Final Exam Flashcards

Question

37. A company has a file server that shares a folder named Public. The network security policy specifies that the Public folder is assigned Read-Only rights to anyone who can log into the server while the Edit rights are assigned only to the network admin group. Which component is addressed in the AAA network service framework? - automation - accounting - authentication - authorization

Answer 1

37. A company has a file server that shares a folder named Public. The network security policy specifies that the Public folder is assigned Read-Only rights to anyone who can log into the server while the Edit rights are assigned only to the network admin group. Which component is addressed in the AAA network service framework? - automation - accounting - authentication - **authorization** ## Footnote After a user is successfully authenticated (logged into the server), the authorization is the process of determining what network resources the user can access and what operations (such as read or edit) the user can perform.

Answer 2

38. What three requirements are defined by the protocols used in network communcations to allow message transmission across a network? (Choose three.) - **message size** - **message encoding** - connector specifications - media selection - **delivery options** - end-device installation

Answer 3

39. What are two characteristics of IP? (Choose two.) - **does not require a dedicated end-to-end connection** - **operates independently of the network media** - retransmits packets if errors occur - re-assembles out of order packets into the correct order at the receiver end - guarantees delivery of packets ## Footnote Explain: The Internet Protocol (IP) is a connectionless, best effort protocol. This means that IP requires no end-to-end connection nor does it guarantee delivery of packets. IP is also media independent, which means it operates independently of the network media carrying the packets.

Answer 4

40. An employee of a large corporation remotely logs into the company using the appropriate username and password. The employee is attending an important video conference with a customer concerning a large sale. It is important for the video quality to be excellent during the meeting. The employee is unaware that after a successful login, the connection to the company ISP failed. The secondary connection, however, activated within seconds. The disruption was not noticed by the employee or other employees. What three network characteristics are described in this scenario? (Choose three.) - **security** - **quality of service** - scalability - powerline networking - integrity - **fault tolerance**

Answer 5

41. What are two common causes of signal degradation when using UTP cabling? (Choose two.) - **improper termination** - low-quality shielding in cable - installing cables in conduit - **low-quality cable or connectors** - loss of light over long distances ## Footnote Explanation: When terminated improperly, each cable is a potential source of physical layer performance degradation.

Answer 6

42. Which subnet would include the address 192.168.1.96 as a usable host address? - **192.168.1.64/26** - 192.168.1.32/27 - 192.168.1.32/28 - 192.168.1.64/29 ## Footnote Explanation: For the subnet of 192.168.1.64/26, there are 6 bits for host addresses, yielding 64 possible addresses. However, the first and last subnets are the network and broadcast addresses for this subnet. Therefore, the range of host addresses for this subnet is 192.168.1.65 to 192.168.1.126. The other subnets do not contain the address 192.168.1.96 as a valid host address.

Answer 7

44. Which two statements describe how to assess traffic flow patterns and network traffic types using a protocol analyzer? (Choose two.) - Capture traffic on the weekends when most employees are off work. - **Capture traffic during peak utilization times to get a good representation of the different traffic types.** - Only capture traffic in the areas of the network that receive most of the traffic such as the data center. - **Perform the capture on different network segments.** - Only capture WAN traffic because traffic to the web is responsible for the largest amount of traffic on a network. ## Footnote Explanation: Traffic flow patterns should be gathered during peak utilization times to get a good representation of the different traffic types. The capture should also be performed on different network segments because some traffic will be local to a particular segment.

Answer 8

45. What is the consequence of configuring a router with the ipv6 unicast-routing global configuration command? - All router interfaces will be automatically activated. - **The IPv6 enabled router interfaces begin sending ICMPv6 Router Advertisement messages.** - Each router interface will generate an IPv6 link-local address. - It statically creates a global unicast address on this router.

Answer 9

46. Which three layers of the OSI model map to the application layer of the TCP/IP model? (Choose three.) - **application** - network - data link - **session** - **presentation** - transport ## Footnote Explanation: The TCP/IP model consists of four layers: application, transport, internet, and network access. The OSI model consists of seven layers: application, presentation, session, transport, network, data link, and physical. The top three layers of the OSI model: application, presentation, and session map to the application layer of the TCP/IP model.

Answer 10

48. What will happen if the default gateway address is incorrectly configured on a host? - The host cannot communicate with other hosts in the local network. - **The host cannot communicate with hosts in other networks.** - A ping from the host to 127.0.0.1 would not be successful. - The host will have to use ARP to determine the correct address of the default gateway. - The switch will not forward packets initiated by the host.

Answer 11

49. What are two features of ARP? (Choose two.) - When a host is encapsulating a packet into a frame, it refers to the MAC address table to determine the mapping of IP addresses to MAC addresses. - An ARP request is sent to all devices on the Ethernet LAN and contains the IP address of the destination host and its multicast MAC address. - **If a host is ready to send a packet to a local destination device and it has the IP address but not the MAC address of the destination, it generates an ARP broadcast.** - If no device responds to the ARP request, then the originating node will broadcast the data packet to all devices on the network segment. - **If a device receiving an ARP request has the destination IPv4 address, it responds with an ARP reply.**

Answer 12

50. A network administrator is adding a new LAN to a branch office. The new LAN must support 90 connected devices. What is the smallest network mask that the network administrator can use for the new network? - **255.255.255.128** - 255.255.255.240 - 255.255.255.248 - 255.255.255.224

