Final Exam

Question 1

qtext

Answer 1

answer

Question 2

Which routing protocol uses a composite metric of bandwidth and delay of the line to find the best path to a remote network?

Answer 2

EIGRP

Question 6

Which command will display the current contents of the ARP cache on the local workstation?

Answer 6

arp -a

Question 8

A network device that is used to connect multiple devices without segmenting a network is a ?

Answer 8

Hub

Question 9

The Spanning Tree Protocol allows for redundancy of what networking device?

Answer 9

Bridge (switch)

Question 10

Which can operate at both Layers 2 and Layer 3 of the OSI model?

Answer 10

Layer 3 switch

Question 11

SMTP resides at what layer of the OSI model?

Answer 11

Application

Question 12

A user discovers that their wireless 802.11g Internet connection is intermittently disrupted. What can typically cause this problem?

Answer 12

Cordless phones and/or microwave ovens

Question 13

Which device helps to increase the number of collision domains?

Answer 13

Switch

Question 14

Which logical physical topology does 802.3 utilize?

Answer 14

Bus

Question 15

Which wireless standard has a maximum data rate of 11Mbps?

Answer 15

802.11b

Question 16

What functionality does Kerberos provide?

Answer 16

Authentication of security principles and authorization of access to resources

Question 17

What TCP/IP port numbers does FTP utilize?

Answer 17

20 and 21. 20 is FTP data or a client, and 21 is an FTP server.

Question 18

At what layer of the OSI model does UDP reside?

Answer 18

Transport

Question 19

Convert the following binary string to its dotted decimal address: 11000000.10101000.01100011.00011010

Answer 19

192.168.99.26

Question 20

100BaseTX uses how many pairs of Category 5 unshielded twisted-pair (UTP) cables?

Answer 20

2 pairs

Question 21

What device connects computers with wireless adapters to a network in infrastructure mode?

Answer 21

Access point

Question 22

Converting analog signals to digital signals and digital signals to analog signals can be done using what device?

Answer 22

Modem. Dial-up modems are rarely used today, but cable modems are.

Question 23

The maximum segment length for Ethernet is .

Answer 23

100 meters (328 feet)

Question 24

What is the maximum speed of 802.11g?

Answer 24

54Mbps (megabits per second)

Question 25

Which techniques would increase the bandwidth for network transmission by joining multiple connections into one logical connection?

Answer 25

Bonding

Question 26

True/False: Firewalls are used to prevent packets from entering and leaving a network.

Answer 26

TRUE

Question 27

Which device can never run full duplex?

Answer 27

Hub

Question 28

A valid Media Access Control (MAC) address is how many bytes long?

Answer 28

6

Question 29

What well-known port does Trivial File Transfer Protocol (TFTP) use?

Answer 29

69

Question 30

In which OSI layer does a bridge operate?

Answer 30

Data Link

Question 31

An IT specialist is going to implement a packet filter on a network for Internet connections. What port must they allow through the firewall for users to connect to the Web?

Answer 31

80

Question 32

What is the name of the point where local exchange carrier responsibility ends?

Answer 32

Demarc

Question 33

What protocol translates the IP address to its physical network address?

Answer 33

ARP

Question 34

Ethernet networking is known as a physical topology.

Answer 34

Star

Question 35

What is the default port for HTTPS?

Answer 35

443

Question 36

In the Media Access Control (MAC) address 00:B0:D0:6A:F2:B5, what does 00:B0:D0 identify?

Answer 36

The manufacturer of the device, known as the OUI

Question 37

Which network segment is located outside the firewall?

Answer 37

DMZ

Question 38

A network administrator needs to establish a remote connection to a client machine. Telnet is not secure because everything is sent in the clear. Which protocol and port number should be used instead?

Answer 38

Secure Shell (SSH), port 22

Question 43

What fiber connector looks similar to an RJ-45 connector and connects two strands of fiber?

Answer 43

Mechanical transfer registered jack (MT-RJ)

Question 44

What cable type is used to link together two buildings that are over 10 miles (16.09 kilometers) apart?

Answer 44

Single-mode fiber (SMF)

Question 45

What is the maximum Cat 3 length acceptable for a horizontal cross-connect?

Answer 45

100 meters (328 feet)

Question 46

An optical time-domain reflectometer (OTDR) can be used to assess what?

Answer 46

Fiber segments

Question 47

What level of the Open Systems Interconnection (OSI) model does a proxy server operate in?

Answer 47

Application

Question 48

What device is used to create a virtual local area network (VLAN)?

Answer 48

Switch

Question 51

What protocol creates a secure connection between a web browser and a web server and is an alternative to using Telnet?

Answer 51

Secure Sockets Layer (SSL)

Question 52

True/False: If an administrator wants to set up an email server to exchange emails with other servers over the Internet, Simple Mail Transfer Protocol (SMTP) would be utilized.

Answer 52

TRUE

Question 53

Which remote access authentication protocol allows usernames and passwords to be transmitted as clear text?

Answer 53

Password Authentication Protocol (PAP), which has been replaced by CHAP.

Question 54

At what layer of the Open Systems Interconnection (OSI) model does a router function?

Answer 54

Network

Question 55

Simple Mail Transfer Protocol (SMTP) utilizes what well-known Transmission Control Protocol/Internet Protocol (TCP/IP) port number?

Answer 55

25

Question 57

A technician pings 127.0.0.1 and gets the following result - Unable to contact IP driver, error code 2. - What should you do now?

Answer 57

Reinstall the TCP/IP protocol

Question 58

True/False: 172.192.4.256 is a valid Internet Protocol (IP) address.

Answer 58

False

Question 59

What Open Systems Interconnection (OSI) layer converts digital data into electronic signals to be put on a wire?

Answer 59

Physical

Question 60

True/False: Internet Control Message Protocol (ICMP) is used for error reporting with Internet Protocol (IP).

Answer 60

TRUE

Question 61

Which WAN technologies uses 30 64Kpbs channels?

Answer 61

E-1

Question 62

What network hardware allows most traffic collisions?

Answer 62

Hub

Question 63

Which system detects and reports attempts of unauthorized access to the network?

Answer 63

IDS

Question 64

True/False: 32-bit is a valid Wired Equivalent Privacy (WEP) key.

