Final Exam Flashcards
qtext
answer
Which routing protocol uses a composite metric of bandwidth and delay of the line to find the best path to a remote network?
EIGRP
Which command will display the current contents of the ARP cache on the local workstation?
arp -a
A network device that is used to connect multiple devices without segmenting a network is a ?
Hub
The Spanning Tree Protocol allows for redundancy of what networking device?
Bridge (switch)
Which can operate at both Layers 2 and Layer 3 of the OSI model?
Layer 3 switch
SMTP resides at what layer of the OSI model?
Application
A user discovers that their wireless 802.11g Internet connection is intermittently disrupted. What can typically cause this problem?
Cordless phones and/or microwave ovens
Which device helps to increase the number of collision domains?
Switch
Which logical physical topology does 802.3 utilize?
Bus
Which wireless standard has a maximum data rate of 11Mbps?
802.11b
What functionality does Kerberos provide?
Authentication of security principles and authorization of access to resources
What TCP/IP port numbers does FTP utilize?
20 and 21. 20 is FTP data or a client, and 21 is an FTP server.
At what layer of the OSI model does UDP reside?
Transport
Convert the following binary string to its dotted decimal address: 11000000.10101000.01100011.00011010
192.168.99.26
100BaseTX uses how many pairs of Category 5 unshielded twisted-pair (UTP) cables?
2 pairs
What device connects computers with wireless adapters to a network in infrastructure mode?
Access point
Converting analog signals to digital signals and digital signals to analog signals can be done using what device?
Modem. Dial-up modems are rarely used today, but cable modems are.
The maximum segment length for Ethernet is .
100 meters (328 feet)
What is the maximum speed of 802.11g?
54Mbps (megabits per second)
Which techniques would increase the bandwidth for network transmission by joining multiple connections into one logical connection?
Bonding
True/False: Firewalls are used to prevent packets from entering and leaving a network.
TRUE
Which device can never run full duplex?
Hub
A valid Media Access Control (MAC) address is how many bytes long?
6
What well-known port does Trivial File Transfer Protocol (TFTP) use?
69
In which OSI layer does a bridge operate?
Data Link
An IT specialist is going to implement a packet filter on a network for Internet connections. What port must they allow through the firewall for users to connect to the Web?
80
What is the name of the point where local exchange carrier responsibility ends?
Demarc
What protocol translates the IP address to its physical network address?
ARP
Ethernet networking is known as a physical topology.
Star
What is the default port for HTTPS?
443
In the Media Access Control (MAC) address 00:B0:D0:6A:F2:B5, what does 00:B0:D0 identify?
The manufacturer of the device, known as the OUI
Which network segment is located outside the firewall?
DMZ
A network administrator needs to establish a remote connection to a client machine. Telnet is not secure because everything is sent in the clear. Which protocol and port number should be used instead?
Secure Shell (SSH), port 22
What fiber connector looks similar to an RJ-45 connector and connects two strands of fiber?
Mechanical transfer registered jack (MT-RJ)
What cable type is used to link together two buildings that are over 10 miles (16.09 kilometers) apart?
Single-mode fiber (SMF)
What is the maximum Cat 3 length acceptable for a horizontal cross-connect?
100 meters (328 feet)
An optical time-domain reflectometer (OTDR) can be used to assess what?
Fiber segments
What level of the Open Systems Interconnection (OSI) model does a proxy server operate in?
Application
What device is used to create a virtual local area network (VLAN)?
Switch
What protocol creates a secure connection between a web browser and a web server and is an alternative to using Telnet?
Secure Sockets Layer (SSL)
True/False: If an administrator wants to set up an email server to exchange emails with other servers over the Internet, Simple Mail Transfer Protocol (SMTP) would be utilized.
TRUE
Which remote access authentication protocol allows usernames and passwords to be transmitted as clear text?
Password Authentication Protocol (PAP), which has been replaced by CHAP.
At what layer of the Open Systems Interconnection (OSI) model does a router function?
Network
Simple Mail Transfer Protocol (SMTP) utilizes what well-known Transmission Control Protocol/Internet Protocol (TCP/IP) port number?
25
A technician pings 127.0.0.1 and gets the following result - Unable to contact IP driver, error code 2. - What should you do now?
Reinstall the TCP/IP protocol
True/False: 172.192.4.256 is a valid Internet Protocol (IP) address.
False
What Open Systems Interconnection (OSI) layer converts digital data into electronic signals to be put on a wire?
Physical
True/False: Internet Control Message Protocol (ICMP) is used for error reporting with Internet Protocol (IP).
TRUE
Which WAN technologies uses 30 64Kpbs channels?
E-1
What network hardware allows most traffic collisions?
Hub
Which system detects and reports attempts of unauthorized access to the network?
IDS
True/False: 32-bit is a valid Wired Equivalent Privacy (WEP) key.
FALSE
True/False: 1000Mbps is known as 1000 terabytes per second.
False. It means gigabyte per second.
True/False: One of the purposes of a virtual local area network (VLAN) is to add more users.
False. It is to break up broadcast domains.
Which device would administer routing in a network?
Router, or Layer 3 switch
True/False: If a network administrator needs to restrict access to certain websites, a proxy server should be implemented.
TRUE
A technician is terminating a line that was extending an Ethernet jack to a wiring closet. Which hardware tool is necessary to complete the task?