Answer 13

51. What are two ICMPv6 messages that are not present in ICMP for IPv4? (Choose two.) - **Neighbor Solicitation** - Destination Unreachable - Host Confirmation - Time Exceeded - **Router Advertisement** - Route Redirection

Answer 14

52. A client packet is received by a server. The packet has a destination port number of 80. What service is the client requesting? - DHCP - SMTP - DNS - **HTTP**

Answer 15

53. What is an advantage for small organizations of adopting IMAP instead of POP? - POP only allows the client to store messages in a centralized way, while IMAP allows distributed storage. - **Messages are kept in the mail servers until they are manually deleted from the email client.** - When the user connects to a POP server, copies of the messages are kept in the mail server for a short time, but IMAP keeps them for a long time. - IMAP sends and retrieves email, but POP only retrieves email. ## Footnote Explanation: IMAP and POP are protocols that are used to retrieve email messages. The advantage of using IMAP instead of POP is that when the user connects to an IMAP-capable server, copies of the messages are downloaded to the client application. IMAP then stores the email messages on the server until the user manually deletes those messages.

Answer 16

54. A technician can ping the IP address of the web server of a remote company but cannot successfully ping the URL address of the same web server. Which software utility can the technician use to diagnose the problem? - tracert - ipconfig - netstat - **nslookup** ## Footnote Explain: Traceroute (tracert) is a utility that generates a list of hops that were successfully reached along the path from source to destination.This list can provide important verification and troubleshooting information. The ipconfig utility is used to display the IP configuration settings on a Windows PC. The Netstat utility is used to identify which active TCP connections are open and running on a networked host. Nslookup is a utility that allows the user to manually query the name servers to resolve a given host name. This utility can also be used to troubleshoot name resolution issues and to verify the current status of the name servers.

Answer 17

55. Which two functions are performed at the LLC sublayer of the OSI Data Link Layer to facilitate Ethernet communication? (Choose two.) - implements CSMA/CD over legacy shared half-duplex media - **enables IPv4 and IPv6 to utilize the same physical medium** - integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet over copper - implements a process to delimit fields within an Ethernet 2 frame - **places information in the Ethernet frame that identifies which network layer protocol is being encapsulated by the frame** ## Footnote Explanation: The data link layer is actually divided into two sublayers: + Logical Link Control (LLC): This upper sublayer defines the software processes that provide services to the network layer protocols. It places information in the frame that identifies which network layer protocol is being used for the frame. This information allows multiple Layer 3 protocols, such as IPv4 and IPv6, to utilize the same network interface and media. + Media Access Control (MAC): This lower sublayer defines the media access processes performed by the hardware. It provides data link layer addressing and delimiting of data according to the physical signaling requirements of the medium and the type of data link layer protocol in use.

Answer 18

56. The global configuration command ip default-gateway 172.16.100.1 is applied to a switch. What is the effect of this command? - The switch can communicate with other hosts on the 172.16.100.0 network. - **The switch can be remotely managed from a host on another network.** - The switch is limited to sending and receiving frames to and from the gateway 172.16.100.1. - The switch will have a management interface with the address 172.16.100.1. ## Footnote Explanation: A default gateway address is typically configured on all devices to allow them to communicate beyond just their local network.In a switch this is achieved using the command ip default-gateway .

Answer 19

57. What happens when the transport input ssh command is entered on the switch vty lines? - The SSH client on the switch is enabled. - The switch requires a username/password combination for remote access. - **Communication between the switch and remote users is encrypted.** - The switch requires remote connections via a proprietary client software. ## Footnote Explanation: The transport input ssh command when entered on the switch vty (virtual terminal lines) will encrypt all inbound controlled telnet connections.

Answer 20

59. A disgruntled employee is using some free wireless networking tools to determine information about the enterprise wireless networks. This person is planning on using this information to hack the wireless network. What type of attack is this? - DoS - access - **reconnaissance** - Trojan horse ## Footnote Explanation: A reconnaissance attack is the unauthorized discovery and documentation of various computing networks, network systems, resources, applications, services, or vulnerabilities.

Answer 21

60. What service is provided by HTTP? - Uses encryption to secure the exchange of text, graphic images, sound, and video on the web. - Allows for data transfers between a client and a file server. - An application that allows real-time chatting among remote users. - **A basic set of rules for exchanging text, graphic images, sound, video, and other multimedia files on the web.**

Answer 22

61. A client packet is received by a server. The packet has a destination port number of 67. What service is the client requesting? - FTP - **DHCP** - Telnet - SSH

Answer 23

62. What are two problems that can be caused by a large number of ARP request and reply messages? (Choose two.) - Switches become overloaded because they concentrate all the traffic from the attached subnets. - **The ARP request is sent as a broadcast, and will flood the entire subnet.** - The network may become overloaded because ARP reply messages have a very large payload due to the 48-bit MAC address and 32-bit IP address that they contain. - A large number of ARP request and reply messages may slow down the switching process, leading the switch to make many changes in its MAC table. - **All ARP request messages must be processed by all nodes on the local network.** ## Footnote Explanation: ARP requests are sent as broadcasts: (1) All nodes will receive them, and they will be processed by software, interrupting the CPU. (2) The switch forwards (floods) Layer 2 broadcasts to all ports. A switch does not change its MAC table based on ARP request or reply messages. The switch populates the MAC table using the source MAC address of all frames. The ARP payload is very small and does not overload the switch.