Answer 64

FALSE

Question 65

True/False: 1000Mbps is known as 1000 terabytes per second.

Answer 65

False. It means gigabyte per second.

Question 66

True/False: One of the purposes of a virtual local area network (VLAN) is to add more users.

Answer 66

False. It is to break up broadcast domains.

Question 67

Which device would administer routing in a network?

Answer 67

Router, or Layer 3 switch

Question 69

True/False: If a network administrator needs to restrict access to certain websites, a proxy server should be implemented.

Answer 69

TRUE

Question 70

A technician is terminating a line that was extending an Ethernet jack to a wiring closet. Which hardware tool is necessary to complete the task?

Answer 70

Punch-down tool

Question 71

What is required to pass traffic from one VLAN to another?

Answer 71

Router, or Layer 3 switch

Question 73

At what two layers of the Open Systems Interconnection (OSI) model does a packet-filtering firewall operate?

Answer 73

Network and Transport

Question 74

How many pairs are crossed in a crossover cable?

Answer 74

Two

Question 75

True/False: The maximum speed of 802.11b is 54Mbps (megabits per second).

Answer 75

FALSE

Question 76

True/False: The maximum speed of 802.11b is 11Mbps (megabits per second).

Answer 76

TRUE

Question 77

Which documentation would a network administrator need to update if they have just finished upgrading the firmware on all switches within the LAN?

Answer 77

Physical network diagram

Question 78

True/False: The number of wireless users will affect the range of an 802.11b wireless access point (WAP).

Answer 78

False. It will affect the throughput but not the distance.

Question 79

True/False: 1000BaseCX is an Institute of Electrical and Electronics Engineers (IEEE) copper cable standard.

Answer 79

TRUE

Question 80

True/False: A mesh network has the least collisions.

Answer 80

TRUE

Question 81

True/False: Mesh network topology uses the most cable of any physical topology.

Answer 81

TRUE

Question 82

True/False: 100BaseFX runs over Category 5e cable.

Answer 82

FALSE

Question 83

True/False: 100BaseFX runs over multimode fiber (MMF) cable.

Answer 83

TRUE

Question 84

What is the maximum cable type required for 100BaseTX?

Answer 84

Category 5 unshielded twisted-pair (UTP)

Question 85

True/False: Using a wireless access point (WAP), you can bridge an 802.3 network to an 802.11 network.

Answer 85

TRUE

Question 86

Which type of connector does a 10BaseFL network use?

Answer 86

Straight tip (ST)

Question 87

True/False: The 802.11b/g frequency band is 2.4GHz (gigahertz).

Answer 87

TRUE

Question 88

Which protocol permits secure polling network devices?

Answer 88

SNMPv3

Question 89

Which is a topology used in networks for its scalability?

Answer 89

Star

Question 90

What is part of the IP suite and is used to monitor network-managed devices?

Answer 90

SNMP

Question 92

A technician is extending a data circuit to the other side of the building. What would the technician set up at the new location?

Answer 92

IDF

Question 93

Among the encryption protocols that the DoD says are unbreakable, which is the best?

Answer 93

AES

Question 94

What encryption protocol or standard allows you to create a virtual subnet on an intranet?

Answer 94

SSL VPN

Question 95

Which user-authentication method uses a public key and private key pair?

Answer 95

PKI

Question 96

True/False: RIPv2 is a hybrid routing protocol.

Answer 96

FALSE

Question 97

True/False: RIPv1 is a link state routing protocol.

Answer 97

FALSE

Question 98

Which two software types would be used for identifying an attack?

Answer 98

IDS and IPS

Question 99

A client purchases a new wireless printer and wants to be able to bond it their PDA. What is the name of the technology that describes the type of wireless printer that was purchased?

Answer 99

Bluetooth

Question 100

True/False: Internet Protocol version 6 (IPv6) uses 128-bit addresses.

Answer 100

TRUE

Question 101

A technician has just finished implementing a solution for a network issue. What steps in should the technician do next?

Answer 101

Document the issue and the solution that was implemented.

Question 102

True/False: A denial of service (DoS) attack is meant to prevent users from accessing a system.

Answer 102

TRUE

Question 103

True/False: IP spoofing is the process of sending a packet with a fake source address, pretending that the packet is coming from within the network the hacker is trying to attack.

Answer 103

TRUE

Question 104

Which routing protocols uses AS-Path as one of the methods to build the routing table?

Answer 104

BGP

Question 105

A technician is troubleshooting a switch and has identified the symptoms. What step should the technician take next?

Answer 105

Escalate the issue.

Question 106

What kind of tool could a hacker use to intercept traffic on your network?

Answer 106

Packet sniffer

Question 107

Remote users are having problems accessing files from a file server. Which should a technician check first?

Answer 107

Connectivity

Question 108

Which type of virus attacks executable application and system program files?

Answer 108

File virus

Question 109

Which monitoring software is used to view a network at the frame level?

Answer 109

Packet sniffer

Question 110

A technician needs to test a wire that is in the wall. What is the best way for the technician to identify the wire’s location?

Answer 110

Use a tone generator

Question 111

What devices allow segregation of collision domains but not broadcasting domains?

Answer 111

Switches

Question 112

What is the maximum transmission distance of 10GBaseLR?

Answer 112

6 miles

Question 113

In which layer of the OSI model does IPSec operate?

Answer 113

Network (Layer 3)

Question 114

What tool would be used to test the break in a fiber connection on the network?

Answer 114

OTDR

Question 115

True/False: A rogue access point is where a switch has been installed on a network without the administrator’s knowledge.

Answer 115

False. Where an AP has been installed without permission.

Question 116

True/False: Phishing/social engineering refers to the act of attempting to illegally obtain sensitive information by pretending to be a credible source.

Answer 116

TRUE

Question 117

What are the three main types of intruder detection and defense?

Answer 117

Active detection, passive detection, proactive defense

Question 118

What defines how security will be implemented in an organization, including physical security, document security, and network security?

Answer 118

Security policy

Question 119

What authentication method allows for domain-level authentication on a wireless network?

Answer 119

RADIUS

Question 120

A company is in the process of upgrading its network infrastructure to support new VoIP telephony equipment. What is a primary feature to consider when selecting a new switch to support the phones?

Answer 120

PoE

Question 121

True/False: A security procedure defines the appropriate response to a security event on your network.

