer, Request, Acknowledge.

DHCP uses Dora Process to provide an IP Address to hosts or client machines. It collects all of the IP addresses from the central server that are accessible and gives them to hosts that want to connect to the network.

Answer 210

A

c. block malicious software that is too new to be found in virus definitions

Answer 211

A

a. Latency

Latency is the time lapse between sending or requesting information and the time it takes to return. This is not true of the other options presented.

Answer 212

A

Identification Which user are you? Prove who you are (Drivers License)

Authentication Password? Are you supposed to have access (Confirmation Number)

Authorisation Confirms what you can do. Give authorisation for access (Ticket)

Answer 213

A

b. Class B

Class B addresses are within the range 128.0.0.0 to 191.255.255.255.

The other choices represent incorrect classes for the Class B address given in the question.

Answer 214

A

Netsh is a command-line scripting utility that allows you to display or modify the network configuration of a computer that is currently running.

Netsh commands can be run by typing commands at the netsh shell and be used in batch files or scripts

Answer 215

A

**802.11b:*

11Mbps
2.4GHz

Answer 216

A

* Redundancy protocols
* Load Balancing
* Clustering
* Uninterruptible Power Supplies (UPS)
* Generators

Answer 217

A

a. All client systems must be set to 128-bit encryption.

On a wireless connection between an AP and the client, each system must be configured to use the same wireless security settings.

In this case, they must both be configured to use 128-bit encryption.

Answer 218

A

c. CRCs

CRC’s are a Layer 1 or Layer 2 issue.

A high number of CRC errors can suggest issues with the physical layer, such as cabling problems. Indeed most commonly it’s dirty/loose/broken cables, or occasionally a bad SFP/switchport. It can also be due to MTU mismatch.

Answer 219

A

d. Determine if anything has changed on her network, follow the OSI model from bottom to top to check possible causes, send a new document to the printer

1st Check Changes: Determine if anything has changed on her network.

2nd Find Possible Cause: Starting with OSI 1,2,3,4,5,6 and 7, follow the OSI model from bottom to top to check possible causes

3rd Send Again: Send a new document to the printer to see if the problem is resolved.

Answer 220

A

c. Port 445

Port 445 is for SMB and provides client applications with a secure and controlled method for opening, reading, moving, creating and updating files on remote servers.

Port 53 is for DNS DNS translates domain names to IP addresses so browsers can load Internet resources.

Port 389 is for LDAP Lightweight directory access protocol (LDAP) is a protocol that makes it possible for applications to query user information rapidly

d. Port 1433 is for SQL This port is needed to connect to the SQL database instance. By default, SQL will attempt to use 1433. If that port is unavailable, it will automatically choose another port.

Answer 221

A

c. Physical network diagram

Answer 222

A

b. Load balancing increases data availability.

Load balancing increases redundancy and therefore data availability.

Also, load balancing increases performance by distributing the workload.

Multilayer switches and DNS servers can serve as load balancers.

Answer 223

A

a. 802.11ac and d. 802.11a

802.11a and 802.11ac use the 5 GHz range.

Wireless standards specify an RF range on which communications are sent.

The 802.11b and 802.11g standards use the 2.4 GHz range.

802.11n can operate at 2.4 GHz and 5 GHz.

802.11ax operates in both the 2.4 GHz and 5 GHz ranges.

Answer 224

A

The aim of network abstraction is to summarize a large network as a smaller one. An abstracted network can then help users to see the overall topology of a large network, or to understand the connections of distant nodes.

Network abstraction is a way of hiding the complexity and details of the network implementation from the higher-level layers and applications.

Abstraction allows you to use a simplified representation or model of the network that captures the essential features and behaviours of the network.

Answer 225

A

Class B:

1st Octet value range is from 128 to 191
Provides 65,536 possible hosts

Answer 226

A

802.11n

108-300 Mbps
2.4GHz & 5.0 GHz
MIMO - OFDM

Answer 227

A

Server Consolidation is a strategy used in IT infrastructure management to optimize the use of physical server resources by reducing the number of physical servers through virtualization or other techniques. The goal of server consolidation is to improve resource utilization, reduce hardware and operational costs, enhance scalability, and streamline management and maintenance tasks.