Punch-down tool
What is required to pass traffic from one VLAN to another?
Router, or Layer 3 switch
At what two layers of the Open Systems Interconnection (OSI) model does a packet-filtering firewall operate?
Network and Transport
How many pairs are crossed in a crossover cable?
Two
True/False: The maximum speed of 802.11b is 54Mbps (megabits per second).
FALSE
True/False: The maximum speed of 802.11b is 11Mbps (megabits per second).
TRUE
Which documentation would a network administrator need to update if they have just finished upgrading the firmware on all switches within the LAN?
Physical network diagram
True/False: The number of wireless users will affect the range of an 802.11b wireless access point (WAP).
False. It will affect the throughput but not the distance.
True/False: 1000BaseCX is an Institute of Electrical and Electronics Engineers (IEEE) copper cable standard.
TRUE
True/False: A mesh network has the least collisions.
TRUE
True/False: Mesh network topology uses the most cable of any physical topology.
TRUE
True/False: 100BaseFX runs over Category 5e cable.
FALSE
True/False: 100BaseFX runs over multimode fiber (MMF) cable.
TRUE
What is the maximum cable type required for 100BaseTX?
Category 5 unshielded twisted-pair (UTP)
True/False: Using a wireless access point (WAP), you can bridge an 802.3 network to an 802.11 network.
TRUE
Which type of connector does a 10BaseFL network use?
Straight tip (ST)
True/False: The 802.11b/g frequency band is 2.4GHz (gigahertz).
TRUE
Which protocol permits secure polling network devices?
SNMPv3
Which is a topology used in networks for its scalability?
Star
What is part of the IP suite and is used to monitor network-managed devices?
SNMP
A technician is extending a data circuit to the other side of the building. What would the technician set up at the new location?
IDF
Among the encryption protocols that the DoD says are unbreakable, which is the best?
AES
What encryption protocol or standard allows you to create a virtual subnet on an intranet?
SSL VPN
Which user-authentication method uses a public key and private key pair?
PKI
True/False: RIPv2 is a hybrid routing protocol.
FALSE
True/False: RIPv1 is a link state routing protocol.
FALSE
Which two software types would be used for identifying an attack?
IDS and IPS
A client purchases a new wireless printer and wants to be able to bond it their PDA. What is the name of the technology that describes the type of wireless printer that was purchased?
Bluetooth
True/False: Internet Protocol version 6 (IPv6) uses 128-bit addresses.
TRUE
A technician has just finished implementing a solution for a network issue. What steps in should the technician do next?
Document the issue and the solution that was implemented.
True/False: A denial of service (DoS) attack is meant to prevent users from accessing a system.
TRUE
True/False: IP spoofing is the process of sending a packet with a fake source address, pretending that the packet is coming from within the network the hacker is trying to attack.
TRUE
Which routing protocols uses AS-Path as one of the methods to build the routing table?
BGP
A technician is troubleshooting a switch and has identified the symptoms. What step should the technician take next?
Escalate the issue.
What kind of tool could a hacker use to intercept traffic on your network?
Packet sniffer
Remote users are having problems accessing files from a file server. Which should a technician check first?
Connectivity
Which type of virus attacks executable application and system program files?
File virus
Which monitoring software is used to view a network at the frame level?
Packet sniffer
A technician needs to test a wire that is in the wall. What is the best way for the technician to identify the wire’s location?
Use a tone generator
What devices allow segregation of collision domains but not broadcasting domains?
Switches
What is the maximum transmission distance of 10GBaseLR?
6 miles
In which layer of the OSI model does IPSec operate?
Network (Layer 3)
What tool would be used to test the break in a fiber connection on the network?
OTDR
True/False: A rogue access point is where a switch has been installed on a network without the administrator’s knowledge.
False. Where an AP has been installed without permission.
True/False: Phishing/social engineering refers to the act of attempting to illegally obtain sensitive information by pretending to be a credible source.
TRUE
What are the three main types of intruder detection and defense?
Active detection, passive detection, proactive defense
What defines how security will be implemented in an organization, including physical security, document security, and network security?
Security policy
What authentication method allows for domain-level authentication on a wireless network?
RADIUS
A company is in the process of upgrading its network infrastructure to support new VoIP telephony equipment. What is a primary feature to consider when selecting a new switch to support the phones?
PoE
True/False: A security procedure defines the appropriate response to a security event on your network.
TRUE
What are the three primary LAN topologies?
Bus, ring, and star, but we only use bus in today’s LANs.
What common WAN topology often results in multiple connections to a single site, leading to a high degree of fault tolerance?
Mesh
What is the term for a device that shares its resources with other network devices?
Server
What network model draws a clear distinction between devices that share their resources and devices that do not?
Client-server
Which network topology or connection type can be implemented with only two endpoints?
Point-to-point
Will a computer that shares no resources most likely be connected to the backbone or to a segment?
Segment
Which LAN topology is characterized by all devices being daisy-chained together with the devices at each end being connected to only one other device?
Bus
True/False: RIP is a vendor-neutral routing protocol that uses very little bandwidth but a lot of memory on a router.
False. Yes, RIP is vendor neutral, but it uses little router processing and a lot of bandwidth to do its job.
True/False: OSPF is a hybrid routing protocol.
FALSE
True/False: EIGRP is used to update the ARP tables on a router.
FALSE
What does the acronym ICMP stand for?