Answer 121

TRUE

Question 122

What are the three primary LAN topologies?

Answer 122

Bus, ring, and star, but we only use bus in today’s LANs.

Question 123

What common WAN topology often results in multiple connections to a single site, leading to a high degree of fault tolerance?

Answer 123

Mesh

Question 124

What is the term for a device that shares its resources with other network devices?

Answer 124

Server

Question 125

What network model draws a clear distinction between devices that share their resources and devices that do not?

Answer 125

Client-server

Question 126

Which network topology or connection type can be implemented with only two endpoints?

Answer 126

Point-to-point

Question 127

Will a computer that shares no resources most likely be connected to the backbone or to a segment?

Answer 127

Segment

Question 128

Which LAN topology is characterized by all devices being daisy-chained together with the devices at each end being connected to only one other device?

Answer 128

Bus

Question 129

True/False: RIP is a vendor-neutral routing protocol that uses very little bandwidth but a lot of memory on a router.

Answer 129

False. Yes, RIP is vendor neutral, but it uses little router processing and a lot of bandwidth to do its job.

Question 130

True/False: OSPF is a hybrid routing protocol.

Answer 130

FALSE

Question 131

True/False: EIGRP is used to update the ARP tables on a router.

Answer 131

FALSE

Question 132

What does the acronym ICMP stand for?

Answer 132

Internet Control Message Protocol

Question 133

True/False: EIGRP is a classful routing protocol.

Answer 133

FALSE

Question 134

True/False: EIGRP has no version that supports IPv6.

Answer 134

FALSE

Question 135

True/False: OSPF is a link state protocol that supports VLSM and classless routing.

Answer 135

TRUE

Question 136

True/False: RIPv1 is a distance vector protocol that does not support VLSM and supports only classful routing.

Answer 136

TRUE

Question 137

What does the acronym IS-IS stand for?

Answer 137

Intermediate System-to-Intermediate System

Question 138

What does the acronym IDS stand for?

Answer 138

Intrusion detection system

Question 139

What WAN protocol is described as residing in Layer 2.5 of the OSI model?

Answer 139

MPLS

Question 140

True/False: If you can ping a host, this does not mean you can access its services.

Answer 140

TRUE

Question 142

What is another name for the Media Access Control (MAC) address?

Answer 142

Physical address or hardware address

Question 143

Which LAN connection technology has a full-duplex speed of 200Mbps and uses a Cat 5e cable?

Answer 143

100BaseT

Question 144

What is the Internet Protocol version 4 (IPv4) loopback address?

Answer 144

127.0.0.1

Question 145

An Ethernet Media Access Control (MAC) address consists of how many bits?

Answer 145

48

Question 146

True/False: EIGRP uses hop count as a metric to determine the best path to a remote network.

Answer 146

FALSE

Question 147

Why would you use dynamic routing over static routing?

Answer 147

It updates the routing table automatically and scales to large networks.

Question 148

True/False: OSPF can be used only on Cisco routers.

Answer 148

FALSE

Question 149

True/False: DSL is used to connect hosts to an Ethernet hub.

Answer 149

FALSE

Question 150

True/False: SDSL means that your download and upload speeds on the line are different.

Answer 150

TRUE

Question 151

True/False: A link light is the small, usually red, LED on the back of a network card.

Answer 151

FALSE

Question 152

True/False: ADSL means that the uplink and download speeds of a DSL link are the same.

Answer 152

TRUE

Question 153

Which of the following does not accurately describe TACACS+ in comparison to RADIUS?
A. TACACS+ relies on TCP, not UDP, at the Transport layer.
B. TACACS+ is typically installed on a router or switch, rather than on a server.
C. TACACS+ encrypts all information transmitted for AAA rather than just the password.
D. TACACS+ was developed for proprietary use on Cisco products.
E. TACACS+ operates as a software application on a remote access server.

Answer 153

Answer: E

Question 154

Your network manager has purchased a dozen new access points and all are configured
to use the new 802.11ac standard in the 5-GHz band. These access points will be
backward-compatible with older access points that run which of the following
standards? (Choose all that apply.)
A. 802.11g
B. 802.11n
C. 802.11b
D. Bluetooth
E. None of the above

Answer 154

Answer: A, B, C

Question 155

Which of the following figures reflects the type of physical topology commonly used on 
a 100Base-T network? 
A. [Insert Figure D-Q3A here] 
B. [Insert Figure D-Q3B here]
C. [Insert Figure D-Q3C here]
D. [Insert Figure D-Q3D here]
E. [Insert Figure D-Q3E here]

Answer 155

Answer: E

Question 156

You have installed and configured two virtual Web servers and a virtual mail server on
a physical server. What networking mode will you assign to each server’s vNIC to
ensure that the virtual machines’ hosts on the Internet can access the virtual machines?
A. NAT
B. Bridged
C. Host-only
D. Internal
E. Grouped

Answer 156

Answer: B

Question 157

Your organization contracts with a cloud computing company to store all of its data.
The company promises 99.99% uptime. If it lives up to its claims, for how many
minutes each year can you expect your data to be unavailable?
A. Approximately 448 minutes
B. Approximately 99 minutes
C. Approximately 52 minutes
D. Approximately 14 minutes
E. Approximately 6 minutes

Answer 157

Answer: C

Question 158

You are rearranging nodes on your Gigabit Ethernet network. Due to a necessarily
hasty expansion, you have decided to supply power to a wireless router in a makeshift
data room using PoE. What is the minimum cabling standard you must use to connect
this wireless router to the network’s backbone?
A. RG-6
B. RG-59
C. Cat 5e
D. SMF
E. Cat 6

Answer 158

Answer: C

Question 159

To ensure that your private network is always protected, you decide to install three 
redundant firewalls. Which of the following would allow you to assign the same IP 
address to all three? 
A. SMTP 
B. CARP 
C. SNMPv3 
D. IMAP 
E. NTP

Answer 159

Answer: B

Question 160

You are a networking technician in a radiology clinic, where physicians use the network
to transmit and store patients’ diagnostic results. Shortly after a new wing, which
contains X-ray and magnetic resonance imaging (MRI) machines, is added to the
building, computers in that area begin having intermittent problems saving data to the
file server. After you have gathered information, identified the symptoms, questioned
users, and determined what has changed, what is your next step in troubleshooting this
problem?
A. Establish a plan of action to resolve the problem.
B. Escalate the problem.
C. Document findings, actions, and outcomes.
D. Establish a theory of probable cause.
E. Determine the next steps to resolve the problem.