Answer 228

A

c. OSPF

OSPF is known as a classless protocol.

Classless routing protocols are those protocols that include the subnet mask information when the routing tables or updates are exchanged. Other classless routing protocols include EIGRP, RIPv2 (or newer), and IS-IS.

Answer 229

A

b. PoE

Power over Ethernet (PoE) is a technology that enables electrical power to transmit over twisted-pair Ethernet cable.

The power is transferred, along with data, to provide power to remote devices. These devices may include remote switches, wireless access points, VoIP equipment, and more.

PPPoE (Point-to-Point Protocol over Ethernet) is used for encapsulating frames and does not enable electrical power to transmit over Ethernet.

VoIP is a technology used to enable voice and multimedia sessions over IP networks.

iSCSI enables SCSI commands to be sent over IP networks to SCSI devices.

Answer 230

A

d. Application

Protocols and technologies such as Real-time Transport Protocol (RTP) operate at the application layer.

Answer 231

A

C. Router

Devices in different broadcast domains need a router to communicate with each other.

Routers operate at the network layer (Layer 3) of the OSI model and can connect different networks, enabling communication between devices in separate broadcast domains.

Switches operate at the data link layer (Layer 2) and are used for local network communication within the same broadcast domain.

Hubs are outdated and don’t provide the segmentation that routers do.

Modems are used for connecting to the internet and do not inherently provide the capability to connect devices in different broadcast domains.

Answer 232

A

b. STP (Spanning Tree Protocol)

Answer 233

A

Change request help project managers track proposed changes and determine whether they should be approved.

Type of Change
Configuration Procedures
Potential Impact
Rollback Process
Notification

Answer 234

A

b. The site prefix or global routing prefix

Answer 235

A

c. Cloud bursting

A common reason for using cloud computing is to be able to offload traffic to resources from a cloud provider if your own servers become too busy.

This is known as cloud bursting.

Answer 236

A

b. Short path labels

Used in high-performance-based telecom networks, MPLS is a technology that uses short path labels instead of longer network addresses to direct data from one node to another.

PPP is a data link protocol that is used to establish a connection between two nodes. PPP works with plain old telephone service (POTS), ISDN, fiber links such as SONET, and other faster connections, such as T1.

Metropolitan Ethernet is nothing more than an Ethernet-based MAN (metropolitan-area network).

DMVPN offers the capability to create a dynamic-mesh VPN network without having to preconfigure all the possible tunnel endpoints.

Answer 237

A

Fiber Optic

Answer 238

A

a. DHCPPROVE

DHCPPROVE is not a common packet.

The other choices presented (DHCPACK, DHCPDISCOVER, and DHCPOFFER) are part of the normal process.

Answer 239

A

a. Multicast

IPv4 multicasting allows one host on the internet or (private IP network) to send content to other hosts that have identified themselves as interested in receiving the originating host’s content.

Anycast refers to a group of hosts configured with the same IP addresses.

Broadcast refers to sending a packet to the network or subnet’s broadcast address.

Answer 240

A

a. 1518
The maximum size of an Ethernet frame is normally 1518 bytes, excluding the preamble.

The official IEEE 802.3 standard defines a 2-byte field to specify the size of the data field or payload. The payload can normally be between 46 and 1500 bytes.

Most Ethernet products follow the original DIX specification, referred to as Type II frames, and use the field to indicate the type of network layer protocol in the frame. These Ether Types are values of 1536 or greater.

To comply with CSMA/CD, the minimum length of an Ethernet frame is 64 bytes, so the payload must be at least 46 bytes. If this is not the case, it automatically pads it with redundant data.

Answer 241

A

MT-RJ Connector

MT-RJ is a popular connector for two fibers in a very small form factor.

Answer 242

A

d. An IPv6 address

The last 64 bits of an IPv6 address are known as EUI-64 (extended unique identifier, 64-bit); this address is obtained through the 48-bit MAC address.

