Dion difficult Q Flashcards
A company suffers an outage due to a bad module in a core switch. What is the NEXT step to conduct in troubleshooting?
- Gather information, start at the top of the OSI model, and work down.
- Establish plan of action to solve the problem.
- Establish a theory, identify the problem, duplicate the problem, test the theory and repeat
- Gather information, start at the bottom of the OSI model and work up.
Establish plan of action to solve the problem.
Explanation
If the technician has already discovered the issue, the symptoms have already been identified. Testing the theory comes after you have established a theory, which can only come once the issue has been discovered. Establishing a theory of probable cause allows you to continue with the next steps in troubleshooting the issue.
Janet is a system administrator who is troubleshooting an issue with a DNS server. She notices that the security logs have filled up and that they need to be cleared from the event viewer. She recalls this being a daily occurrence. Which of the following would BEST resolve this issue?
- Increase the maximum log size
- Log into the DNS server every hour to check if the logs are full
- Install an event management tool
- Delete the logs when full
Install an event management tool
Explanation
Using an event management tool will allow the administrator to clear the event logs and move them from the server to a centralized database, if needed.
A company has a secondary datacenter in a remote location. The cable management and power management are handled by the data center staff, while the building’s security is also handled by the datacenter staff with little oversight from the company. Which of the following should the technician do to follow the best practices?
- Secure the patch panels
- Ensure power monitoring is enabled
- Ensure rack security
- Secure teh UPS units
Ensure rack security
Explanation
By ensuring rack security such as locks, RFID card locks, and swing handles, the technician adds an extra layer of security to the servers which is a best practice.
Which of the following connector types is used to terminate DS3 connections in a telecommunications facility?
- 66 block
- BNC
- F-connector
- RJ-11
BNC
Explanation
Bayonet Neill-Concelman Connector (BNC connector) is a type of coaxial RF (Radio frequency) electrical connector that is used in place of coaxial connectors. A DS3 (Digital Signal 3) is also known as a T3 line with a maximum bandwidth of 44.736 Mbit/s. DS3 uses 75 ohm coaxial cable and BNC connectors.
What would provide the highest level of physical security for the client if they are concerned with theft of equipment from the datacenter?
- Cipher lock
- Proximity reader
- Magnetic key swipe
- Man trap
Man trap
Explanation
A man trap will ensure that only a single authorized person can get in or out of the building at one time. It provides the highest level of physical security among the choices given.
Jason wants to use his personal cell phone for work-related purposes. Because of his position in the company, Jason has access to sensitive company data which might be stored on his cell phone during its usage. The company is concerned about this but believes with the proper security controls in place it might be acceptable. Which of the following should be done to protect both the company and Jason if they allow him to use his personal cell phone for work-related purposes?
- Establish a consent to monitoring policy so that the cmpany can audit Jason’s cell phone usage
- Establish a AUP that allows a personal phone to be used for work-related purposes
- Conduct real-time monitoring of the phone`s activity and usage
- Establish an NDA that states Jason cannot share the confidential data with others
Conduct real-time monitoring of the phone`s activity and usage
Explanation
While all four are good options, the BEST solution is to conduct real-time monitoring of the phone’s activity since it is a technical control that could identify an issue quickly. The other options are all administrative controls (policies), which are useful, but would not actually identify if the sensitive data was leaked from Jason’s phone.
An outside technician notices that a SOHO employee who is logged into the company VPN has an unexpected source IP address. What is the employee MOST likely using?
- Proxy server
- Least-cost routing
- IPv6
- VPN concentrator
Proxy server
Explanation
Proxy servers are just different computers that serve as a hub where Internet requests are processed. When you are connected to a proxy, your computer sends request to that server and then returns your answers to the proxy server before forwarding the data to the requesting computer.
A company has added a lot of new users to the network that is causing an increase in network traffic by 200%. Original projection by the engineers was that the new users would only add 20-30% more network traffic, not 200%. The network administrator suspects that a compromise of the network may have occurred. What should the network administrator have done previously to prevent this network breach?
- Create VLANs to segment the network traffic
- Place a network sniffer on segments with new employees
- Provide end user awareness and training for employees
- Ensure best practices were implemented when creating new user account
Provide end user awareness and training for employees
Explanation
With new employees entering a company, often they are not fully aware of the company’s Internet usage policy and safe Internet practices. Providing end user awareness and training for new employees help reduce the company’s vulnerability to malicious entities on the Internet.