Answer 24

63. A group of Windows PCs in a new subnet has been added to an Ethernet network. When testing the connectivity, a technician finds that these PCs can access local network resources but not the Internet resources. To troubleshoot the problem, the technician wants to initially confirm the IP address and DNS configurations on the PCs, and also verify connectivity to the local router. Which three Windows CLI commands and utilities will provide the necessary information? (Choose three.) - netsh interface ipv6 show neighbor - arp -a - tracert - **ping** - **ipconfig** - **nslookup** - telnet

Answer 25

64. During the process of forwarding traffic, what will the router do immediately after matching the destination IP address to a network on a directly connected routing table entry? - analyze the destination IP address - **switch the packet to the directly connected interface** - look up the next-hop address for the packet - discard the traffic after consulting the route table ## Footnote Explanation: A router receives a packet on an interface and looks at the destination IP address. It consults its routing table and matches the destination IP address to a routing table entry. The router then discovers that it has to send the packet to the next-hop address or out to a directly connected interface. When the destination address is on a directly connected interface, the packet is switched over to that interface.

Answer 26

65. What characteristic describes antispyware? - **applications that protect end devices from becoming infected with malicious software** - a network device that filters access and traffic coming into a network - software on a router that filters traffic based on IP addresses or applications - a tunneling protocol that provides remote users with secure access into the network of an organization

Answer 27

66. A network administrator needs to keep the user ID, password, and session contents private when establishing remote CLI connectivity with a switch to manage it. Which access method should be chosen? - Telnet - AUX - **SSH** - Console

Answer 28

67. What are the two most effective ways to defend against malware? (Choose two.) - Implement a VPN. - Implement network firewalls. - Implement RAID. - Implement strong passwords. - **Update the operating system and other application software.** - **Install and update antivirus software.** ## Footnote Explanation: A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.

Answer 29

68. Which type of security threat would be responsible if a spreadsheet add-on disables the local software firewall? - brute-force attack - **Trojan horse** - DoS - buffer overflow ## Footnote Explanation: A Trojan horse is software that does something harmful, but is hidden in legitimate software code. A denial of service (DoS) attack results in interruption of network services to users, network devices, or applications. A brute-force attack commonly involves trying to access a network device. A buffer overflow occurs when a program attempts to store more data in a memory location than it can hold.

Answer 30

69. Which frame field is created by a source node and used by a destination node to ensure that a transmitted data signal has not been altered by interference, distortion, or signal loss? - User Datagram Protocol field - transport layer error check field - flow control field - **frame check sequence field** - error correction process field

Answer 31

70. A network administrator is adding a new LAN to a branch office. The new LAN must support 4 connected devices. What is the smallest network mask that the network administrator can use for the new network? - **255.255.255.248** - 255.255.255.0 - 255.255.255.128 - 255.255.255.192

Answer 32

71. What service is provided by POP3? - **Retrieves email from the server by downloading the email to the local mail application of the client.** - An application that allows real-time chatting among remote users. - Allows remote access to network devices and servers. - Uses encryption to provide secure remote access to network devices and servers.

Answer 33

72. What two security solutions are most likely to be used only in a corporate environment? (Choose two.) - antispyware - **virtual private networks** - **intrusion prevention systems** - strong passwords - antivirus software

Answer 34

73. What characteristic describes antivirus software? - **applications that protect end devices from becoming infected with malicious software** - a network device that filters access and traffic coming into a network - a tunneling protocol that provides remote users with secure access into the network of an organization - software on a router that filters traffic based on IP addresses or applications

Answer 35

74. What mechanism is used by a router to prevent a received IPv4 packet from traveling endlessly on a network? - It checks the value of the TTL field and if it is 0, it discards the packet and sends a Destination Unreachable message to the source host. - It checks the value of the TTL field and if it is 100, it discards the packet and sends a Destination Unreachable message to the source host. - **It decrements the value of the TTL field by 1 and if the result is 0, it discards the packet and sends a Time Exceeded message to the source host.** - It increments the value of the TTL field by 1 and if the result is 100, it discards the packet and sends a Parameter Problem message to the source host.

Answer 36

75. A client packet is received by a server. The packet has a destination port number of 69. What service is the client requesting? - DNS - DHCP - SMTP - **TFTP**

Answer 37

76. An administrator defined a local user account with a secret password on router R1 for use with SSH. Which three additional steps are required to configure R1 to accept only encrypted SSH connections? (Choose three.) - Configure DNS on the router. - Generate two-way pre-shared keys. - **Configure the IP domain name on the router.** - **Generate the SSH keys.** - **Enable inbound vty SSH sessions.** - Enable inbound vty Telnet sessions.