The other choices are incorrect because EUI-64 is the last 64 bits of an IPv6 address.

Answer 243

A

The correct process for trouble-shooting is:

(1) Identify the problem

(2) Establish a theory of probable cause

(3) Test the theory to determine the cause

(4) Establish a plan of action to resolve the problem and identify potential effects

(5) Implement the solution or escalate as necessary,

(6) Verify full system functionality and if applicable implement preventative measures, and

(7) Document findings, actions, outcomes, and lessons learned.

Answer 244

A

d. RPO

The recovery point objective (RPO) is the interval of time that might pass during a disruption beofre the quantity of data lost during that period exceeds the Business Continuity Plan’s maximum allowable threshold or tolerance.

The recovery time objective (RTO) is the duration of time and a service level within which a business process must be restored after a disaster to avoid unacceptable consequences associated with a break in continuity.

The mean time to repair (MTTR) measures the average time it takes to repair a network device when it breaks.

The mean time between failures (MTBF) measures the average time between when failures occur on the device.

Answer 245

A

a. SC

SC connectors are used with fiber-optic cable.

RJ-45 connectors are used with UTP cable.

BNC is used for thin coax cable.

RJ-11 is used for regular phone connectors.

Answer 246

A

a. LLC and b. MAC

The data link layer is broken into two distinct sublayers: Media Access Control (MAC) and Logical Link Control (LLC).

LCL is not a valid term.

Session is another of the OSI model layers.

Answer 247

A

c. Hub-and-spoke

Each node on a hub-and-spoke (also known as a star) network uses its own cable, which makes it easy to add users without disrupting current ones.

Adding a node to a bus network can sometimes involve breaking the segment, which makes it inaccessible to all other nodes on the network.

The other choices presented are all valid network types but are not as easy to add a node to as a hub-and spoke network.

Answer 248

A

b. Port numbers identify the sending and receiving processes between two hosts

A port is a virtual point where network connections start and end.

Ports are software-based and managed by a computer’s operating system.

Each port is associated with a specific process or service.

Answer 249

A

Identification: Identification is CLAIMING an identity (Think username, process ID, smart card etc)

Authentication: Authentication is PROVING that identity (Think Password, 2FA, biometrics etc)

Authorization: Authorization is permitting specific actions once the user has been authenticated.

Authentication factors include: something you know, have, or are.

Attributes include:
· Something you can do (Signature)
· Something you exhibit (Typing speed)
· Someone you know (Certificate from a trusted server)
· Somewhere you are

Answer 250

A

b. Caching

One of the most notable extra features is that proxy servers can greatly improve network performance through the process of caching.

Answer 251

A

b. Trap

Using an SNMP Trap you will automatically receive a notification if a network link is disabled.

Answer 252

A

c. Internet SCSI (iSCSI)

Internet SCSI (iSCSI) is a storage protocol that runs on top of TCP/IP and is commonly used for connecting storage devices over Ethernet networks. It is known for being cost-effective and can operate over existing twisted pair Ethernet infrastructure.

a. Fibre Channel (FC) typically requires dedicated Fibre Channel hardware and is not designed to run over traditional Ethernet.

b. Fibre Channel over Ethernet (FCoE) is designed to carry Fibre Channel traffic over Ethernet networks. While it can run on Ethernet, it may still require specialized hardware and is not always the least expensive option.

d. InfiniBand (IB) is a high-speed interconnect technology, but it is not specifically designed for storage and may not be the most cost-effective solution for this scenario.

Answer 253

A

b. Extender

The extender is also known as a repeater because it amplifies what it receives and retransmits it.

Answer 254

A

a. netstat and d. ipconfig

The netstat command generates displays that show network status and protocol statistics. You can display the status of TCP and UDP endpoints in table format, routing table information, and interface information.