Internet Control Message Protocol
True/False: EIGRP is a classful routing protocol.
FALSE
True/False: EIGRP has no version that supports IPv6.
FALSE
True/False: OSPF is a link state protocol that supports VLSM and classless routing.
TRUE
True/False: RIPv1 is a distance vector protocol that does not support VLSM and supports only classful routing.
TRUE
What does the acronym IS-IS stand for?
Intermediate System-to-Intermediate System
What does the acronym IDS stand for?
Intrusion detection system
What WAN protocol is described as residing in Layer 2.5 of the OSI model?
MPLS
True/False: If you can ping a host, this does not mean you can access its services.
TRUE
What is another name for the Media Access Control (MAC) address?
Physical address or hardware address
Which LAN connection technology has a full-duplex speed of 200Mbps and uses a Cat 5e cable?
100BaseT
What is the Internet Protocol version 4 (IPv4) loopback address?
127.0.0.1
An Ethernet Media Access Control (MAC) address consists of how many bits?
48
True/False: EIGRP uses hop count as a metric to determine the best path to a remote network.
FALSE
Why would you use dynamic routing over static routing?
It updates the routing table automatically and scales to large networks.
True/False: OSPF can be used only on Cisco routers.
FALSE
True/False: DSL is used to connect hosts to an Ethernet hub.
FALSE
True/False: SDSL means that your download and upload speeds on the line are different.
TRUE
True/False: A link light is the small, usually red, LED on the back of a network card.
FALSE
True/False: ADSL means that the uplink and download speeds of a DSL link are the same.
TRUE
Which of the following does not accurately describe TACACS+ in comparison to RADIUS?
A. TACACS+ relies on TCP, not UDP, at the Transport layer.
B. TACACS+ is typically installed on a router or switch, rather than on a server.
C. TACACS+ encrypts all information transmitted for AAA rather than just the password.
D. TACACS+ was developed for proprietary use on Cisco products.
E. TACACS+ operates as a software application on a remote access server.
Answer: E
Your network manager has purchased a dozen new access points and all are configured
to use the new 802.11ac standard in the 5-GHz band. These access points will be
backward-compatible with older access points that run which of the following
standards? (Choose all that apply.)
A. 802.11g
B. 802.11n
C. 802.11b
D. Bluetooth
E. None of the above
Answer: A, B, C
Which of the following figures reflects the type of physical topology commonly used on a 100Base-T network? A. [Insert Figure D-Q3A here] B. [Insert Figure D-Q3B here] C. [Insert Figure D-Q3C here] D. [Insert Figure D-Q3D here] E. [Insert Figure D-Q3E here]
Answer: E
You have installed and configured two virtual Web servers and a virtual mail server on
a physical server. What networking mode will you assign to each server’s vNIC to
ensure that the virtual machines’ hosts on the Internet can access the virtual machines?
A. NAT
B. Bridged
C. Host-only
D. Internal
E. Grouped
Answer: B
Your organization contracts with a cloud computing company to store all of its data.
The company promises 99.99% uptime. If it lives up to its claims, for how many
minutes each year can you expect your data to be unavailable?
A. Approximately 448 minutes
B. Approximately 99 minutes
C. Approximately 52 minutes
D. Approximately 14 minutes
E. Approximately 6 minutes
Answer: C
You are rearranging nodes on your Gigabit Ethernet network. Due to a necessarily
hasty expansion, you have decided to supply power to a wireless router in a makeshift
data room using PoE. What is the minimum cabling standard you must use to connect
this wireless router to the network’s backbone?
A. RG-6
B. RG-59
C. Cat 5e
D. SMF
E. Cat 6
Answer: C
To ensure that your private network is always protected, you decide to install three redundant firewalls. Which of the following would allow you to assign the same IP address to all three? A. SMTP B. CARP C. SNMPv3 D. IMAP E. NTP
Answer: B
You are a networking technician in a radiology clinic, where physicians use the network
to transmit and store patients’ diagnostic results. Shortly after a new wing, which
contains X-ray and magnetic resonance imaging (MRI) machines, is added to the
building, computers in that area begin having intermittent problems saving data to the
file server. After you have gathered information, identified the symptoms, questioned
users, and determined what has changed, what is your next step in troubleshooting this
problem?
A. Establish a plan of action to resolve the problem.
B. Escalate the problem.
C. Document findings, actions, and outcomes.
D. Establish a theory of probable cause.
E. Determine the next steps to resolve the problem.
Answer: D
You are part of a team participating in a posture assessment of your company’s WAN. Which of the following tools or strategies will help you gain a broad understanding of your network’s vulnerabilities? A. MIB B. War chalking C. Nmap D. WPA cracking E. PGP
Answer: C
You work for an ISP. Several of your customers have called to complain about the slow
response from a popular Web site. You suspect that network congestion is at fault.
Which TCP/IP utility would help you determine where the congestion is occurring?
A. FTP
B. Nslookup
C. Nbtstat
D. Tracert
E. Telnet
Answer: D
Which of the following WAN topologies is the most fault tolerant? A. Full mesh B. Bus C. Peer-to-peer D. Ring E. Hierarchical
Answer: A
Which of the following is a valid MAC address? A. C3:00:50:00:FF:FF B. 153.101.24.3 C. ::9F53 D. FE80::32:1CA3:B0E2 E. D0:00:00:00
Answer: A
What type of network could use the type of connector shown below? [Insert Figure D-Q13 here] A. 100Base-FX B. 100Base-TX C. l0Base-T D. 1000Base-T E. 10Base-2
Answer: A
Your organization has just ordered its first T-1 connection to the Internet. Prior to that,
your organization relied on a DSL connection. Which of the following devices must you
now have that your DSL connection didn’t require?