Answer 160

Answer: D

Question 161

You are part of a team participating in a posture assessment of your company’s WAN. 
Which of the following tools or strategies will help you gain a broad understanding of 
your network’s vulnerabilities? 
A. MIB 
B. War chalking 
C. Nmap 
D. WPA cracking 
E. PGP

Answer 161

Answer: C

Question 162

You work for an ISP. Several of your customers have called to complain about the slow
response from a popular Web site. You suspect that network congestion is at fault.
Which TCP/IP utility would help you determine where the congestion is occurring?
A. FTP
B. Nslookup
C. Nbtstat
D. Tracert
E. Telnet

Answer 162

Answer: D

Question 163

Which of the following WAN topologies is the most fault tolerant? 
A. Full mesh 
B. Bus 
C. Peer-to-peer 
D. Ring 
E. Hierarchical

Answer 163

Answer: A

Question 164

Which of the following is a valid MAC address? 
A. C3:00:50:00:FF:FF 
B. 153.101.24.3 
C. ::9F53 
D. FE80::32:1CA3:B0E2 
E. D0:00:00:00

Answer 164

Answer: A

Question 165

What type of network could use the type of connector shown below? 
[Insert Figure D-Q13 here] 
A. 100Base-FX 
B. 100Base-TX 
C. l0Base-T 
D. 1000Base-T 
E. 10Base-2

Answer 165

Answer: A

Question 166

Your organization has just ordered its first T-1 connection to the Internet. Prior to that,
your organization relied on a DSL connection. Which of the following devices must you
now have that your DSL connection didn’t require?
A. Modem
B. CSU/DSU
C. Switch
D. Hub
E. Router

Answer 166

Answer: B

Question 167

Which of the following wireless standards provides an entirely IP-based, packet
switched network for both voice and data transmissions? (Choose two.)
A. LTE
B. 802.16e
C. 802.16m
D. HSPA+
E. 802.11n

Answer 167

Answer: A, C

Question 168

You have created a new Web server on a computer running the Linux operating system. 
Which of the following programs will generate messages when modules don’t load 
correctly or services encounter errors? 
A. Event Viewer 
B. IDS/IPS 
C. Packet Sniffer 
D. Network Monitor 
E. Syslog

Answer 168

Answer: E

Question 169

You have been asked to provide a connectivity solution for a shuttle-bus system at a
large theme park. The owners of the park want a wireless network that reaches all
parking lots and drop-off points throughout the park’s 2.4-square mile campus. Each
shuttle is to be equipped with a wireless antenna to provide real-time pick-up and drop
off directives to each driver. The park owners plan to install their own base station
antennas in order to have complete control of the amount and type of traffic traversing
the WAN, but they are very concerned about the cost of equipment installation.
Considering the needs and priorities of the theme park owners, what is the best solution
for this client?
A. Metro Ethernet
B. 802.11n
C. NFC
D. 802.11ac
E. WiMAX

Answer 169

Answer: E

Question 170

You want to add the five virtual machines that exist on your host machine to the Staff
VLAN at your office. Which of the following must your host machine’s NIC support?
A. CSMA/CA
B. Channel bonding
C. MIMO
D. Trunking
E. OSPF

Answer 170

Answer: D

Question 171

You have just rearranged the access points on your small office network. Now a group
of employees complains that they cannot reliably get their workstations to connect with
a new 802.11ac access point. You have confirmed that the workstations are using the
correct SSID, security type, and passphrase. You have also confirmed that the access
point is on and functioning properly because when you stand in the computer room
where it’s located, you can connect to the access point from your smartphone. Which of
the following is likely preventing the other users’ workstations from associating with the
new access point?
A. The users are attempting to log on using incorrect user IDs.
B. The workstations are located beyond the access point’s range.
C. The workstations are set to use 802.11g.
D. The users have turned off their wireless antennas.
E. The workstations’ wired NICs are causing addressing conflicts with their wireless NICs.

Answer 171

Answer: B

Question 172

Which of the following wireless security techniques uses RADIUS and AES? 
A. WEP 
B. WPA 
C. WPA2 
D. WPA-Enterprise 
E. WPA2-Enterprise

Answer 172

Answer: E

Question 173

You are the network administrator for a large college whose network contains nearly
10,000 workstations, over 100 routers, 80 switches, and 2000 printers. You are
researching a proposal to both upgrade the routers and switches on your network and
at the same time improve the management of your network. To make automating
network management easier, what type of protocol must the new routers and switches
support?
A. TFTP
B. SMTP
C. NNTP
D. ICMP
E. SNMP

Answer 173

Answer: E

Question 174

In the process of troubleshooting an intermittent performance problem with your
network’s Internet connection, you attempt to run a tracert test to microsoft.com. The
tracert response displays the first 12 hops in the route, but then presents several
“Request timed out” messages in a row. What is the most likely reason for this?
A. Your network’s ISP is experiencing connectivity problems.
B. The Internet backbone is experiencing traffic congestion.
C. Your client’s TCP/IP service limits the tracert command to a maximum of 12 hops.
D. Your IP gateway failed while you were attempting the tracert test.
E. Microsoft’s network is bounded by firewalls that do not accept incoming ICMP traffic.

Answer 174

Answer: E

Question 175

What is the network ID for a network that contains the group of IP addresses from
194.73.44.10 through 194.73.44.254 and is not subnetted?
A. 194.1.1.1
B. 194.73.0.0
C. 194.73.44.1
D. 194.73.44.255
E. 194.73.44.0

Answer 175

Answer: E

Question 176

Which of the following 10-gigabit technologies has the longest maximum segment 
length? 
A. 10GBase-SR 
B. 10GBase-ER 
C. 10GBase-T 
D. 10GBase-LW 
E. 10GBase-SW

Answer 176

Answer: B

Question 177

Recently, your company’s WAN experienced a disabling DDoS attack. Which of the 
following devices could detect such an attack and prevent it from affecting your 
network in the future? 
A. A honeypot 
B. SIEM 
C. HIPS 
D. Nmap 
E. NIPS

Answer 177

Answer: E

Question 178

In NAT, how does an IP gateway ensure that outgoing traffic can traverse public
networks?
A. It modifies each outgoing frame’s Type field to indicate that the transmission is destined for a
public network.
B. It assigns each outgoing packet a masked ID via the Options field.
C. It interprets the contents of outgoing packets to ensure that they contain no client-identifying
information.
D. It replaces each outgoing packet’s Source address field with a public IP address.
E. It modifies the frame length to create uniformly sized frames, called cells, which are required for
public network transmission.