The ipconfig command is used to display information about your network configuration and refresh DHCP and DNS Settings. By default, the ipconfig command displays your IP Address, Subnet Mask, and default gateway.

dig stands out for its rich feature set and thorough output. Dig is the tool of choice for experts and network administrators looking for comprehensive DNS analysis, troubleshooting, and the capacity to work with different record kinds.

nslookup is an easy-to-use tool for fundamental DNS queries

Answer 255

A

d. Class D

Class D addresses fall within the range 224.0.0.0 to 239.255.255.255.

Class D addresses are used for multicasting.

Answer 256

A

b. CPU utilization

If the network switch is experiencing issues, especially when the logging level is set to debugging, checking the CPU utilization is a good starting point.

Setting the logging level to debugging generates more detailed and extensive logs, which can consume additional CPU resources.

High CPU utilization on a network switch can lead to performance issues, including delays in responding to requests and potential packet drops. It might be indicative of the switch being overwhelmed with processing tasks, such as generating and handling extensive logs.

By monitoring CPU utilization, the technician can identify whether the switch’s CPU is reaching high levels and potentially causing the intermittent unresponsiveness. If the CPU is consistently high, it may require further investigation to identify the specific processes or tasks causing the issue.

Options a. c. and d. are less directly related to the impact of logging on switch performance

a. Audit logs While audit logs can provide valuable information about system activities, they might not directly impact the switch’s real-time performance.

c. CRC errors CRC errors are related to issues with the integrity of received frames, and they might not be directly linked to the switch’s response to requests.

d. Jitter Jitter is a measure of variability in packet arrival times and is more associated with issues in packet delivery timing, rather than the impact of logging on switch performance.

Answer 257

A

a. Reverse

A reverse proxy server resides near the web servers and responds to requests. These are often used for load balancing purposes because each proxy can cache information from a number of servers.

Answer 258

A

IPSec

IPSec provides authentication and encryption of packets to create a secure encrypted communication path between two computers

Answer 259

A

d. C:\windows\system32> nbstat -R

Since this is a Windows-based network, the client is likely attempting to connect to the servers using NetBIOS. NetBIOS stores the local cached name table in the LMHOSTS file on each client. If the entry in the client file is pointing to the wrong IP, this could cause the connectivity issues described. Therefore the system administrator should enter the “nbstat -R” command to purge and reload the cached name table from the LMHOST file on their Windows workstation.

Answer 260

A

c. Modulation

OFDM (Orthogonal Frequency Division Multiplexing)
QAM (Quadrature Amplitude Modulation)
OPSK (Orthogonal Phase Shift Keying)

These are all examples of modulation and multiplexing techniques commonly used in wireless communication

Answer 261

A

b. CNAME

The CNAME record stores additional hostnames, or aliases, for hosts in the domain.

PTR is used for reverse lookups.

There is not an ALSO record or ALIAS.

Answer 262

A

c. MDI-X

The ports on a hub to which computer systems are attached are called Medium-Dependent Interface Crossed (MDI-X).

HSPA+ is an evolved High Speed Packet Access and a technical standard for wireless broadband telecommunication

RSG is is a remote gateway that provides a fully transparent connection

Answer 263

A

d. Nothing

Wireless LAN equipment built on 802.11a can only use the 5GHz frequency band.

802.11g can only use the 2.4GHz frequency band, therefore the network adapters cannot be made to connect to your AP by any means.

Answer 264

A

d. East-West traffic

East-West traffic is a concept referring to network traffic flow within a data center between servers.

North-South refers to data transfers between the data center and that outside of the network.

Answer 265

A

e. 00:D0:59:09:07:51

The MAC address is a 6-byte (48-bits) address expressed in six pairs of hexadecimal values.

Because it is hexadecimal, only the letters A through F and numbers can be used.

Answer 266

A

b. One-tiered

The network architecture in which the database and the application exist on a single system is called a one-tiered model.

Answer 267

A

A Wiring Diagrams is a diagram used to clearly label which cables are connected to which ports.

The more in-depth wiring diagrams will also include a floor plan or rack diagram, so that you can see how the cables are run in the physical environment.