Answer 38

77. Which two functions are performed at the MAC sublayer of the OSI Data Link Layer to facilitate Ethernet communication? (Choose two.) - handles communication between upper layer networking software and Ethernet NIC hardware - **implements trailer with frame check sequence for error detection** - places information in the Ethernet frame that identifies which network layer protocol is being encapsulated by the frame - **implements a process to delimit fields within an Ethernet 2 frame** - adds Ethernet control information to network protocol data

Answer 39

78. An IPv6 enabled device sends a data packet with the destination address of FF02::2. What is the target of this packet? - all IPv6 enabled devices on the local link - all IPv6 DHCP servers - all IPv6 enabled devices across the network - **all IPv6 configured routers on the local link**

Answer 40

77. Which two functions are performed at the MAC sublayer of the OSI Data Link Layer to facilitate Ethernet communication? (Choose two.) - places information in the Ethernet frame that identifies which network layer protocol is being encapsulated by the frame - adds Ethernet control information to network protocol data - **responsible for internal structure of Ethernet frame** - enables IPv4 and IPv6 to utilize the same physical medium - **implements trailer with frame check sequence for error detection**

Answer 41

77. Which two functions are performed at the MAC sublayer of the OSI Data Link Layer to facilitate Ethernet communication? (Choose two.) - **integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet over copper** - enables IPv4 and IPv6 to utilize the same physical medium - handles communication between upper layer networking software and Ethernet NIC hardware - adds Ethernet control information to network protocol data - **implements CSMA/CD over legacy shared half-duplex media**

Answer 42

77. Which two functions are performed at the MAC sublayer of the OSI Data Link Layer to facilitate Ethernet communication? (Choose two.) - **applies delimiting of Ethernet frame fields to synchronize communication between nodes** - places information in the Ethernet frame that identifies which network layer protocol is being encapsulated by the frame - adds Ethernet control information to network protocol data - **implements trailer with frame check sequence for error detection** - handles communication between upper layer networking software and Ethernet NIC hardware

Answer 43

78. An IPv6 enabled device sends a data packet with the destination address of FF02::2. What is the target of this packet? - all IPv6 enabled devices on the local link - all IPv6 DHCP servers - all IPv6 enabled devices across the network - **all IPv6 configured routers on the local link**

Answer 44

What are the three parts of an IPv6 global unicast address? (Choose three.) * **subnet ID** * subnet mask * broadcast address * **global routing prefix** * **interface ID** ## Footnote Explanation: The general format for IPv6 global unicast addresses includes a global routing prefix, a subnet ID, and an interface ID. The global routing prefix is the network portion of the address. A typical global routing prefix is /48 assigned by the Internet provider. The subnet ID portion can be used by an organization to create multiple subnetwork numbers. The interface ID is similar to the host portion of an IPv4 address.

Answer 45

A network administrator is designing the layout of a new wireless network. Which three areas of concern should be accounted for when building a wireless network? (Choose three.) * extensive cabling * mobility options * packet collision * **interference** * **security** * **coverage area** ## Footnote Explanation: The three areas of concern for wireless networks focus on the size of the coverage area, any nearby interference, and providing network security. Extensive cabling is not a concern for wireless networks, as a wireless network will require minimal cabling for providing wireless access to hosts. Mobility options are not a component of the areas of concern for wireless networks.

Answer 46

A new network administrator has been asked to enter a banner message on a Cisco device. What is the fastest way a network administrator could test whether the banner is properly configured? * Enter CTRL-Z at the privileged mode prompt. * Exit global configuration mode. * Power cycle the device. * Reboot the device. * **Exit privileged EXEC mode and press Enter .**

Answer 47

What method is used to manage contention-based access on a wireless network? * token passing * **CSMA/CA** * priority ordering * CSMA/CD

Answer 48

What is a function of the data link layer? * provides the formatting of data * provides end-to-end delivery of data between hosts * provides delivery of data between two applications * **provides for the exchange of frames over a common local media**

Answer 49

What is the purpose of the TCP sliding window? * to ensure that segments arrive in order at the destination * to end communication when data transmission is complete * to inform a source to retransmit data from a specific point forward * **to request that a source decrease the rate at which it transmits data** ## Footnote Explanation: The TCP sliding window allows a destination device to inform a source to slow down the rate of transmission. To do this, the destination device reduces the value contained in the window field of the segment. It is acknowledgment numbers that are used to specify retransmission from a specific point forward. It is sequence numbers that are used to ensure segments arrive in order. Finally, it is a FIN control bit that is used to end a communication session.

Answer 50

What characteristic describes spyware? * a network device that filters access and traffic coming into a network * **software that is installed on a user device and collects information about the user** * an attack that slows or crashes a device or network service * the use of stolen credentials to access private data

Answer 51

Which switching method drops frames that fail the FCS check? * **store-and-forward switching** * borderless switching * ingress port buffering * cut-through switching

Answer 52

Which range of link-local addresses can be assigned to an IPv6-enabled interface? * FEC0::/10 * FDEE::/7 * **FE80::/10** * FF00::/8 ## Footnote Explain: Link-local addresses are in the range of FE80::/10 to FEBF::/10. The original IPv6 specification defined site-local addresses and used the prefix range FEC0::/10, but these addresses were deprecated by the IETF in favor of unique local addresses. FDEE::/7 is a unique local address because it is in the range of FC00::/7 to FDFF::/7. IPv6 multicast addresses have the prefix FF00::/8.

Answer 53

What service is provided by FTP? * A basic set of rules for exchanging text, graphic images, sound, video, and other multimedia files on the web. * An application that allows real-time chatting among remote users. * **Allows for data transfers between a client and a file server.** * Uses encryption to secure the exchange of text, graphic images, sound, and video on the

Answer 54

A user is attempting to access http://www.cisco.com/ without success. Which two configuration values must be set on the host to allow this access? (Choose two.) * **DNS server** * source port number * HTTP server * source MAC address * **default gateway**

Answer 55

Which two statements accurately describe an advantage or a disadvantage when deploying NAT for IPv4 in a network? (Choose two.) * NAT adds authentication capability to IPv4. * **NAT introduces problems for some applications that require end-to-end connectivity.** * NAT will impact negatively on switch performance. * **NAT provides a solution to slow down the IPv4 address depletion.** * NAT improves packet handling. * NAT causes routing tables to include more information. ## Footnote Explanation: Network Address Translation (NAT) is a technology that is implemented within IPv4 networks. One application of NAT is to use private IP addresses inside a network and use NAT to share a few public IP addresses for many internal hosts. In this way it provides a solution to slow down the IPv4 address depletion. However, since NAT hides the actual IP addresses that are used by end devices, it may cause problems for some applications that require end-to-end connectivity.