Answer 178

Answer: D

Question 179

You have purchased an access point capable of exchanging data via the 802.11n or
802.11ac wireless standard. According to these standards, what is the maximum
distance, in meters, from the access point that wireless stations can travel and still
reliably exchange data with the access point?
A. 20
B. 75
C. 100
D. 400
E. 550

Answer 179

Answer: D

Question 180

Which of the following functions does SIP perform on a VoIP network? (Choose all that
apply.)
A. Determines the locations of endpoints
B. Provides call waiting and caller ID services
C. Prioritizes calls for any single endpoint in a queue
D. Establishes sessions between endpoints
E. Encrypts VoIP signals before they are transmitted over the network

Answer 180

Answer: A, D

Question 181

You suspect that a machine on your network with the host name PRTSRV is issuing 
excessive broadcast traffic on your network. What command can you use to determine 
this host’s IP address? 
A. netstat PRTSRV 
B. ipconfig PRTSRV 
C. nslookup PRTSRV 
D. ifconfig PRTSRV 
E. nbtstat PRTSRV

Answer 181

Answer: C

Question 182

Which of the following allows a protocol analyzer on your network’s backbone switch 
to monitor all the traffic on a VLAN? 
A. Trunking 
B. Port mirroring 
C. Looping 
D. Spanning Tree Protocol 
E. Caching

Answer 182

Answer: B

Question 183

What element of network management systems operates on a managed device, such as a 
router? 
A. MIB 
B. Polling 
C. Agent 
D. Nmap 
E. Caching

Answer 183

Answer: C

Question 184

Your company is experiencing a growth spurt and is ready to invest in a more
sophisticated disaster recovery plan. Currently the only backup plan consists of a few
spare computers in a storage closet, with data on the servers duplicated weekly to an
off-site backup service. The owners of the company have committed to acquiring
additional servers to duplicate critical servers in their current network, and they want
the servers to be configured identically to the servers now in use. The new servers will
be stored at an off-site data center, and updated every time the on-site servers are
updated. What type of disaster recovery site is your company creating?
A. Hot site
B. Ambient site
C. Site survey
D. Warm site
E. Looking glass site

Answer 184

Answer: D

Question 185

Which of the following is a single sign-on authentication method? 
A. IPsec 
B. EAPoL 
C. SSL 
D. Kerberos 
E. CHAP

Answer 185

Answer: D

Question 186

You are a network administrator for a WAN that connects two regional insurance
company offices—the main office and a satellite office—to each other by a T-3. The
main office is also connected to the Internet using a T-3. This T-3 provides Internet
access for both offices. To ensure that your private network is not compromised by
unauthorized access through the Internet connection, you install a firewall between the
main office and the Internet. Shortly thereafter, users in your satellite office complain
that they cannot access the file server in the main office, but users in the main office can
still access the Internet. What two things should you check?
A. Whether the firewall has been configured to run in promiscuous mode
B. Whether the firewall is placed in the appropriate location on the network
C. Whether the firewall has been configured to allow access from IP addresses in the satellite
office
D. Whether the firewall has been configured to receive and transmit UDP-based packets
E. Whether the firewall has been configured to allow Internet access over the main office’s T-3

Answer 186

Answer: B, C

Question 187

What is one function of a VPN concentrator?
A. To prioritize traffic on a VPN
B. To consolidate multiple VPNs into a single, larger VPN
C. To cache a VPN’s frequently requested content
D. To establish VPN tunnels
E. To collect traffic from multiple VLANs into a VPN

Answer 187

Answer: D

Question 188

While troubleshooting a workstation connectivity problem, you type the following
command: ping 127.0.0.1. The response indicates that the test failed. What can
you determine about that workstation?
A. Its network cable is faulty or not connected to the wall jack.
B. Its TCP/IP stack is not installed properly.
C. Its IP address has been prevented from transmitting data past the default gateway.
D. Its DHCP settings are incorrect.
E. Its DNS name server specification is incorrect.

Answer 188

Answer: B

Question 189

You are a support technician working in a data closet in a remote office. You suspect
that a connectivity problem is related to a broken RJ-45 plug on a patch cable that
connects a switch to a patch panel. You need to replace that connection, but you forgot
to bring an extra patch cable. You decide to install a new RJ-45 connector to replace the
broken RJ-45 connector. What two tools do you need to successfully accomplish this
task?
A. Punch-down tool
B. Crimping tool
C. Wire stripper
D. Cable tester
E. Multimeter

Answer 189

Answer: B, C

Question 190

In IPv6, which of the following is the loopback address? 
A. 1.0.0.1 
B. 127:0:0:0:0:0:0:1 
C. FE80::1 
D. ::1 
E. 127.0.0.1

Answer 190

Answer: D

Question 191

Which two of the following devices operate only at the Physical layer of the OSI model? 
A. Hub 
B. Switch 
C. Router 
D. Bridge 
E. Repeater

Answer 191

Answer: A, E

Question 192

Which of the following is a reason for using subnetting?
A. To facilitate easier migration from IPv4 to IPv6 addressing
B. To enable a network to use DHCP
C. To limit broadcast domains
D. To reduce the likelihood for user error when modifying TCP/IP properties
E. To reduce the number of routing table entries

Answer 192

Answer: C

Question 193

Which of the following is often used to secure data traveling over VPNs that use L2TP? 
A. PPTP 
B. PPoE 
C. Kerberos 
D. SSH 
E. IPsec

Answer 193

Answer: E

Question 194

Which two of the following routing protocols offer fast convergence time and can be 
used on interior or border routers? 
A. RIP 
B. RIPv2 
C. OSPF 
D. BGP 
E. EIGRP