Answer 268

A

d. Bluejacking

Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs, or laptop computers, sending a vCard which typically contains a message in the name field to another Bluetooth-enabled device via the OBEX protocol.

Answer 269

A

b. SaaS

With the SaaS cloud service model, consumers are able to use the provider’s applications, but they do not manage or control any of the underlying cloud infrastructure.

Answer 270

A

b . 802.11ax

Wi-Fi 6 (also known as 802.11ax) is the new generation of Wi-Fi technology.

It operates in the 2.4 GHz and 5 GHz bands and can communicate at speeds of up to 9.6Gbps.

Wi-fi 6 is all about better and more efficient use of the existing radio frequency medium.

Answer 271

A

d. Network

Routers normally create, add, or divide networks or network segments at the network layer of the OSI reference model because they usually are IP-based devices.

Answer 272

A

EUI-64 (Extended Unique Identifier) is a method used to automatically configure IPv6 host addresses

An IPv6 device will use the MAC address of its interface to generate a unique 64-bit interface ID. However, a MAC address is 48 bit and the interface ID is 64 bit.

The IPv6 EUI-64 format address is obtained through the 48-bit MAC address.

The MAC address is first separated into two 24-bits, with one being OUI (Organizationally Unique Identifier) and the other being NIC specific.

The 16-bit 0xFFFE is then inserted between these two 24-bits for the 64-bit EUI address.

Answer 273

A

ARP poisoning is a type of attack where a malicious actor sends fake ARP messages to associate their MAC address with the IP address of a legitimate host or gateway.

This can lead to man-in-the-middle attacks.

Answer 274

A

b. 169.254.0.1 to 169.254.255.254

Answer 275

A

a. Hub

A network hub operates only at the physical layer of the OSI model.

b. A router operates at the network layer of the OSI model.

c. A switch operates at the data link or network layer of the OSI model.

d. A bridge operates at the data link layer of the OSI model.

Answer 276

A

a. ISDN is faster.

One clear advantage that ISDN has over the PSTN is its speed.

ISDN can combine 64 Kbps channels for faster transmission speeds than the PSTN can provide.

SDN is no more or less reliable than the PSTN.

ISDN is more expensive than the PSTN.

Answer 277

A

e. SCADA

Supervisory Control and Data Acquisition (SCADA) systems are used for controlling, monitoring, and analyzing industrial devices and processes.

The system consists of both software and hardware components and enables remote and on-site gathering of data from the industrial equipment.

Answer 278

A

T1

T1 lines offer transmission speeds of 1.544 Mbps and can create point-to-point dedicated digital communication paths. T1 lines have commonly been used for connecting LANs.

Side Note:
AT&T designed its T-carrier system to allow the grouping of individual channels together into larger units. A T2 line, for example, consists of four aggregated T1 lines. Similarly, a T3 line consists of 28 T1 lines. The system defined five levels — T1 through T5

Answer 279

A

a. Every node has equal access to the network media.

On a network that uses CSMA/CD, every node has equal access to the network media.

The other options incorrectly state the relationship for a network using CSMA/CD.

Answer 280

A

Automation allows systems to update using code to avoid mis-typed commands from multiple programmers.

Answer 281

A

d. Examples

The subnets 192.0.2.0/24, 198.51.100.0/24 and 203.0.113.0/24 are all set aside for use in documentation and examples.

The subnets 100.64.0.0/10, 192.0.0.0/24 and 198.18.0.0/15 are all set aside for a variety of special purposes.

Answer 282

A

c. Quality of service

QoS enables an organization to prioritize traffic and resources to guarantee the promised performance of a specific application or service.

It also enables enterprises to prioritize different applications, data flows, and users in order to guarantee the optimum level of performance across their networks.

Answer 283

A

c. Wires 1 and 3 and wires 2 and 6

In a crossover cable, wires 1 and 3 and wires 2 and 6 are crossed.

Brainscape's Knowledge GenomeTM

Comptia Network+ (N10-008) Flashcards

Some of what I have found and learnt while studying

Brainscape's Knowledge Genome^TM