Exam 111-120 Flashcards
Which of the following protocols can be both connection-oriented and connectionless?
A. 20 FTP
B. 53 DNS
C. 67 DHCP
D. 80 HTTP
B. 53 DNS
A technician logs onto a system using Telnet because SSH is unavailable. SSH is enabled on the target device, and
access is allowed from all subnets. The technician discovers a critical step was missed. Which of the following would
allow SSH to function properly?
A. Perform file hashing
B. Generate new keys
C. Update firmware
D. Change default credentials
B. Generate new keys
A network engineer arrives at work and discovers that many users are having problems when attempting to connect to
the company network shared drives. The network operations center (NOC) technician just completed server upgrades the
night before. To which of the following documents should the NOC technician refer to determine what potentially
caused the connectivity problem?
A. Network maps
B. Cable management
C. Release notes
D. Change management
D. Change management
A forensic first responder arrives at the scene where an employee is suspected to have committed acomputer-based crime.
Which of the following should the first responder do FIRST?
A. Document the scene
B. Take pictures upon arrival
C. Secure the area
D. Implement chain of custody
C. Secure the area
Users are reporting their network is extremely slow. The technician discovers pings to external host have excessive
response times. However, internal pings to printers and other PCs have acceptable response times.
Which of the following steps should the technician take NEXT?
A. Determine if any network equipment was replaced recently
B. Verify malware has not disabled the users’ PC firewalls
C. Replace users’ network cables with known-good network cables
D. Power cycle the web server
A. Determine if any network equipment was replaced recently
A network technician is diagnosing a time-out issue generated from an end user’s web browser. The web browser issues
standard HTTP get and post commands to interact with the website. Given this information, the technician would like to
analyze the entire TCP handshake of the HTTP requests offline. Which of the following tools would allow the technician
to view the handshake?
A. Packet analyzer
B. Port analyzer
C. SNMP traps
D. Spectrum analyzer
A. Packet analyzer
Which of the following BEST describes the differences between VLAN hopping and session hijacking?
A. VLAN hopping involves the unauthorized transition from one VLAN to another to gain additional access. Session
hijacking involves overriding a user’s web connection to execute commands
B. VLAN hopping is a brute force attack executed to gain additional access. Session hijacking involves physically
disrupting a network connection
C. VLAN hopping involves overriding a user network connection to execute malicious commands. Session hijacking
involves compromising a host to elevate privileges
D. VLAN hopping is the act of exploiting poor VLAN tagging. Session hijacking is a web-based attack aimed at
privilege escalation
A. VLAN hopping involves the unauthorized transition from one VLAN to another to gain additional access. Session
hijacking involves overriding a user’s web connection to execute commands
Which of the following DNS records needs to be configured for SMTP traffic?
A. MX
B. CNAME
C. AAAA
D. PTR
A. MX
A user reports difficulties connecting a PC to a wired network. The PC connects to an IP phone, which is working
correctly. A network technician can verify that other devices successfully connect to the phone. At which of the
following layers of the OSI model is the problem MOST likely located?
A. Network
B. Physical
C. Transport
D. Application
A. Network
Which of the following devices, if implemented, would result in decreased administration time of an 802.11 network
running centralized authentication services? (Choose two.)
A. VPN concentrator B. Proxy server C. Wireless controller D. RADIUS server E. Multilayer switch
C. Wireless controller
D. RADIUS server