Answer 194

Answer: C, E

Question 195

At the beginning of the school year, students at your school must configure their
computers and other devices to obtain trusted access to the student portion of the
school’s network. What is this process called?
A. Authenticating
B. Remote wiping
C. Backleveling
D. Onboarding
E. Updating

Answer 195

Answer: D

Question 196

Which signaling protocol is modeled after HTTP and is limited to IP networks? 
A. H.323 
B. RTCP 
C. SIP 
D. MGCP 
E. RTP

Answer 196

Answer: C

Question 197

Due to popular demand from employees who need to roam from one floor of your office
building to another, you are expanding your wireless network. You want to ensure that
mobile users enjoy uninterrupted network connectivity without having to reconfigure
their workstations’ wireless network connection settings. Which of the following
variables must you configure on your new access points to match the settings on existing
access points?
A. Administrator password
B. Scanning rate
C. SSID
D. IP address
E. Signal strength

Answer 197

Answer: C

Question 198

Which transport protocol and TCP/IP port does telnet use? 
A. UDP, port 23 
B. TCP, port 21 
C. UDP, port 22 
D. TCP, port 23 
E. UDP, port 21

Answer 198

Answer: D

Question 199

What is the purpose of an AAAA resource record in your DNS zone file?
A. It identifies a host’s IPv4 address.
B. It identifies a host’s IPv6 address.
C. It identifies a host’s MAC address.
D. It identifies a mail server address.
E. It indicates an alternate name for the host.

Answer 199

Answer: B

Question 200

What protocol is used to transfer mail between a Sendmail server and a Microsoft 
Exchange server? 
A. SMTP 
B. SNMP 
C. IMAP4 
D. POP3 
E. TFTP

Answer 200

Answer: A

Question 201

What would the command route del default gw 192.168.5.1 eth1
accomplish on your Linux workstation?
A. Delete the default gateway’s route to the host whose IP address is 192.168.5.1
B. Remove the assignment of IP address 192.168.5.1 from the eth1 interface
C. Remove the workstation’s route to the default gateway whose IP address is 192.168.5.1
D. Add a route from the workstation to the default gateway whose IP address is 192.168.5.1
E. Remove the designation of default gateway, but keep the route for the host whose IP address is
192.168.5.1

Answer 201

Answer: C

Question 202

Your 100Base-T network is wired following the TIA/EIA 568B standard. As you make 
your own patch cable, which wires do you crimp into pins 1 and 2 of the RJ-45 
connector? 
A. White with green stripe and green 
B. White with brown stripe and brown 
C. White with blue stripe and blue 
D. White with red stripe and red 
E. White with orange stripe and orange

Answer 202

Answer: E

Question 203

A regional bank manager asks you to help with an urgent network problem. Because of
a sudden and severe network performance decline, the manager worries that the bank’s
network might be suffering a DoS attack. Viewing which of the following types of
network documentation would probably give you the quickest insight into what’s
causing this problem?
A. Wiring schematic
B. Firewall log
C. Logical network diagram
D. The main file server’s system log
E. Physical network diagram

Answer 203

Answer: B

Question 204

You have connected to your bank’s home page. Its URL begins with “https://.” Based on
this information, what type of security can you assume the bank employs for receiving
and transmitting data to and from its Web server?
A. Kerberos
B. SSL
C. IPsec
D. L2TP
E. Packet-filtering firewall

Answer 204

Answer: B

Question 205

What is the function of protocols and services at the Network layer of the OSI model?
A. To manage the flow of communications over a channel
B. To add segmentation and assembly information
C. To encode and encrypt data
D. To add logical addresses and properly route data
E. To apply electrical pulses to the wire

Answer 205

Answer: D

Question 206

Which of the following utilities could you use to log on to a UNIX host? 
A. NTP 
B. ARP 
C. Ping 
D. SSH 
E. SNMP

Answer 206

Answer: D

Question 207

While attempting to load a video to YouTube.com, the operation freezes and the upload
fails. Which characteristic of the connection is being affected?
A. Signaling
B. Signal-to-noise ratio
C. Throughput
D. Goodput
E. Attenuation

Answer 207

Answer: D

Question 208

As a networking professional, you might use a multimeter to do which of the following?
(Choose all that apply.)
A. Determine where the patch cable for a specific server terminates on the patch panel
B. Verify that the amount of resistance presented by terminators on coaxial cable networks is
appropriate
C. Check for the presence of noise on a wire (by detecting extraneous voltage)
D. Confirm that a fiber-optic cable can transmit signals from one node to another
E. Validate the processing capabilities of a new router

Answer 208

Answer: B, C

Question 209

A virtual switch includes several virtual ports, each of which can be considered a: 
A. Virtual repeater 
B. Virtual router 
C. Virtual gateway 
D. Virtual hub 
E. Virtual bridge

Answer 209

Answer: E

Question 210

What is the default subnet mask for the following IP address: 154.13.44.87? 
A. 255.255.255.255 
B. 255.255.255.0 
C. 255.255.0.0 
D. 255.0.0.0 
E. 0.0.0.0

Answer 210

Answer: C

Question 211

Which of the following diagrams illustrates a SONET network? 
A. [Insert Figure D-Q59A here]
B. [Insert Figure D-Q59B here]
C. [Insert Figure D-Q59C here]
D. [Insert Figure D-Q59D here]
E. [Insert Figure D-Q59E here]

Answer 211

Answer: B

Question 212

How do most modern FTP servers prevent FTP bounce attacks?
A. They will not issue data to hosts other than the client that originated the request.
B. They will deny requests to ports 21 or 22.
C. They will not allow anonymous logons.
D. They require clients to communicate using SSH.
E. They maintain an access list to determine which clients are legitimate.