A. Modem
B. CSU/DSU
C. Switch
D. Hub
E. Router
Answer: B
Which of the following wireless standards provides an entirely IP-based, packet
switched network for both voice and data transmissions? (Choose two.)
A. LTE
B. 802.16e
C. 802.16m
D. HSPA+
E. 802.11n
Answer: A, C
You have created a new Web server on a computer running the Linux operating system. Which of the following programs will generate messages when modules don’t load correctly or services encounter errors? A. Event Viewer B. IDS/IPS C. Packet Sniffer D. Network Monitor E. Syslog
Answer: E
You have been asked to provide a connectivity solution for a shuttle-bus system at a
large theme park. The owners of the park want a wireless network that reaches all
parking lots and drop-off points throughout the park’s 2.4-square mile campus. Each
shuttle is to be equipped with a wireless antenna to provide real-time pick-up and drop
off directives to each driver. The park owners plan to install their own base station
antennas in order to have complete control of the amount and type of traffic traversing
the WAN, but they are very concerned about the cost of equipment installation.
Considering the needs and priorities of the theme park owners, what is the best solution
for this client?
A. Metro Ethernet
B. 802.11n
C. NFC
D. 802.11ac
E. WiMAX
Answer: E
You want to add the five virtual machines that exist on your host machine to the Staff
VLAN at your office. Which of the following must your host machine’s NIC support?
A. CSMA/CA
B. Channel bonding
C. MIMO
D. Trunking
E. OSPF
Answer: D
You have just rearranged the access points on your small office network. Now a group
of employees complains that they cannot reliably get their workstations to connect with
a new 802.11ac access point. You have confirmed that the workstations are using the
correct SSID, security type, and passphrase. You have also confirmed that the access
point is on and functioning properly because when you stand in the computer room
where it’s located, you can connect to the access point from your smartphone. Which of
the following is likely preventing the other users’ workstations from associating with the
new access point?
A. The users are attempting to log on using incorrect user IDs.
B. The workstations are located beyond the access point’s range.
C. The workstations are set to use 802.11g.
D. The users have turned off their wireless antennas.
E. The workstations’ wired NICs are causing addressing conflicts with their wireless NICs.
Answer: B
Which of the following wireless security techniques uses RADIUS and AES? A. WEP B. WPA C. WPA2 D. WPA-Enterprise E. WPA2-Enterprise
Answer: E
You are the network administrator for a large college whose network contains nearly
10,000 workstations, over 100 routers, 80 switches, and 2000 printers. You are
researching a proposal to both upgrade the routers and switches on your network and
at the same time improve the management of your network. To make automating
network management easier, what type of protocol must the new routers and switches
support?
A. TFTP
B. SMTP
C. NNTP
D. ICMP
E. SNMP
Answer: E
In the process of troubleshooting an intermittent performance problem with your
network’s Internet connection, you attempt to run a tracert test to microsoft.com. The
tracert response displays the first 12 hops in the route, but then presents several
“Request timed out” messages in a row. What is the most likely reason for this?
A. Your network’s ISP is experiencing connectivity problems.
B. The Internet backbone is experiencing traffic congestion.
C. Your client’s TCP/IP service limits the tracert command to a maximum of 12 hops.
D. Your IP gateway failed while you were attempting the tracert test.
E. Microsoft’s network is bounded by firewalls that do not accept incoming ICMP traffic.
Answer: E
What is the network ID for a network that contains the group of IP addresses from
194.73.44.10 through 194.73.44.254 and is not subnetted?
A. 194.1.1.1
B. 194.73.0.0
C. 194.73.44.1
D. 194.73.44.255
E. 194.73.44.0
Answer: E
Which of the following 10-gigabit technologies has the longest maximum segment length? A. 10GBase-SR B. 10GBase-ER C. 10GBase-T D. 10GBase-LW E. 10GBase-SW
Answer: B
Recently, your company’s WAN experienced a disabling DDoS attack. Which of the following devices could detect such an attack and prevent it from affecting your network in the future? A. A honeypot B. SIEM C. HIPS D. Nmap E. NIPS
Answer: E
In NAT, how does an IP gateway ensure that outgoing traffic can traverse public
networks?
A. It modifies each outgoing frame’s Type field to indicate that the transmission is destined for a
public network.
B. It assigns each outgoing packet a masked ID via the Options field.
C. It interprets the contents of outgoing packets to ensure that they contain no client-identifying
information.
D. It replaces each outgoing packet’s Source address field with a public IP address.
E. It modifies the frame length to create uniformly sized frames, called cells, which are required for
public network transmission.
Answer: D
You have purchased an access point capable of exchanging data via the 802.11n or
802.11ac wireless standard. According to these standards, what is the maximum
distance, in meters, from the access point that wireless stations can travel and still
reliably exchange data with the access point?
A. 20
B. 75
C. 100
D. 400
E. 550
Answer: D
Which of the following functions does SIP perform on a VoIP network? (Choose all that
apply.)
