ITProTV - NET+ 008 Practice Exam: Baseline #1 Flashcards by Roy Keck

** Which WAN technology offers the highest potential bandwidth?

Frame Relay
T3
E3
FDDI
OC-3

OC-3

Explanation:
SONET WAN Technologies
- Frame Relay up to 1.544 Mbps
- OC-1 speeds up to 51.84 Mbps
- OC-3 speeds up to 155.52 Mbps
- OC-12 speeds up to 622.08 Mbps
- ATM speeds up to 622 Mbps

How well did you know this?

Not at all

Perfectly

** While troubleshooting a network outage on a 10GBase-SW network, a technician finds a 500-meter fiber cable with a small service loop and suspects it might be the cause of the outage. Which of the following is MOST likely the issue?

bend radius exceeded
maximum cable length exceeded
dirty connectors
RF interference caused by impedance mismatch

maximum cable length exceeded

Explanation:
10GBase-SW max cable length is 300 meters.

Bend Radius Exceeded - could be the problem if the max cable length wasn’t exceeded already. Remember, fiber-optic cable has max distances depending on the type of cable used and thet ype of network being implemented.

attenuation/DB loss - is reduction in power of the light signal as it is transmitted.
SFP/GBIC cable mismatch - occurs when you use the wrong cable type.
Bad SFP/GBIC cable or transceiver - occurs when you need to replace the component that is bad.
Wavelength mismatch - multimode fiber is designed to operate at 850 and 1300 nm while singlemode fiber is optimized for 1310 and 1550nm. If the wrong wavelength is implemented or a device is added to the network that operates at the wrong wavelength, signal loss will occur.
Fiber type mismatch - if you seu different types of fiber cable on the same network, you will get DB loss.
Connector mismatch - using the wrong connectors on your network, devices will be unable to communicate.

How well did you know this?

Not at all

Perfectly

** Your network uses a single switch that divides your network into 3 virtual LANs (VLANs). The devices in each VLAN are connected to a single port on the switch. You plan to implement a second switch on your Network. You need to ensure that the VLANs that were originally implemented are spread across both switches. What should you do?

create a subnet-based VLAN on both switches.
implement frame tagging on both switches.
create a protocol-based VLAN on both switches.
Create a port-based VLAN on both switches.

implement frame tagging on both switches

Explanation:
Frame Tagging is a technique that adds a small ehader to the frame as it is passed between devices in order to maintain the original VLAN broadcast domain. In normal Ethernet, there is NO Tagging. Tagging is implemented only when Trunking VLANs between devices is involved. If you have only one switch, untagged VLAN is just fine. If you have two or more switches and you want all the VLANs to talk with each other, they will need the same TAG.

How well did you know this?

Not at all

Perfectly

Which one of these requires a user complete an action, such as digitally signing an AUP, prior to accessing the Network?

Captive Portal
Access Control List
MAC Filter
Port Security

Captive Portal

Explanation:
Captive Portals - are Web Pages, typically used in public Networks, where users must complete some action before they are granted access to the Network. Captive Portals are commonly seen in coffee shops, hotels, airports, and the user often has to accept an acceptable use policy (AUP) before they can connect to the internet.

Port Security - Allows a Network administrator to only allow a specific MAC Address (or group of MAC Addresses) on a Switch port.

MAC Filtering - Basically does the same thing as Port Security, but Port Filtering works on Switches where MAC Filtering works on Routers. Accomplished by granting or denying Network access to a list of MAC Addresses. The List of MAC Addresses for which you are either granting or denying access to is stored in an Access Control List (ACL)

ACLs - compare the entity that is requesting access to a Network resource against a list of valid entities. Access is granted or denied based on the access configured for that entity. Simply put, ACLs identify which users have access to a given object, such as a drive, a file, or a directory.

How well did you know this?

Not at all

Perfectly

Your company has decided to implement an Acceptable Use Policy (AUP) that must be distributed to all users. You have been asked to write the preliminary policy to submit your management approval. What is defined in this policy?

which method administrators should use to back up Network data
how users are allowed to employ company hardware
the sensitivity of company data
which users require access to certain company data

how users are allowed to employ company hardware

How well did you know this?