Answer 212

Answer: A

Question 213

At what layer of the TCP/IP model is routing information interpreted? 
A. Physical layer 
B. Data Link layer 
C. Network layer 
D. Application layer 
E. Transport layer

Answer 213

Answer: C

Question 214

You work for a soft drink company where the temperature of the sodas must be
monitored before the drinks are bottled. What device does this industrial network
require that can detect this information but is not capable of adjusting the thermostat
of the food processing equipment in reaction to temperature changes?
A. PLC
B. MTU
C. RTU
D. Actuator
E. HMI

Answer 214

Answer: A

Question 215

You have been asked to help improve network performance on a store’s small office
network, which relies on two switches, two access points, and a router to connect its 18
employees to the Internet and other store locations. You decide to determine what type
of traffic the network currently handles. In particular, you’re interested in the volume
of unnecessary broadcast traffic that might be bogging down shared segments. Which
of the following tools will help you identify the percentage of traffic that comprises
broadcasts?
A. Butt set
B. OTDR
C. Protocol analyzer
D. Multimeter
E. Cable tester

Answer 215

Answer: C

Question 216

A colleague calls you for help with his home office Internet connection. He is using an
802.11n access point/router connected to a DSL modem. The access point/router’s
private IP address is 192.168.1.1 and it has been assigned an Internet routable IP
address of 76.83.124.35. Your friend cannot connect to any resources on the Internet
using his new Windows workstation. You ask him to run the ipconfig command and
read the results to you. He says his workstation’s IP address is 192.168.1.3, the subnet
mask is 255.255.255.0, and the default gateway address is 192.168.1.10. What do you
advise him to do next?
A. Display his DNS information.
B. Change his gateway address.
C. Change his subnet mask.
D. Try pinging the loopback address.
E. Use the tracert command to contact the access point/router.

Answer 216

Answer: B

Question 217

You are setting up a new Windows 8.1 client to connect with your LAN, which relies on
DHCP. You made certain that the client has the TCP/IP protocol installed and is bound
to its NIC. Which of the following must you do next to ensure that the client obtains
correct TCP/IP information via DHCP?
A. Make certain the client’s computer name and host name are identical.
B. Enter the client’s MAC address in the DHCP server’s ARP table.
C. Make sure the Client for Microsoft Networks service is bound to the client’s NIC.
D. Enter the DHCP server address in the Windows 8.1 TCP/IP configuration.
E. Nothing; in Windows 8.1, the DHCP option is selected by default, and the client will obtain IP
addressing information upon connecting to the network.

Answer 217

Answer: E

Question 218

Which OSI layer(s) operate differently in wired versus wireless network connections? 
A. Layers 5, 6, and 7 
B. Layers 1, 2, and 3 
C. Layer 1 
D. Layer 2 
E. Layers 1 and 2

Answer 218

Answer: E

Question 219

Which of the following devices separates broadcast domains? 
A. Hub 
B. Switch 
C. Bridge 
D. Repeater 
E. Router

Answer 219

Answer: E

Question 220

Which one of the following media is most resistant to EMI? 
A. Coaxial cable 
B. UTP cable 
C. STP cable 
D. Fiber-optic cable 
E. Microwave

Answer 220

Answer: D

Question 221

In the following figure, if router B suffers a failure, how will this failure affect nodes 1
through 9?
[Insert Figure D-Q69 here]
A. They will only be unable to access the Internet.
B. They will be unable to access the Internet and either nodes 10 through 14 or 15 through 20.
C. They will be unable to access the Internet, and all other nodes on the LAN.
D. They will be unable to access the Internet and nodes 10 through 20.
E. Their connectivity will not be affected.

Answer 221

Answer: D

Question 222

Which of the following routing protocols has the poorest convergence time? 
A. RIP 
B. EIGRP 
C. OSPF 
D. BGP 
E. IGRP

Answer 222

Answer: A

Question 223

Which of the following ports would be used during a domain name lookup? 
A. 22 
B. 23 
C. 53 
D. 110 
E. 443

Answer 223

Answer: C

Question 224

Suppose you have created six subnets on your network, which leases a group of Class C 
IPv4 addresses. What subnet mask must you specify in your clients’ configurations to 
adhere to your subnetting scheme? 
A. 255.255.255.6 
B. 255.255.255.128 
C. 255.255.255.192 
D. 255.255.255.224 
E. 255.255.255.0

Answer 224

Answer: D

Question 225

Which of the following protocols encapsulates data for transmission over VPNs? 
A. CHAP 
B. SNMP 
C. L2TP 
D. SFTP 
E. MPLS

Answer 225

Answer: C

Question 226

You are configuring a DHCP server. Which of the following variables refers to the range
of IP addresses that you will make available to all nodes on a segment?
A. Scope
B. Lease
C. Zone
D. Prefix
E. Period

Answer 226

Answer: A

Question 227

Which of the following wireless networking standards can reliably transmit data the 
farthest? 
A. LTE 
B. WiMAX 
C. 802.11b 
D. 802.11c 
E. 802.11n

Answer 227

Answer: A

Question 228

How does STP (Spanning Tree Protocol) prevent or stop broadcast storms?
A. It examines the source IP address field in each broadcast packet and temporarily blocks traffic
from that address.
B. It enables routers to choose one set of best paths and ensures that alternate paths are used
only when the best paths are obstructed.
C. It enables switches to calculate paths that avoid potential loops and artificially blocks the links
that would complete a loop.
D. It enables firewalls to keep access lists that name hosts known for high-volume broadcast traffic
and block those hosts from transmitting to the network.
E. It helps routers define the boundaries of a broadcast domain.

Answer 228

Answer: C

Question 229

Which of the following standards describes a security technique, often used on wireless
networks, in which a port is prevented from receiving traffic until the transmitter’s
credentials are verified by an authentication server?
A. EAPoL
B. SSH
C. SSL
D. Kerberos
E. MS-CHAP

Answer 229

Answer: A

Question 230

If a Windows workstation is configured to use DHCP, but cannot find a DHCP server, it 
will assign itself an address and subnet mask. Which of the following IPv4 addresses 
might it assign itself? 
A. 129.0.0.1 
B. 255.255.255.255 
C. 123.45.67.89 
D. 169.254.1.120 
E. 987.65.432.1

Answer 230

Answer: D

Question 231

Suppose your Windows laptop’s wireless network adapter is configured to use the
802.11n wireless networking standard. Also, suppose a café you visit has an 802.11ac
access point. Assuming you have the correct SSID and logon credentials, what will
happen when you attempt to associate with the café’s wireless network?
A. Your wireless networking client will be able to see the access point, but will be unable to
associate with it.
B. Your wireless networking client will not be able to see the access point.
C. Your wireless networking client will be able to see the access point and attempt to associate
with it, but the incompatible frequencies will prevent successful authentication.
D. Your wireless networking client will be able to see the access point and attempt to associate
with it, but the incompatible security techniques will prevent successful authentication.
E. Your wireless networking client will be able to see the access point and successfully associate
with it.