A. Determines the locations of endpoints
B. Provides call waiting and caller ID services
C. Prioritizes calls for any single endpoint in a queue
D. Establishes sessions between endpoints
E. Encrypts VoIP signals before they are transmitted over the network
Answer: A, D
You suspect that a machine on your network with the host name PRTSRV is issuing excessive broadcast traffic on your network. What command can you use to determine this host’s IP address? A. netstat PRTSRV B. ipconfig PRTSRV C. nslookup PRTSRV D. ifconfig PRTSRV E. nbtstat PRTSRV
Answer: C
Which of the following allows a protocol analyzer on your network’s backbone switch to monitor all the traffic on a VLAN? A. Trunking B. Port mirroring C. Looping D. Spanning Tree Protocol E. Caching
Answer: B
What element of network management systems operates on a managed device, such as a router? A. MIB B. Polling C. Agent D. Nmap E. Caching
Answer: C
Your company is experiencing a growth spurt and is ready to invest in a more
sophisticated disaster recovery plan. Currently the only backup plan consists of a few
spare computers in a storage closet, with data on the servers duplicated weekly to an
off-site backup service. The owners of the company have committed to acquiring
additional servers to duplicate critical servers in their current network, and they want
the servers to be configured identically to the servers now in use. The new servers will
be stored at an off-site data center, and updated every time the on-site servers are
updated. What type of disaster recovery site is your company creating?
A. Hot site
B. Ambient site
C. Site survey
D. Warm site
E. Looking glass site
Answer: D
Which of the following is a single sign-on authentication method? A. IPsec B. EAPoL C. SSL D. Kerberos E. CHAP
Answer: D
You are a network administrator for a WAN that connects two regional insurance
company offices—the main office and a satellite office—to each other by a T-3. The
main office is also connected to the Internet using a T-3. This T-3 provides Internet
access for both offices. To ensure that your private network is not compromised by
unauthorized access through the Internet connection, you install a firewall between the
main office and the Internet. Shortly thereafter, users in your satellite office complain
that they cannot access the file server in the main office, but users in the main office can
still access the Internet. What two things should you check?
A. Whether the firewall has been configured to run in promiscuous mode
B. Whether the firewall is placed in the appropriate location on the network
C. Whether the firewall has been configured to allow access from IP addresses in the satellite
office
D. Whether the firewall has been configured to receive and transmit UDP-based packets
E. Whether the firewall has been configured to allow Internet access over the main office’s T-3
Answer: B, C
What is one function of a VPN concentrator?
A. To prioritize traffic on a VPN
B. To consolidate multiple VPNs into a single, larger VPN
C. To cache a VPN’s frequently requested content
D. To establish VPN tunnels
E. To collect traffic from multiple VLANs into a VPN
Answer: D
While troubleshooting a workstation connectivity problem, you type the following
command: ping 127.0.0.1. The response indicates that the test failed. What can
you determine about that workstation?
A. Its network cable is faulty or not connected to the wall jack.
B. Its TCP/IP stack is not installed properly.
C. Its IP address has been prevented from transmitting data past the default gateway.
D. Its DHCP settings are incorrect.
E. Its DNS name server specification is incorrect.
Answer: B
You are a support technician working in a data closet in a remote office. You suspect
that a connectivity problem is related to a broken RJ-45 plug on a patch cable that
connects a switch to a patch panel. You need to replace that connection, but you forgot
to bring an extra patch cable. You decide to install a new RJ-45 connector to replace the
broken RJ-45 connector. What two tools do you need to successfully accomplish this
task?
A. Punch-down tool
B. Crimping tool
C. Wire stripper
D. Cable tester
E. Multimeter
Answer: B, C
In IPv6, which of the following is the loopback address? A. 1.0.0.1 B. 127:0:0:0:0:0:0:1 C. FE80::1 D. ::1 E. 127.0.0.1
Answer: D
Which two of the following devices operate only at the Physical layer of the OSI model? A. Hub B. Switch C. Router D. Bridge E. Repeater
Answer: A, E
Which of the following is a reason for using subnetting?
A. To facilitate easier migration from IPv4 to IPv6 addressing
B. To enable a network to use DHCP
C. To limit broadcast domains
D. To reduce the likelihood for user error when modifying TCP/IP properties
E. To reduce the number of routing table entries
Answer: C
Which of the following is often used to secure data traveling over VPNs that use L2TP? A. PPTP B. PPoE C. Kerberos D. SSH E. IPsec
Answer: E
Which two of the following routing protocols offer fast convergence time and can be used on interior or border routers? A. RIP B. RIPv2 C. OSPF D. BGP E. EIGRP
Answer: C, E
At the beginning of the school year, students at your school must configure their
computers and other devices to obtain trusted access to the student portion of the
school’s network. What is this process called?
A. Authenticating
B. Remote wiping
C. Backleveling
D. Onboarding
E. Updating
Answer: D
Which signaling protocol is modeled after HTTP and is limited to IP networks? A. H.323 B. RTCP C. SIP D. MGCP E. RTP
Answer: C
Due to popular demand from employees who need to roam from one floor of your office
building to another, you are expanding your wireless network. You want to ensure that
mobile users enjoy uninterrupted network connectivity without having to reconfigure
their workstations’ wireless network connection settings. Which of the following
variables must you configure on your new access points to match the settings on existing
access points?