Answer 56

What would be the interface ID of an IPv6 enabled interface with a MAC address of 1C-6F-65-C2-BD-F8 when the interface ID is generated by using the EUI-64 process? * 0C6F:65FF:FEC2:BDF8 * **1E6F:65FF:FEC2:BDF8** * C16F:65FF:FEC2:BDF8 * 106F:65FF:FEC2:BDF8 ## Footnote Explanation: To derive the EUI-64 interface ID by using the MAC address 1C-6F-65-C2-BD-F8, three steps are taken. * Change the seventh bit of the MAC address from a binary 0 to a binary 1 which changes the hex C, into a hex E. * Insert hex digits FFFE into the middle of the address. * Rewrite the address in IPv6 format. The three steps, when complete, give the interface ID of 1E6F:65FF:FEC2:BDF8.

Answer 57

What service is provided by BOOTP? * Uses encryption to secure the exchange of text, graphic images, sound, and video on the web. * Allows for data transfers between a client and a file server. * **Legacy application that enables a diskless workstation to discover its own IP address and find a BOOTP server on the network**. * A basic set of rules for exchanging text, graphic images, sound, video, and other multimedia

Answer 58

What characteristic describes adware? * a network device that filters access and traffic coming into a network * **software that is installed on a user device and collects information about the user** * the use of stolen credentials to access private data * an attack that slows or crashes a device or network service

Answer 59

When a switch configuration includes a user-defined error threshold on a per-port basis, to which switching method will the switch revert when the error threshold is reached? * cut-through * **store-and-forward** * fast-forward * fragment-free

Answer 60

What are two primary responsibilities of the Ethernet MAC sublayer? (Choose two.) * error detection * frame delimiting * **accessing the media** * **data encapsulation** * logical addressing

Answer 61

Users are reporting longer delays in authentication and in accessing network resources during certain time periods of the week. What kind of information should network engineers check to find out if this situation is part of a normal network behavior? * syslog records and messages * **the network performance baseline** * debug output and packet captures * network configuration files

Answer 62

100. What is the subnet ID associated with the IPv6 address 2001:DA48:FC5:A4:3D1B::1/64? - 2001:DA48::/64 - 2001:DA48:FC5::A4:/64 - **2001:DA48:FC5:A4::/64** - 2001::/64

Answer 63

How does the service password-encryption command enhance password security on Cisco routers and switches? * It requires encrypted passwords to be used when connecting remotely to a router or switch with Telnet. * **It encrypts passwords that are stored in router or switch configuration files.** * It requires that a user type encrypted passwords to gain console access to a router or switch. * It encrypts passwords as they are sent across the network. ## Footnote Explain: The service password-encryption command encrypts plaintext passwords in the configuration file so that they cannot be viewed by unauthorized users.

Answer 64

Which two statements are correct in a comparison of IPv4 and IPv6 packet headers? (Choose two.) * **The Source Address field name from IPv4 is kept in IPv6.** * The Version field from IPv4 is not kept in IPv6. * The Destination Address field is new in IPv6. * The Header Checksum field name from IPv4 is kept in IPv6. * **The Time-to-Live field from IPv4 has been replaced by the Hop Limit field in IPv6.** ## Footnote Explanation: The IPv6 packet header fields are as follows: Version, Traffic Class, Flow Label, Payload Length, Next Header, Hop Limit, Source Address, and Destination Address. The IPv4 packet header fields include the following: Version, Differentiated Services, Time-to-Live, Protocol, Source IP Address, and Destination IP Address. Both versions have a 4-bit Version field. Both versions have a Source (IP) Address field. IPv4 addresses are 32 bits; IPv6 addresses are 128 bits. The Time-to-Live or TTL field in IPv4 is now called Hop Limit in IPv6, but this field serves the same purpose in both versions. The value in this 8-bit field decrements each time a packet passes through any router. When this value is 0, the packet is discarded and is not forwarded to any other router.

Answer 65

A network administrator wants to have the same network mask for all networks at a particular small site. The site has the following networks and number of devices: IP phones – 22 addresses PCs – 20 addresses needed Printers – 2 addresses needed Scanners – 2 addresses needed The network administrator has deemed that 192.168.10.0/24 is to be the network used at this site. Which single subnet mask would make the most efficient use of the available addresses to use for the four subnetworks? * 255.255.255.192 * 255.255.255.252 * 255.255.255.240 * 255.255.255.248 * 255.255.255.0 * **255.255.255.224**

Answer 66

106. What characteristic describes identity theft? - **the use of stolen credentials to access private data** - software on a router that filters traffic based on IP addresses or applications - software that identifies fast-spreading threats - a tunneling protocol that provides remote users with secure access into the network of an organization