A network technician discovers an issue with spanning tree on the core switch. Which step should the network technician perform NEXT when troubleshooting to resolve the issue?
- Test a pheory to determine the cause
- Escalate to a senior technician
- Identify the symptoms
- Establish a theory of probable cause
Establish a theory of probable cause
Explanation
If the technician has already discovered the issue, the symptoms have already been identified. Testing the theory comes after you have established a theory, which can only come once the issue has been discovered. Establishing a theory of probable cause allows you to continue with the next steps in troubleshooting the issue.
A user reports slow computer performance. A technician troubleshooting the issue uses a performance monitoring tool and receives the following results: Avg % Processor Time =10% Avg Pages/Second = 0 Avg Disk Queue Length = 3 Based on the results, what might be causing a bottleneck in performance?
- Hard drive
- Memory
- Processor
- NIC
Hard drive
Explanation
Based on the results, the hard drive (disk queue) is causing the bottle neck. Since the average processor is not over 50%, the pages/second (memory) is not heavily burdened, nor do we have any information on the NIC.
A system administrator wants to verify that external IP addresses are unable to collect software versioning from servers on the network. Which of the following should the system administrator do to confirm the network is protected?
- Analyze packet captures
- Utilize netstat to locate active connections
- Use nmap to query known ports
- Review the ID3 logs on the network
Analyze packet captures
Explanation
Captured packets show you the information that was travelling through certain files, etc. Packet sniffers detail the information they’ve received, so working through those would show if the external network shows or details software versions.
An administrator has a virtualization environment that includes a vSAN and iSCSI switching. Which of the following actions could the administrator take to improve the performance of data transfers over iSCSI switches?
- The administrator should configure the switch port to auto-negotiate the proper Ethernet settings
- The administrator should configure each vSAN participant to have its own VLAN.
- The administrator should connect the iSCSI switches to each other over inter-switch links (ISL).
- The administrator should set the MTU to 9000 on each of the participants in the vSAN.
The administrator should set the MTU to 9000 on each of the participants in the vSAN.
Explanation
When using an iSCSI SAN (with iSCSI switching), we can improve network performance by enabling ‘jumbo frames’. A jumbo frame is a frame with an MTU of more than 1500. By setting the MTU to 9000, there will be fewer but larger frames going over the network. Enabling jumbo frames can improve network performance by making data transmissions more efficient.
Dion Training has created a guest wireless network for students to use during class. This guest network is separated from the corporate network for security. Which of the following should be implemented to require the least amount of configuration for a student to be able to access the Internet over the guest network?
- Enable SSID broadcast for the guest wireless network
- Enable two-factor authentication on the student’s device
- Configure the access point to 802.1x for authentication
- Configure WEP with a pre-shared key
Enable SSID broadcast for the guest wireless network
Explanation
Since security was not listed as a requirement for the guest wireless network, it would be easiest to not setup any encryption, passwords, or authentication mechanisms on the network. Instead, you should simply enable the SSID broadcast for the guest network so students can easily find and connect to it.
Sally in the web development group has asked for your assistance in troubleshooting her latest website. When she attempts to connect to the web server as a user, her web browser issues a standard HTTP request, but continually receives a timeout response in return. You decided that to best troubleshoot the issue, you should capture the entire TCP handshake between her workstation and the web server. Which of the following tools would BEST allow you to capture and then analyze the TCP handshake?
- Protocol analyzer
- Packet sniffer
- Spectrum analyzer
- Tone generator
Protocol analyzer
Explanation
A protocol analyzer or packet analyzer (like Wireshark) has the capability to capture the handshake and display it for analysis. A packet sniffer, though, will only capture the handshake. Neither a spectrum analyzer or a tone generator would be helpful in this situation.
Your company wants to develop a voice solution to provide 23 simultaneous connections using VoIP. Which of the following technologies could BEST provide this capability?
- DOCSIS
- T1
- DSL
- POTS
T1
Explanation
A T1 can transmit 24 telephone calls at a time because it uses a digital carrier signal (DS-1). DS-1 is a communications protocol for multiplexing the bit streams of up to 24 telephone calls simultaneously. The T1’s maximum data transmission rate is 1.544 mbps. DOCSIS is the standard for a cable modem. DSL is a Digital Subscriber Line which has variable speeds from 256 kbps and up. POTS is the Plain Old Telephone System, and provides only a single phone connection at a time. Out of these options, the T1 is the BEST to ensure you can reliably provide 23 simultaneous phone connections.