A. Administrator password
B. Scanning rate
C. SSID
D. IP address
E. Signal strength
Answer: C
Which transport protocol and TCP/IP port does telnet use? A. UDP, port 23 B. TCP, port 21 C. UDP, port 22 D. TCP, port 23 E. UDP, port 21
Answer: D
What is the purpose of an AAAA resource record in your DNS zone file?
A. It identifies a host’s IPv4 address.
B. It identifies a host’s IPv6 address.
C. It identifies a host’s MAC address.
D. It identifies a mail server address.
E. It indicates an alternate name for the host.
Answer: B
What protocol is used to transfer mail between a Sendmail server and a Microsoft Exchange server? A. SMTP B. SNMP C. IMAP4 D. POP3 E. TFTP
Answer: A
What would the command route del default gw 192.168.5.1 eth1
accomplish on your Linux workstation?
A. Delete the default gateway’s route to the host whose IP address is 192.168.5.1
B. Remove the assignment of IP address 192.168.5.1 from the eth1 interface
C. Remove the workstation’s route to the default gateway whose IP address is 192.168.5.1
D. Add a route from the workstation to the default gateway whose IP address is 192.168.5.1
E. Remove the designation of default gateway, but keep the route for the host whose IP address is
192.168.5.1
Answer: C
Your 100Base-T network is wired following the TIA/EIA 568B standard. As you make your own patch cable, which wires do you crimp into pins 1 and 2 of the RJ-45 connector? A. White with green stripe and green B. White with brown stripe and brown C. White with blue stripe and blue D. White with red stripe and red E. White with orange stripe and orange
Answer: E
A regional bank manager asks you to help with an urgent network problem. Because of
a sudden and severe network performance decline, the manager worries that the bank’s
network might be suffering a DoS attack. Viewing which of the following types of
network documentation would probably give you the quickest insight into what’s
causing this problem?
A. Wiring schematic
B. Firewall log
C. Logical network diagram
D. The main file server’s system log
E. Physical network diagram
Answer: B
You have connected to your bank’s home page. Its URL begins with “https://.” Based on
this information, what type of security can you assume the bank employs for receiving
and transmitting data to and from its Web server?
A. Kerberos
B. SSL
C. IPsec
D. L2TP
E. Packet-filtering firewall
Answer: B
What is the function of protocols and services at the Network layer of the OSI model?
A. To manage the flow of communications over a channel
B. To add segmentation and assembly information
C. To encode and encrypt data
D. To add logical addresses and properly route data
E. To apply electrical pulses to the wire
Answer: D
Which of the following utilities could you use to log on to a UNIX host? A. NTP B. ARP C. Ping D. SSH E. SNMP
Answer: D
While attempting to load a video to YouTube.com, the operation freezes and the upload
fails. Which characteristic of the connection is being affected?
A. Signaling
B. Signal-to-noise ratio
C. Throughput
D. Goodput
E. Attenuation
Answer: D
As a networking professional, you might use a multimeter to do which of the following?
(Choose all that apply.)
A. Determine where the patch cable for a specific server terminates on the patch panel
B. Verify that the amount of resistance presented by terminators on coaxial cable networks is
appropriate
C. Check for the presence of noise on a wire (by detecting extraneous voltage)
D. Confirm that a fiber-optic cable can transmit signals from one node to another
E. Validate the processing capabilities of a new router
Answer: B, C
A virtual switch includes several virtual ports, each of which can be considered a: A. Virtual repeater B. Virtual router C. Virtual gateway D. Virtual hub E. Virtual bridge
Answer: E
What is the default subnet mask for the following IP address: 154.13.44.87? A. 255.255.255.255 B. 255.255.255.0 C. 255.255.0.0 D. 255.0.0.0 E. 0.0.0.0
Answer: C
Which of the following diagrams illustrates a SONET network? A. [Insert Figure D-Q59A here] B. [Insert Figure D-Q59B here] C. [Insert Figure D-Q59C here] D. [Insert Figure D-Q59D here] E. [Insert Figure D-Q59E here]
Answer: B
How do most modern FTP servers prevent FTP bounce attacks?
A. They will not issue data to hosts other than the client that originated the request.
B. They will deny requests to ports 21 or 22.
C. They will not allow anonymous logons.
D. They require clients to communicate using SSH.
E. They maintain an access list to determine which clients are legitimate.
Answer: A
At what layer of the TCP/IP model is routing information interpreted? A. Physical layer B. Data Link layer C. Network layer D. Application layer E. Transport layer
Answer: C
You work for a soft drink company where the temperature of the sodas must be
monitored before the drinks are bottled. What device does this industrial network
require that can detect this information but is not capable of adjusting the thermostat
of the food processing equipment in reaction to temperature changes?
A. PLC
B. MTU
C. RTU
D. Actuator
E. HMI
Answer: A
You have been asked to help improve network performance on a store’s small office
network, which relies on two switches, two access points, and a router to connect its 18
employees to the Internet and other store locations. You decide to determine what type
of traffic the network currently handles. In particular, you’re interested in the volume
of unnecessary broadcast traffic that might be bogging down shared segments. Which
of the following tools will help you identify the percentage of traffic that comprises
broadcasts?