Answer 67

A network administrator is adding a new LAN to a branch office. The new LAN must support 200 connected devices. What is the smallest network mask that the network administrator can use for the new network? * 255.255.255.240 * **255.255.255.0** * 255.255.255.248 * 255.255.255.224

Answer 68

What are three commonly followed standards for constructing and installing cabling? (Choose three.) * cost per meter (foot) * **cable lengths** * connector color * **pinouts** * **connector types** * tensile strength of plastic insulator

Answer 69

A client packet is received by a server. The packet has a destination port number of 143. What service is the client requesting? * **IMAP** * FTP * SSH * Telnet

Answer 70

What are two characteristics shared by TCP and UDP? (Choose two.) * default window size * connectionless communication * **port numbering** * 3-way handshake * ability to to carry digitized voice * **use of checksum** ## Footnote Explain: Both TCP and UDP use source and destination port numbers to distinguish different data streams and to forward the right data segments to the right applications. Error checking the header and data is done by both protocols by using a checksum calculation to determine the integrity of the data that is received. TCP is connection-oriented and uses a 3-way handshake to establish an initial connection. TCP also uses window to regulate the amount of traffic sent before receiving an acknowledgment. UDP is connectionless and is the best protocol for carry digitized VoIP signals.

Answer 71

A client packet is received by a server. The packet has a destination port number of 21. What service is the client requesting? * **FTP** * LDAP * SLP * SNMP

Answer 72

What attribute of a NIC would place it at the data link layer of the OSI model? * attached Ethernet cable * IP address * **MAC address** * RJ-45 port * TCP/IP protocol stack

Answer 73

A network administrator is adding a new LAN to a branch office. The new LAN must support 10 connected devices. What is the smallest network mask that the network administrator can use for the new network? * 255.255.255.192 * 255.255.255.248 * 255.255.255.224 * **255.255.255.240**

Answer 74

What technique is used with UTP cable to help protect against signal interference from crosstalk? * wrapping a foil shield around the wire pairs * **twisting the wires together into pairs** * terminating the cable with special grounded connectors * encasing the cables within a flexible plastic sheath ## Footnote Explanation: To help prevent the effects of crosstalk, UTP cable wires are twisted together into pairs. Twisting the wires together causes the magnetic fields of each wire to cancel each other out.

Answer 75

A client packet is received by a server. The packet has a destination port number of 22. What service is the client requesting? * **SSH** * SMB/CIFS * HTTPS * SLP

Answer 76

What characteristic describes an IPS? * a tunneling protocol that provides remote users with secure access into the network of an organization * **a network device that filters access and traffic coming into a network** * software that identifies fast-spreading threats * software on a router that filters traffic based on IP addresses or applications ## Footnote Explanation: IPS – An intrusion prevention system (IPS) monitors incoming and outgoing traffic looking for malware, network attack signatures, and more. If it recognizes a threat, it can immediately stop it.

Answer 77

What service is provided by DHCP? * An application that allows real-time chatting among remote users. * Allows remote access to network devices and servers. * **Dynamically assigns IP addresses to end and intermediary devices.** * Uses encryption to provide secure remote access to network devices and servers.

Answer 78

Which wireless technology has low-power and low-data rate requirements making it popular in IoT environments? * Bluetooth * **Zigbee** * WiMAX * Wi-Fi ## Footnote Explanation: Zigbee is a specification used for low-data rate, low-power communications. It is intended for applications that require short-range, low data-rates and long battery life. Zigbee is typically used for industrial and Internet of Things (IoT) environments such as wireless light switches and medical device data collection.

Answer 79

What two ICMPv6 message types must be permitted through IPv6 access control lists to allow resolution of Layer 3 addresses to Layer 2 MAC addresses? (Choose two.) * **neighbor solicitations** * echo requests * **neighbor advertisements** * echo replies * router solicitations * router advertisements

Answer 80

A client is using SLAAC to obtain an IPv6 address for its interface. After an address has been generated and applied to the interface, what must the client do before it can begin to use this IPv6 address? * It must send a DHCPv6 INFORMATION-REQUEST message to request the address of the DNS server. * It must send a DHCPv6 REQUEST message to the DHCPv6 server to request permission to use this address. * It must send an ICMPv6 Router Solicitation message to determine what default gateway it should use. * **It must send an ICMPv6 Neighbor Solicitation message to ensure that the address is not already in use on the network.**

Answer 81

Two pings were issued from a host on a local network. The first ping was issued to the IP address of the default gateway of the host and it failed. The second ping was issued to the IP address of a host outside the local network and it was successful. What is a possible cause for the failed ping? * The default gateway is not operational. * The default gateway device is configured with the wrong IP address. * **Security rules are applied to the default gateway device, preventing it from processing ping requests.** * The TCP/IP stack on the default gateway is not working properly.

Answer 82

An organization is assigned an IPv6 address block of 2001:db8:0:ca00::/56. How many subnets can be created without using bits in the interface ID space? * **256** * 512 * 1024 * 4096

Answer 83

What subnet mask is needed if an IPv4 network has 40 devices that need IP addresses and address space is not to be wasted? * 255.255.255.0 * 255.255.255.240 * 255.255.255.128 * **255.255.255.192** * 255.255.255.224 ## Footnote Explanation: In order to accommodate 40 devices, 6 host bits are needed. With 6 bits, 64 addresses are possible, but one address is for the subnet number and one address is for a broadcast. This leaves 62 addresses that can be assigned to network devices. The mask associated with leaving 6 host bits for addressing is 255.255.255.192.