Not at all

Perfectly

Your company has a corporate-wide Windows Server network using the TCP/IP protocol. Several users are complaining that their computers are getting IP address conflics. Which action should you perform?

Implement a DHCP Server
Increase the TCP window size
Change the MAC Address for each Network interface card
Manually configure IP Addresses on each computer

Implement a DHCP server

How well did you know this?

Not at all

Perfectly

One of your branch offices is located on two non-adjacent floors in an office building. You have been given permission to route a communications link between the two floors using existing conduit in the building’s elevator shaft. Your current cabling plan calls for TP wiring on each of the two floors, but the distance between them is more than 90 meters. You need to interconnect the two floors using fiber optic cable in the cheapest manner possible. Which of the following should you deploy between the wiring centers on each floor?

Media Converters
Firewalls
Modems
Hubs
Routers
Switches

Media Converters

How well did you know this?

Not at all

Perfectly

You support multiple wireless networks. You need to ensure that the protocols used offer the appropriate level of security. Match the descriptions on the left with the Wireless Encryption Protocols on the right?

Descriptions:
Uses a 256-bit Preshared Key
Requires RADIUS Server
Uses a 40-bit or 104-bit Key

Answers:
WEP
WPA/WPA2 Personal
WPA/WPA2 Enterprise

WEP = Uses a 40-bit or 104-bit Key
WPA/WPA2 Personal = Uses a 256-bit pre-shared Key
WPA/WPA2 Enterprise = Requires a RADIUS Server

How well did you know this?

Not at all

Perfectly

You are designing a SOHO Network for your company. You want to use the Ethernet standard that supports a data transmission rate of 1 Gbps over copper cable. Which Ethernet standard should you use on the Network?

10Base-T
1000BaseCX
1000BaseSX
100Base-FX

1000BaseCX

How well did you know this?

Not at all

Perfectly

You need to increase the arena that is covered by your Wireless Network to include another building. You decide to use a signal bounce. All of the following could help with this issue EXCEPT?

repeaters
encryption
reflectors
channel bonding

encryption

How well did you know this?

Not at all

Perfectly

Management has stipulated that you must use unshielded twisted-pair category consists of four twisted pairs of copper wire that is certified for transmission rates up to 100 Mbps for the new guest network you are setting up. Which cabling category should you use?

CAT 2
CAT 1
CAT 4
CAT 5
CAT 3

CAT 5

Explanation:
Transmission Rates
CAT 1 = 4 Mbps, 2 Twisted Pairs
CAT 2 = 4 Mbps
CAT 3 = 10 Mbps
CAT 4 = 16 Mbps
CAT 5 = 100 Mbps
CAT 5e = 1000 Mbps (1 Gbps)
CAT 6 = 1000 Mbps
CAT 6a = 10 Gbps
CAT 7 = 10 Gbps
CAT 8 = 40 Gbps

How well did you know this?

Not at all

Perfectly

Protocols:
POP3
HTTPS
FTP
IMAP
RDP

Answers:
Port 3389
Port 110
Port 21
Port 143
Port 443

POP3 = 110
HTTPS = 443
FTP = 21
IMAP = 143
RDP = 3389

How well did you know this?

Not at all

Perfectly

To improve security, you change your Web server named Web1 to the HTTPS protocol. Shortly after implementing the change, users report that they cannot access any Web sites hosted on Web1 by using their fully qualified domain names (FQDN). However, they can access other websites that are hosted on other Web Servers by using their FQDN. What is causing the problem?

HTTPs is not a supported protocol.
The local area network (LAN) is down.
The DNS Server is down.
The new Web address starts with https instead of http.

The new Web address starts with https instead of http.

How well did you know this?

Not at all

Perfectly

A Network admin use wants the Network can accept an MTU value above 1500. Which of the following should he configure?

UTM appliance
Jumbo Frame
Virtual Router
FCoE

Jumbo Frame

How well did you know this?

Not at all

Perfectly

What is a physical barrier that acts as the first line of defense against an intruder?

a lock
a turnstile
an access control vestibule
a fence

a fence

How well did you know this?

Not at all

Perfectly

You use HTTPS to secure your e-commerce website. You suspect an external breach has occurred. What should you do to enhance transaction security?