Answer 231

Answer: E

Question 232

Routers use IGMP to:
A. Identify nodes belonging to a multicast group
B. Communicate with other routers about the best path between nodes
C. Reserve bandwidth for priority transmissions, ensuring high QoS
D. Filter out potentially harmful packets
E. Predict the expected round-trip time of a packet over a WAN

Answer 232

Answer: A

Question 233

A virtual PBX would provide your organization with which of the following services? 
A. Data storage in the cloud 
B. VoIP call connection 
C. Expedited Internet routing 
D. QoS guarantees for video streaming 
E. Load balancing for WAN connections

Answer 233

Answer: B

Question 234

You work for a large fashion design firm. Because of a recent TV promotion, your
company has received national recognition. At the same time, your WAN has received
more security threats. To help fend off these threats, you decide to implement an
IPS/IDS. Following is a simplified network diagram that represents your private
network and its public network connection. Where on this diagram would you place the
IPS/IDS device?
[Insert Figure D-Q82 here]

Answer 234

Answer: E

Question 235

An implementation of multiple 5-GHz APs that talk to each other in order to obtain
802.11n-type speeds is accomplished with what unofficial wireless standard?
A. 802.11a-ht
B. 802.11g-ht
C. 802.11ac
D. Super G
E. 802.11i

Answer 235

Answer: A

Question 236

A user watching a YouTube video over the Internet is an example of what type of 
communication? 
A. Unicast 
B. Multicast 
C. Broadcast 
D. Point-to-multipoint 
E. Multipoint-to-point

Answer 236

Answer: A

Question 237

You are configuring a connection between two backbone switches, and you want to
make sure the connection doesn’t fail or become overwhelmed by heavy traffic. Which
of the following techniques would help you achieve both aims?
A. Round-robin DNS
B. CARP
C. Clustering
D. Trunking
E. NIC teaming

Answer 237

Answer: E

Question 238

Using RIPv2, what is the maximum number of hops a packet can take between its 
source and its destination? 
A. 3 
B. 5 
C. 10 
D. 15 
E. 18

Answer 238

Answer: D

Question 239

Which of the following QoS techniques enables packet-switched technologies to travel
over traditionally circuit-switched connections?
A. ATM
B. SONET
C. MPLS
D. Frame relay
E. Clustering

Answer 239

Answer: C

Question 240

What kind of management does SSH provide for a switch? 
A. Remote configuration 
B. Management console 
C. In-band management 
D. Virtual terminal 
E. KVM

Answer 240

Answer: C

Question 241

How many bits are in an IPv6 address? 
A. 16 
B. 32 
C. 64 
D. 128 
E. 256

Answer 241

Answer: D

Question 242

Which of the following makes use of channel bonding to maximize throughput? 
A. Bluetooth 
B. Satellite 
C. 802.11g 
D. 802.11n 
E. WiMAX

Answer 242

Answer: D

Question 243

The following graph, which represents traffic activity for an ISP’s client, indicates that 
the ISP is utilizing what traffic-shaping technique? 
[Insert Figure D-Q91 here] 
A. Traffic policing 
B. Caching 
C. Load balancing 
D. Access list controls 
E. Fault tolerance

Answer 243

Answer: A

Question 244

Your organization is reassessing its WAN connections to determine how much more
bandwidth it will need to purchase in the next five years. As a network administrator,
which of the following data can you share that will help management make the right
decision?
A. Wiring schematic
B. Logical network diagram
C. Syslogs
D. Baselines
E. Physical network diagram

Answer 244

Answer: D

Question 245

If an organization follows structured cabling standards, where would its demarc be 
located? 
A. Entrance facility 
B. Work area 
C. IDF 
D. Cross-connect facility 
E. Backbone

Answer 245

Answer: A

Question 246

You are helping to troubleshoot a recurring problem related to obtaining and keeping a
DHCP-distributed IP address on a colleague’s Windows 7 workstation. What
application would allow you to configure the workstation to tally these errors and send
you an email message every time such a problem occurred?
A. Network and Internet Connections
B. System Logger
C. PuTTY
D. System Manager
E. Event Viewer

Answer 246

Answer: E

Question 247

You are creating a new Linux server as a virtual machine on your Windows 8.1
workstation. Which of the following commands will tell you the IP address that is
assigned to your virtual server?
A. ipconfig /all at the Windows command prompt
B. ifconfig –a at the Linux server’s shell prompt
C. ethtool –a at the Linux server’s shell prompt
D. ip addr at the Windows command prompt
E. ipconfig –a at the Linux server’s shell prompt

Answer 247

Answer: B

Question 248

In IPv6 addressing, which of the following prefixes indicates that an address belongs to 
a multicast group? 
A. 00FF 
B. 1F3E 
C. FF02 
D. 0001 
E. FEC0

Answer 248

Answer: C

Question 249

Suppose your WAN contains a segment that relies on the l0GBase-EW standard. Which
of the following transmission technologies might it use?
A. SONET
B. Satellite
C. Broadband cable
D. DSL
E. Metro Ethernet

Answer 249

Answer: A

Question 250

The software on a firewall you recently installed on your network examines each
incoming packet. Based on a set of criteria, including source IP address, source and
destination ports, and protocols, it blocks or allows traffic. What type of system is this?
(Choose all that apply.)
A. Content-filtering firewall
B. Stateful firewall
C. Stateless firewall
D. Packet-filtering firewall
E. Application layer firewall

Answer 250

Answer: C, D

Question 251

Ethernet and ATM both specify Data Link layer framing techniques. How do they
differ?
A. Ethernet uses CRC fields to confirm the validity of the frame, whereas ATM uses no error
detection.
B. Ethernet uses variably sized packets, whereas ATM uses fixed-sized cells.
C. Ethernet uses synchronous transmission, whereas ATM uses asynchronous transmission.
D. Ethernet uses frame headers, whereas ATM does not.
E. Ethernet offers no guarantee of timely delivery, whereas ATM ensures that packets are
delivered within 10 ms.

Answer 251

Answer: B

Question 252

What STP configuration ensures that a laptop connected to a switch cannot alter the 
STP paths on the network? 
A. BPDU filter 
B. BPDU guard 
C. Root bridge 
D. BID 
E. Designated port

Answer 252

Answer: B