Answer 84

What is a benefit of using cloud computing in networking? * Technology is integrated into every-day appliances allowing them to interconnect with other devices, making them more ‘smart’ or automated. * **Network capabilities are extended without requiring investment in new infrastructure, personnel, or software.** * End users have the freedom to use personal tools to access information and communicate across a business network. * Home networking uses existing electrical wiring to connect devices to the network wherever there is an electrical outlet, saving the cost of installing data cables. ## Footnote Explanation: Cloud computing extends IT’s capabilities without requiring investment in new infrastructure, training new personnel, or licensing new software. These services are available on-demand and delivered economically to any device anywhere in the world without compromising security or function. BYOD is about end users having the freedom to use personal tools to access information and communicate across a business or campus network. Smart home technology is integrated into every-day appliances allowing them to interconnect with other devices, making them more ‘smart’ or automated. Powerline networking is a trend for home networking that uses existing electrical wiring to connect devices to the network wherever there is an electrical outlet, saving the cost of installing data cables.

Answer 85

Which two statements are correct about MAC and IP addresses during data transmission if NAT is not involved? (Choose two.) * **Destination IP addresses in a packet header remain constant along the entire path to a target host.** * Destination MAC addresses will never change in a frame that goes across seven routers. * Every time a frame is encapsulated with a new destination MAC address, a new destination IP address is needed. * **Destination and source MAC addresses have local significance and change every time a frame goes from one LAN to another**. * A packet that has crossed four routers has changed the destination IP address four times.

Answer 86

What is one main characteristic of the data link layer? * It generates the electrical or optical signals that represent the 1 and 0 on the media. * It converts a stream of data bits into a predefined code. * **It shields the upper layer protocol from being aware of the physical medium to be used in the communication.** * It accepts Layer 3 packets and decides the path by which to forward the packet to a remote network.

Answer 87

What are three characteristics of the CSMA/CD process? (Choose three.) * The device with the electronic token is the only one that can transmit after a collision. * **A device listens and waits until the media is not busy before transmitting.** * **After detecting a collision, hosts can attempt to resume transmission after a random time delay has expired.** * **All of the devices on a segment see data that passes on the network medium.** * A jam signal indicates that the collision has cleared and the media is not busy. * Devices can be configured with a higher transmission priority. ## Footnote Explanation: The Carrier Sense Multiple Access/Collision Detection (CSMA/CD) process is a contention-based media access control mechanism used on shared media access networks, such as Ethernet. When a device needs to transmit data, it listens and waits until the media is available (quiet), then it will send data. If two devices transmit at the same time, a collision will occur. Both devices will detect the collision on the network. When a device detects a collision, it will stop the data transmission process, wait for a random amount of time, then try again.

Answer 88

Which information does the show startup-config command display? * the IOS image copied into RAM * the bootstrap program in the ROM * the contents of the current running configuration file in the RAM * **the contents of the saved configuration file in the NVRAM** ## Footnote Explain: The show startup-config command displays the saved configuration located in NVRAM. The show running-config command displays the contents of the currently running configuration file located in RAM.

Answer 89

Which two commands can be used on a Windows host to display the routing table? (Choose two.) * netstat -s * **route print** * show ip route * **netstat -r** * tracert ## Footnote Explain: On a Windows host, the route print or netstat -r commands can be used to display the host routing table. Both commands generate the same output. On a router, the show ip route command is used to display the routing table. The netstat –s command is used to display per-protocol statistics. The tracert command is used to display the path that a packet travels to its destination.

Answer 90

What are two functions that are provided by the network layer? (Choose two.) * **directing data packets to destination hosts on other networks** * placing data on the network medium * carrying data between processes that are running on source and destination hosts * providing dedicated end-to-end connections * **providing end devices with a unique network identifier** ## Footnote Explanation: The network layer is primarily concerned with passing data from a source to a destination on another network. IP addresses supply unique identifiers for the source and destination. The network layer provides connectionless, best-effort delivery. Devices rely on higher layers to supply services to processes.

Answer 91

Which two statements describe features of an IPv4 routing table on a router? (Choose two.) * Directly connected interfaces will have two route source codes in the routing table: C and S . * If there are two or more possible routes to the same destination, the route associated with the higher metric value is included in the routing table. * The netstat -r command can be used to display the routing table of a router. * The routing table lists the MAC addresses of each active interface. * **It stores information about routes derived from the active router interfaces.** * **If a default static route is configured in the router, an entry will be included in the routing table with source code S .** ## Footnote Explanation: The show ip route command is used to display the routing table of the router. In IPv4, directly connected interfaces will have one source code:C. The routing table stores information about directly connected routes and remote routes. An entry in the routing table with a source code of S is included if a default static route is configured on the router.

Answer 92

What characteristic describes a VPN? * software on a router that filters traffic based on IP addresses or applications * software that identifies fast-spreading threats * **a tunneling protocol that provides remote users with secure access into the network of an organization** * a network device that filters access and traffic coming into a network

Answer 93

Why would a Layer 2 switch need an IP address? * to enable the switch to send broadcast frames to attached PCs * to enable the switch to function as a default gateway * **to enable the switch to be managed remotely** * to enable the switch to receive frames from attached PCs ## Footnote Explanation: A switch, as a Layer 2 device, does not need an IP address to transmit frames to attached devices. However, when a switch is accessed remotely through the network, it must have a Layer 3 address. The IP address must be applied to a virtual interface rather than to a physical interface. Routers, not switches, function as default gateways.