Hashing files
Generating new keys
Avoiding common passwords
disabling IP ports

Generating new keys

How well did you know this?

Not at all

Perfectly

Your organization needs to perform a risk assessment for their ISP. Which specific type of assessment should you complete?

Vulnerability Assessment
Process Assessment
Vendor Assessment
Posture Assessment

Vendor Assessment

How well did you know this?

Not at all

Perfectly

Which TCP Port is the Well-Known Port assigned to SSL?

119
80
443
20

443

How well did you know this?

Not at all

Perfectly

Your company has implemented a Firewall that only examines the packet header information. Which type of Firewall is this an example of?

application-level proxy firewall
kernel proxy firewall
stateful firewall
packet-filtering firewall

packet-filtering firewall

How well did you know this?

Not at all

Perfectly

You need to implement Spanning Tree Protocol (STP) to prevent Network Loops when more than one path can be used. Which two devices could you deploy? (Choose Two)

Switches
Routers
Bridges
Hubs

Switches

Bridges

How well did you know this?

Not at all

Perfectly

Your company wants to use the Private Class B Network designation of 172.17.0.0/20. You have been asked to divide it up into six subnets. Two subnets should have 512 nodes and four more subnets have 256 nodes already established. While a total of 2,048 IP addresses are needed, the design should leave some room for growth in each subnet.
What is the correct way to subnet this network?

Allocate two networks with /22 masks, and the remaining four with /23 masks.
Allocate two networks with /20 masks, and the remaining four with /22 masks.
Allocate two networks with /21 masks, and the remaining four with /22 masks.
Allocate two networks with /24 masks, and the remaining four with /25 masks.
Allocate two networks with /23 masks, and the remaining four with /24 masks.

Allocate two networks with /22 masks, and the remaining four with /23 masks.

How well did you know this?

Not at all

Perfectly

Which of these devices functions works at Layer 7?

VoIP Gateway
Content Filter
NGFW
VoIP PBX

NGFW (Next Generation Firewall)

Explanation:
Layer 7 = Application Layer

How well did you know this?

Not at all

Perfectly

Which of the following would be used to help defend against a Man-in-the-Middle Attack?

Flood Guard
DHCP Snooping
Root Guard
BPDU Guard

DHCP Snooping

How well did you know this?

Not at all

Perfectly

Your organization has implemented Kerberos 5 to authenticate its users. A member of management has asked you to explain ticket granting in Kerberos 5. You want to explain all the components of Kerberos to this member of management. Which entity is a ticket that is granted to a client after a client is Authenticated?

AS
KDC
TG S
TGT

TGT (Ticket-Granting Ticket)

Explanation:
AS = Authentication Server
KDC = Key Distribution Center
TGS = Ticket Granting Server

How well did you know this?

Not at all

Perfectly

A company procedure calls for using the IPv4 and IPv6 Loopback addresses as part of the troubleshooting process. Which of the following explanations best represents the purpose of this tool? To provide an IP address for testing the local IP stack through the Network interface. To provide an IP address that is always available even in the absence of a Network. To provide an IP address to check interface drivers and hardware. To provide an IP address for testing the local IP stack without a physical Network connection. To provide an IP address to determine minimum round-trip performance for packets.

To provide an IP address for testing the local IP stack without a physical Network connection.

You are using DSL to connect to the Internet. You recently setup Firewall software to protect your computer's resources from external users. After setting up the Firewall software, you can no longer access Websites by name. What is the problem? You do not have a static IP address. Your DHCP scope is exhausted. You have a DHCP server on the Network. Your firewall software is blocking port 53. Your firewall software is blocking port 25.

Your firewall software is blocking port 53. Explanation: Port 53 is DNS (Domain Name System) which translates Frequently Qualified Domain Names (FQDN) to IP Addresses.

You administer your company's 100Base-TX Ethernet Network. TCP/IP is the Networking protocol used on the Network. You want the routers on the network to send you notices when they have exceeded specified performance thresholds. Which protocol should you use to enable the routers to send the notices? Telnet SMTP SNMP ARP

SNMP (Simple Network Management Protocol)

You need to assign a virtual IP address to an internet server. What are valid reasons for doing so? (Choose ALL that Apply) To permit multiple servers to share the same address. To prevent generic addresses for immediate access To permit the same address to access multiple domain names To permit a single network interface to service multiple incoming service requests To eliminate host dependencies on specific, individual network interfaces

To permit multiple servers to share the same address To permit the same address to access multiple domain names To eliminate host dependencies on specific, individual network interfaces.