A. Butt set
B. OTDR
C. Protocol analyzer
D. Multimeter
E. Cable tester
Answer: C
A colleague calls you for help with his home office Internet connection. He is using an
802.11n access point/router connected to a DSL modem. The access point/router’s
private IP address is 192.168.1.1 and it has been assigned an Internet routable IP
address of 76.83.124.35. Your friend cannot connect to any resources on the Internet
using his new Windows workstation. You ask him to run the ipconfig command and
read the results to you. He says his workstation’s IP address is 192.168.1.3, the subnet
mask is 255.255.255.0, and the default gateway address is 192.168.1.10. What do you
advise him to do next?
A. Display his DNS information.
B. Change his gateway address.
C. Change his subnet mask.
D. Try pinging the loopback address.
E. Use the tracert command to contact the access point/router.
Answer: B
You are setting up a new Windows 8.1 client to connect with your LAN, which relies on
DHCP. You made certain that the client has the TCP/IP protocol installed and is bound
to its NIC. Which of the following must you do next to ensure that the client obtains
correct TCP/IP information via DHCP?
A. Make certain the client’s computer name and host name are identical.
B. Enter the client’s MAC address in the DHCP server’s ARP table.
C. Make sure the Client for Microsoft Networks service is bound to the client’s NIC.
D. Enter the DHCP server address in the Windows 8.1 TCP/IP configuration.
E. Nothing; in Windows 8.1, the DHCP option is selected by default, and the client will obtain IP
addressing information upon connecting to the network.
Answer: E
Which OSI layer(s) operate differently in wired versus wireless network connections? A. Layers 5, 6, and 7 B. Layers 1, 2, and 3 C. Layer 1 D. Layer 2 E. Layers 1 and 2
Answer: E
Which of the following devices separates broadcast domains? A. Hub B. Switch C. Bridge D. Repeater E. Router
Answer: E
Which one of the following media is most resistant to EMI? A. Coaxial cable B. UTP cable C. STP cable D. Fiber-optic cable E. Microwave
Answer: D
In the following figure, if router B suffers a failure, how will this failure affect nodes 1
through 9?
[Insert Figure D-Q69 here]
A. They will only be unable to access the Internet.
B. They will be unable to access the Internet and either nodes 10 through 14 or 15 through 20.
C. They will be unable to access the Internet, and all other nodes on the LAN.
D. They will be unable to access the Internet and nodes 10 through 20.
E. Their connectivity will not be affected.
Answer: D
Which of the following routing protocols has the poorest convergence time? A. RIP B. EIGRP C. OSPF D. BGP E. IGRP
Answer: A
Which of the following ports would be used during a domain name lookup? A. 22 B. 23 C. 53 D. 110 E. 443
Answer: C
Suppose you have created six subnets on your network, which leases a group of Class C IPv4 addresses. What subnet mask must you specify in your clients’ configurations to adhere to your subnetting scheme? A. 255.255.255.6 B. 255.255.255.128 C. 255.255.255.192 D. 255.255.255.224 E. 255.255.255.0
Answer: D
Which of the following protocols encapsulates data for transmission over VPNs? A. CHAP B. SNMP C. L2TP D. SFTP E. MPLS
Answer: C
You are configuring a DHCP server. Which of the following variables refers to the range
of IP addresses that you will make available to all nodes on a segment?
A. Scope
B. Lease
C. Zone
D. Prefix
E. Period
Answer: A
Which of the following wireless networking standards can reliably transmit data the farthest? A. LTE B. WiMAX C. 802.11b D. 802.11c E. 802.11n
Answer: A
How does STP (Spanning Tree Protocol) prevent or stop broadcast storms?
A. It examines the source IP address field in each broadcast packet and temporarily blocks traffic
from that address.
B. It enables routers to choose one set of best paths and ensures that alternate paths are used
only when the best paths are obstructed.
C. It enables switches to calculate paths that avoid potential loops and artificially blocks the links
that would complete a loop.
D. It enables firewalls to keep access lists that name hosts known for high-volume broadcast traffic
and block those hosts from transmitting to the network.
E. It helps routers define the boundaries of a broadcast domain.
Answer: C
Which of the following standards describes a security technique, often used on wireless
networks, in which a port is prevented from receiving traffic until the transmitter’s
credentials are verified by an authentication server?
A. EAPoL
B. SSH
C. SSL
D. Kerberos
E. MS-CHAP
Answer: A
If a Windows workstation is configured to use DHCP, but cannot find a DHCP server, it will assign itself an address and subnet mask. Which of the following IPv4 addresses might it assign itself? A. 129.0.0.1 B. 255.255.255.255 C. 123.45.67.89 D. 169.254.1.120 E. 987.65.432.1
Answer: D
Suppose your Windows laptop’s wireless network adapter is configured to use the
802.11n wireless networking standard. Also, suppose a café you visit has an 802.11ac
access point. Assuming you have the correct SSID and logon credentials, what will
happen when you attempt to associate with the café’s wireless network?
A. Your wireless networking client will be able to see the access point, but will be unable to
associate with it.
B. Your wireless networking client will not be able to see the access point.
C. Your wireless networking client will be able to see the access point and attempt to associate
with it, but the incompatible frequencies will prevent successful authentication.
D. Your wireless networking client will be able to see the access point and attempt to associate
with it, but the incompatible security techniques will prevent successful authentication.
E. Your wireless networking client will be able to see the access point and successfully associate
with it.
