Dion

Question 1

Internal network users aren’t able to access external site but external users can. Website responds to ping from internal network + resolves to proper public address. What is the fix while causing internal users to route to website using internal IP address?

Answer 1

Implement split-horizon / split-view DNS

Separate DNS servers provided for security + privacy management for internal + external networks

Logical / physical separation of DNS information

Question 2

UPS malfunctioning because internal battery has died. To replace the server has to be shut down while UPS is replaced. What would BEST increase server’s availability over UPS replacement?

Answer 2

Add redundant power supply to server

Question 3

Maximum amount of data, as measured in time, that an organization is willing to lose during an outage

Answer 3

RPO

Question 4

Network device used to separate broadcast domains

Answer 4

Router (Layer 3 switch)

Question 5

Theoretical maximum rate of data transfer from source to destination in a given amount of time under ideal conditions

Answer 5

Bandwidth

Throughput is actual measure

Question 6

Used by agent to send complete set of key-pair values about a significant event / condition that is occurring in real-time by providing full list of variables + values for a given device to a manager

Answer 6

Verbose trap

Question 7

Implement to require the least amount of configuration for Internet access over guest network

Answer 7

Enable SSID broadcast for guest wireless network

Question 8

Administrator can ping fiber uplink interface but none of the workstations plugged into switch are responding to ICMP requests. What should be done next?

Answer 8

Determine if link lights are lit for the ports

Question 9

Remediation strategies MOST effective in reducing risk to an embedded ICS from network-based compromise

Answer 9

Segmentation

Disabling unused services

Question 10

Best solution to sanitize / destroy data while ensuring computers will still be usable

Answer 10

Wiping (overwriting data on disk)

Question 11

Tool to measure resistance of coaxial cable

Answer 11

Multimeter

Question 12

Most likely reason SSID is not being displayed

Answer 12

Broadcast is disabled on wireless router

Question 13

Encryption type used by WPA to improve upon WEP

Answer 13

TKIP

Question 14

SDN layer that focuses on resource requests or information about the network

Answer 14

Application layer

Question 15

Method to protect DMZ from ping sweeps trying to discover network resources

Answer 15

Block all ICMP traffic to + from DMZ

Question 16

What to implement to correct issue if network equipment has been restarting at the same time every day

Answer 16

UPS

Simultaneous restart likely due to power outage

Question 17

BEST recommendation to add to BCP

Answer 17

Build redundant links between core devices

Question 18

Keep cabling infrastructure out of sight but still accessible to administrators (cost not an issue)

Answer 18

Install raised floor for cabling

Question 19

Condition that occurs when copper conductors on several wires being exposed + coming in contact with each other

Answer 19

Short

Question 20

What happens when convergence on a routed network occurs?

Answer 20

All routers learn the route to all connected networks

Question 21

Protocol to be familiar with to troubleshoot router using label switching and label edge routers to forward traffic

Answer 21

MPLS

Question 22

Metric that would be most useful to determine why VoIP service is not presenting consistent pace when traversing network

Answer 22

Jitter

Big problem with real-time applications

Question 23

Antenna type with low profile

Answer 23

Patch antenna

Question 24

Uses well-written set of carefully developed + tested scripts to orchestrate runbooks + generate consistent server builds across an enterprise

Answer 24

SDN

Question 25

Open-source remote access tools that allows users to connect to their desktop remotely, see what is on their screen + control is with their mouse + keyboard

Answer 25

Virtual network computing (VNC)

Question 26

Configure routers to advertise failed routes with addition of infinite metric to prevent routing loops

Answer 26

Route poisoning

Question 27

Telecommunication link used to provide high-speed internet over system of coaxial / HFC cables

Answer 27

DOCSIS (Cable)

Question 28

IEEE specification that describes the use of LACP

Answer 28

802.3ad

Question 29

Technologies used by captive portal to perform user redirection

Answer 29

HTTP redirect

ICMP redirect

DNS redirect

Question 30

Needs to be added to allow network management tool to interpret new device + control it using SNMP