You manage a network for your organization. The network contains one DNS server and three routers. You are setting up a new DHCP server. You configure separate scopes for each subnet on your Network. The routers are configured to forward DHCP requests. You need to ensure that DHCP clients receive the appropriate settings using the least administrative effort. What else should you do? (Choose ALL that Apply) Configure the DNS server as a scope option for each scope Configure the DNS server as a server option Configure each router as a scope option for its appropriate scope Configure each router as a server option

Configure the DNS server as a server option | Configure each router as a scope option for its appropriate scope

You just installed a replacement switch that was moved from one part of the network to a new location. After all the patch cables are reconnected, some users cannot communicate via email. What is the most likely issue? Network connection LED status indicators VLAN mismatch Bad Port Attenuation

VLAN mismatch

Which wireless topology only requires one access point to be physically connected to the wired network, while still offering maximum flexibility and redundancy? Bluetooth Mesh Ad Hoc Infrastructure

Mesh

Which device or feature provides a bridge between the physical environment and the virtual environment? Virtual router Hypervisor Virtual NIC Virtual Firewall

Virtual NIC (Network Interface Card)

You have been called to troubleshoot a workstation problem in the oldest building on your company's corporate campus. The network workstations in the building are unreliable. When the room lights are on, connectivity is lost, but when the room lights are off, the network is functional. Upon arrival, you quickly survey the work environment. You observe the following conditions: - Lighting consists mainly of fluorescent lights. - Temperature is 65 degrees Fahrenheit (18 degrees Celsius) - Humidity is 75% - Employees own space heaters, but they are not using them. - Electrical outlets appear outdated. What is most likely causing the loss of connectivity? Fluorescent lighting in the room Defective network hubs low temperature voltage fluctuation in the outlets

Fluorescent lighting in the room

Your company is located in Atlanta, GA. Management has decided to deploy multiple 802.11b WLANs. You are concerned that there are not enough non-overlapping channels to support the number of access points that you need to deploy. How many non-overlapping channels are supported in this deployment? five eleven three eight

three

Your company uses a single global IP address that maps to the company's local IP addresses. When requests are sent from the internal network to destinations outside the company, those requests are mapped from the IP address of the local host that made the request to the global IP address. What term describes this process? Network Address Translation (NAT) Network File System (NFS) Network Access Point (NAP) Network Access Server (NAS)

Network Address Translation (NAT)

A user reports that she cannot print from her computer. You also notice that they are unable to reach a suppliers web site. The operating system is Windows 8.1. Which command should you start with to help with your diagnosis? route ping nmap dig

ping

Which of these devices can perform router functions? IDS Proxy Server Wireless Controller Multi-Layer Switch

Multi-Layer Switch

You are a system admin. A user calls you complaining that every time she tries to log onto the network, she gets an error message. Other users are not having any problems. Which question is best to ask first when attempting to troubleshoot the problem? Which error message do you receive? Have you rebooted your computer? How much memory is installed in your computer? What is your username and password?

Which error message do you receive?

Users are unable to log in to the network. When you examine the authentication server, you see that CPU usage is almost 100%. What is most likely the issue? expired IP address incorrect gateway unresponsive service names not resolving

unresponsive service

You are the network admin for a healthcare organization. Recently several federal and state government laws have been enacted which will affect network operations. Which change management documentation should record this information? baselines regulations policies procedures

regulations

You are installing the wiring for a small office. You want to connect the fifty computers in the office to the Switch. The CAT6 cables that you plan to use have RJ-45 connectors on both ends. Which component should you use? 110 Block demarcation extension 66 block Patch panel

Patch panel

You need to deploy a fiber distribution panel for datacenter, remote office, or local area networking use. Which of the following features are NOT important for such uses? (Choose ALL that Apply) ``` Support for SFP+ Cable storage Cable termination Support for GBIC connectors bulkhead adapters and receptacles cable splices ```

Support for SFP+ Support for GBIC Connectors Explanation: Fiber distribution panel does not need support for SFP+ and for GBIC connectors. GBIC connectors are used for end-point termination at a device interface of some kind. They are neither typically used nor necessary on a fiber distribution panel. SFP+ stands for the enhanced, or plus, version of the Small Form-Factor (Hot) pluggable or (SFP) fiber optic connector. SFP+ connectors are used for endpoint connections and not in FDPs which do not need optical-to-digital or digital-to-optical conversion.