Answer: E
Routers use IGMP to:
A. Identify nodes belonging to a multicast group
B. Communicate with other routers about the best path between nodes
C. Reserve bandwidth for priority transmissions, ensuring high QoS
D. Filter out potentially harmful packets
E. Predict the expected round-trip time of a packet over a WAN
Answer: A
A virtual PBX would provide your organization with which of the following services? A. Data storage in the cloud B. VoIP call connection C. Expedited Internet routing D. QoS guarantees for video streaming E. Load balancing for WAN connections
Answer: B
You work for a large fashion design firm. Because of a recent TV promotion, your
company has received national recognition. At the same time, your WAN has received
more security threats. To help fend off these threats, you decide to implement an
IPS/IDS. Following is a simplified network diagram that represents your private
network and its public network connection. Where on this diagram would you place the
IPS/IDS device?
[Insert Figure D-Q82 here]
Answer: E
An implementation of multiple 5-GHz APs that talk to each other in order to obtain
802.11n-type speeds is accomplished with what unofficial wireless standard?
A. 802.11a-ht
B. 802.11g-ht
C. 802.11ac
D. Super G
E. 802.11i
Answer: A
A user watching a YouTube video over the Internet is an example of what type of communication? A. Unicast B. Multicast C. Broadcast D. Point-to-multipoint E. Multipoint-to-point
Answer: A
You are configuring a connection between two backbone switches, and you want to
make sure the connection doesn’t fail or become overwhelmed by heavy traffic. Which
of the following techniques would help you achieve both aims?
A. Round-robin DNS
B. CARP
C. Clustering
D. Trunking
E. NIC teaming
Answer: E
Using RIPv2, what is the maximum number of hops a packet can take between its source and its destination? A. 3 B. 5 C. 10 D. 15 E. 18
Answer: D
Which of the following QoS techniques enables packet-switched technologies to travel
over traditionally circuit-switched connections?
A. ATM
B. SONET
C. MPLS
D. Frame relay
E. Clustering
Answer: C
What kind of management does SSH provide for a switch? A. Remote configuration B. Management console C. In-band management D. Virtual terminal E. KVM
Answer: C
How many bits are in an IPv6 address? A. 16 B. 32 C. 64 D. 128 E. 256
Answer: D
Which of the following makes use of channel bonding to maximize throughput? A. Bluetooth B. Satellite C. 802.11g D. 802.11n E. WiMAX
Answer: D
The following graph, which represents traffic activity for an ISP’s client, indicates that the ISP is utilizing what traffic-shaping technique? [Insert Figure D-Q91 here] A. Traffic policing B. Caching C. Load balancing D. Access list controls E. Fault tolerance
Answer: A
Your organization is reassessing its WAN connections to determine how much more
bandwidth it will need to purchase in the next five years. As a network administrator,
which of the following data can you share that will help management make the right
decision?
A. Wiring schematic
B. Logical network diagram
C. Syslogs
D. Baselines
E. Physical network diagram
Answer: D
If an organization follows structured cabling standards, where would its demarc be located? A. Entrance facility B. Work area C. IDF D. Cross-connect facility E. Backbone
Answer: A
You are helping to troubleshoot a recurring problem related to obtaining and keeping a
DHCP-distributed IP address on a colleague’s Windows 7 workstation. What
application would allow you to configure the workstation to tally these errors and send
you an email message every time such a problem occurred?
A. Network and Internet Connections
B. System Logger
C. PuTTY
D. System Manager
E. Event Viewer
Answer: E
You are creating a new Linux server as a virtual machine on your Windows 8.1
workstation. Which of the following commands will tell you the IP address that is
assigned to your virtual server?
A. ipconfig /all at the Windows command prompt
B. ifconfig –a at the Linux server’s shell prompt
C. ethtool –a at the Linux server’s shell prompt
D. ip addr at the Windows command prompt
E. ipconfig –a at the Linux server’s shell prompt
Answer: B
In IPv6 addressing, which of the following prefixes indicates that an address belongs to a multicast group? A. 00FF B. 1F3E C. FF02 D. 0001 E. FEC0
Answer: C
Suppose your WAN contains a segment that relies on the l0GBase-EW standard. Which
of the following transmission technologies might it use?
A. SONET
B. Satellite
C. Broadband cable
D. DSL
E. Metro Ethernet
Answer: A
The software on a firewall you recently installed on your network examines each
incoming packet. Based on a set of criteria, including source IP address, source and
destination ports, and protocols, it blocks or allows traffic. What type of system is this?
(Choose all that apply.)
A. Content-filtering firewall
B. Stateful firewall
C. Stateless firewall
D. Packet-filtering firewall
E. Application layer firewall
Answer: C, D
Ethernet and ATM both specify Data Link layer framing techniques. How do they
differ?
A. Ethernet uses CRC fields to confirm the validity of the frame, whereas ATM uses no error
detection.
B. Ethernet uses variably sized packets, whereas ATM uses fixed-sized cells.
C. Ethernet uses synchronous transmission, whereas ATM uses asynchronous transmission.
D. Ethernet uses frame headers, whereas ATM does not.
E. Ethernet offers no guarantee of timely delivery, whereas ATM ensures that packets are
delivered within 10 ms.
Answer: B
What STP configuration ensures that a laptop connected to a switch cannot alter the STP paths on the network? A. BPDU filter B. BPDU guard C. Root bridge D. BID E. Designated port
Answer: B