Answer 30

MIB

Question 31

Type of network attack in which attacker is blocking cellular devices from connecting to Internet within a building but device connects again after moving a distance from the building

Answer 31

Frequency jamming

Question 32

On-path attack in which attacker redirects any layer 2 traffic destined for gateway to attacker’s computer first

Answer 32

ARP poisoning

Question 33

Device that can prevent network traffic with non-default port numbers from bypassing security policies

Answer 33

Application-aware firewall

Question 34

Network documentation that would include labels to indicate which cables are connected to which switchports on an edge switch

Answer 34

Wiring diagram

Question 35

Not useful against zero-day threat

Answer 35

Patching

Question 36

Command to determine if interface is currently connected using OSPF / EIGRP on network device

Answer 36

show route

Question 37

Helps identify switches connected to each port quickly

Answer 37

Enable discovery protocol on network devices

Question 38

Command to display statistics for given switchport on Cisco switch

Answer 38

show interface

Question 39

Device connected to switch unable to obtain IP address but link light shows healthy connection

Answer 39

DHCP scope exhausted

DHCP not correctly configured

Question 40

Capability to monitor all traffic entering + leaving network default gateway in addition to blocking certain content types before it leaves network based on operational priorities

Answer 40

Install NIPs on internal router interface

Install firewall on external router

Question 41

Protocol to establish secure + encrypted VPN tunnel initiated through web browser

Answer 41

TLS/SSL

Question 42

Used to allow 1 node to communicate with many other nodes (DMVPN connections)

Answer 42

mGRE

Question 43

Technologies for internet connection when TV is already installed

Answer 43

DOCSIS modem

Question 44

Test open-source VoIP system before investing in associated hardware + phones

Answer 44

Create virtual PFX

Connect it to SIP phone application

Question 45

SDN layer that determines how to route data packet

Answer 45

Control layer

Question 46

User ran bandwidth speed test from laptop + received 33.3 Mbps upload + 10.2 Mbps download. BEST interpretation of results

Answer 46

Laptop received data at 33.3 Mbps + sent data at 10.2 Mbps

Question 47

Tool to use to measure signal power as it transmits over fiber optic cable

Answer 47

Fiber light meter

Question 48

Quickest option to configure replacement device with secure configuration

Answer 48

Image

Question 49

Type of attack in which attacker configures their machine to report itself as switch when connected to wired network.

Answer 49

VLAN hopping

Question 50

Wireless technology to use to transmit data files from 1 system to another in direct P2P connection over 2 - 3 meters

Answer 50

Bluetooth (up to 10 m)

NFC (4 cm / less)

Question 51

Switchport state with LEAST desirable path placed by STP when switch has multiple paths to reach root bridge

Answer 51

Blocking

Indicates there is a better path to root bridge + switchport itself is not root / designated port

Question 52

Deep packet firewall dropping portions of packet flow as it enters / leaves network. Network configured to use HSRP to load balance network traffic. What causes firewall to drop packets?

Answer 52

Asymmetric routing

Network packets leave via 1 path + return via different path

Question 53

Cellular technology comprised of HSPA+ & EV-DO to provide higher data speeds than previous cellular data protocols

Answer 53

3G

Question 54

Routing prefixes assigned in blocks by IANA + distributed by RIR

Answer 54

Autonomous system number

Question 55

Issue that can be prevented by configuring split-horizon options on network devices

Answer 55

Routing loops

Question 56

48-port switch just rebooted + all clients are not attempting to obtain new DHCP address. What may begin to occur?

Answer 56

Broadcast storm

All 48 clients trying to receive DHCP assignment simultaneously

Question 57

Configured a new interface on a router but client workstations don’t receive addressing information from new interface. What needs added / changed to resolve issue?

Answer 57

IP helper

Enables single DHCP server to provide IP addresses regardless of broadcast domains

Question 58

Simple solution for adding a shared drive that easily integrates into existing network, easy to configure, share files with clients over TCP/IP

Answer 58

NAS

Question 59

Command to check if DHCP snooping has been configured on network interface

Answer 59

show config