Answer 94

A user sends an HTTP request to a web server on a remote network. During encapsulation for this request, what information is added to the address field of a frame to indicate the destination? * the network domain of the destination host * the IP address of the default gateway * the MAC address of the destination host * **the MAC address of the default gateway** ## Footnote Explanation: A frame is encapsulated with source and destination MAC addresses. The source device will not know the MAC address of the remote host. An ARP request will be sent by the source and will be responded to by the router. The router will respond with the MAC address of its interface, the one which is connected to the same network as the source.

Answer 95

What is an advantage to using a protocol that is defined by an open standard? * A company can monopolize the market. * The protocol can only be run on equipment from a specific vendor. * An open standard protocol is not controlled or regulated by standards organizations. * **It encourages competition and promotes choices.** ## Footnote Explain: A monopoly by one company is not a good idea from a user point of view. If a protocol can only be run on one brand, it makes it difficult to have mixed equipment in a network. A proprietary protocol is not free to use. An open standard protocol will in general be implemented by a wide range of vendors.

Answer 96

Data is being sent from a source PC to a destination server. Which three statements correctly describe the function of TCP or UDP in this situation? (Choose three.) * **The source port field identifies the running application or service that will handle data returning to the PC.** * The TCP process running on the PC randomly selects the destination port when establishing a session with the server. * **UDP segments are encapsulated within IP packets for transport across the network.** * **The UDP destination port number identifies the application or service on the server which will handle the data.** * TCP is the preferred protocol when a function requires lower network overhead. * The TCP source port number identifies the sending host on the network. ## Footnote Explanation: Layer 4 port numbers identify the application or service which will handle the data. The source port number is added by the sending device and will be the destination port number when the requested information is returned. Layer 4 segments are encapsulated within IP packets. UDP, not TCP, is used when low overhead is needed. A source IP address, not a TCP source port number, identifies the sending host on the network. Destination port numbers are specific ports that a server application or service monitors for requests.

Answer 97

151. A network administrator wants to have the same subnet mask for three subnetworks at a small site. The site has the following networks and numbers of devices: Subnetwork A: IP phones – 10 addresses Subnetwork B: PCs – 8 addresses Subnetwork C: Printers – 2 addresses What single subnet mask would be appropriate to use for the three subnetworks? * 255.255.255.0 * **255.255.255.240** * 255.255.255.248 * 255.255.255.252 ## Footnote Explain: If the same mask is to be used, then the network with the most hosts must be examined for number of hosts. Because this is 10 hosts, 4 host bits are needed. The /28 or 255.255.255.240 subnet mask would be appropriate to use for these networks.

Answer 98

What two pieces of information are displayed in the output of the show ip interface brief command? (Choose two.) * **IP addresses** * interface descriptions * MAC addresses * next-hop addresses * **Layer 1 statuses** * speed and duplex settings ## Footnote Explanation: The command show ip interface brief shows the IP address of each interface, as well as the operational status of the interfaces at both Layer 1 and Layer 2. In order to see interface descriptions and speed and duplex settings, use the command show running-config interface. Next-hop addresses are displayed in the routing table with the command show ip route, and the MAC address of an interface can be seen with the command show interfaces.

Answer 99

A user is complaining that an external web page is taking longer than normal to load.The web page does eventually load on the user machine. Which tool should the technician use with administrator privileges in order to locate where the issue is in the network? * ping * nslookup * **tracert** * ipconfig /displaydns ## Footnote Explanation: The Command Prompt command tracert will map the path from the PC to the web server and measure transit delays of packets across the network.

Answer 100

Which value, that is contained in an IPv4 header field, is decremented by each router that receives a packet? * Header Length * Differentiated Services * **Time-to-Live** * Fragment Offset ## Footnote Explanation: When a router receives a packet, the router will decrement the Time-to-Live (TTL) field by one. When the field reaches zero, the receiving router will discard the packet and will send an ICMP Time Exceeded message to the sender.

Answer 101

A network technician is researching the use of fiber optic cabling in a new technology center. Which two issues should be considered before implementing fiber optic media? (Choose two.) * **Fiber optic cabling requires different termination and splicing expertise from what copper cabling requires.** * Fiber optic cabling requires specific grounding to be immune to EMI. * Fiber optic cabling is susceptible to loss of signal due to RFI. * Fiber optic cable is able to withstand rough handling. * **Fiber optic provides higher data capacity but is more expensive than copper cabling.**

Answer 102

A user is executing a tracert to a remote device. At what point would a router, which is in the path to the destination device, stop forwarding the packet? * when the router receives an ICMP Time Exceeded message * when the RTT value reaches zero * when the host responds with an ICMP Echo Reply message * **when the value in the TTL field reaches zero** * when the values of both the Echo Request and Echo Reply messages reach zero ## Footnote Explain: When a router receives a traceroute packet, the value in the TTL field is decremented by 1. When the value in the field reaches zero, the receiving router will not forward the packet, and will send an ICMP Time Exceeded message back to the source.

Answer 103

Users report that the network access is slow. After questioning the employees, the network administrator learned that one employee downloaded a third-party scanning program for the printer. What type of malware might be introduced that causes slow performance of the network? * virus * **worm** * phishing * spam ## Footnote Explanation: A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.