You administer a LAN. You want to encrypt TCP/IP communications on the LAN. The protocol that you use for encryption should be able to encrypt entire data packets, and the protocol should be able to operate in both tunnel mode and transport mode. Which protocol should you use to encrypt data on the Network? Kerberos IPX L2TP IPSec

IPSec (Internet Protocol Security)

You are a desktop admin for Nutex Corporation. Your org uses Ethernet cable to connect network resources. A user reports that he is unable to access network resources on his portable computer. The portable computer is connected to the company's network using an Ethernet cable. When you test the cable using a time domain reflectometer (TDR) the signal returns too soon. What should you do? reinstall the network adapter re-route the network cable replace the network adapter replace the network cable

replace the network cable

What is the main purpose of a VPN concentrator? to resolve host names and IP addresses to manage internet requests and cache web content to terminate the VPN tunnels to provide dynamic IP addresses

to terminate the VPN tunnels

A TOOL - used to identify and trace Wires? ``` Cable Certifier Cable Tester Multimeter OTDR Protocol Analyzer TDR Tone Generator/Probe ```

Tone Generator/Probe

A TOOL - used to test voltage, current, and resistance? ``` Cable Certifier Cable Tester Multimeter OTDR Protocol Analyzer TDR Tone Generator/Probe ```

Multimeter

A TOOL - used to check UTP/STP cable resistance levels and locate cable faults? ``` Cable Certifier Cable Tester Multimeter OTDR Protocol Analyzer TDR Tone Generator/Probe ```

TDR (Time Domain Reflectometer)

A TOOL - used to collect Network cable test data and print certification reports? ``` Cable Certifier Cable Tester Multimeter OTDR Protocol Analyzer TDR Tone Generator/Probe ```

Cable Certifier

A TOOL - used to capture and analyze data that is sent over a Network? ``` Cable Certifier Cable Tester Multimeter OTDR Protocol Analyzer TDR Tone Generator/Probe ```

Protocol Analyzer

A TOOL - used to check Fiber cable resistance levels and locate cable faults? ``` Cable Certifier Cable Tester Multimeter OTDR Protocol Analyzer TDR Tone Generator/Probe ```

OTDR (Optical Time Domain Reflectometer)

A TOOL - used to test cable resistance levels, but does not locate faults? ``` Cable Certifier Cable Tester Multimeter OTDR Protocol Analyzer TDR Tone Generator/Probe ```

Cable Tester

You need to check for open circuits and short circuits on your network. Which tool should you use? Toner Probe Butt Set Protocol Analyzer Cable Tester

Cable Tester

Which of the following computing technologies is most likely to fall under the US Government's export administration regulations designed to protect the sale or transfer of commodities, technology, information, or software considered of strategic importance to the US? file compression techniques deduplication software encryption tools web page design tools

encryption tools

You are examining the packet captured on your network. You notice some communication between your Cisco router and someone from outside your network. The packets indicate that the communication is occurring over TCP port 23. Which protocol is being used? FTP Telnet SSH TFTP

Telnet

Which social engineering attack is typically considered the most dangerous? social engineering physical penetration trojan horse dumpster diving

physical penetration

You have recently discovered that your company is not maintaining system logs as per the adopted company procedures. You need to decide if the company procedures should be modified, or if the system logs should be maintained as per the procedures. Which statement is an accurate reason for following the company procedures? Logging helps an administrator to detect security breaches and vulnerable points in a network. Logging provides audit trails, but increases the risk for security violations. Logging provides access control by authenticating user credentails. Logging prevents security violations, but only deals with passive monitoring.

Logging helps an administrator to detect security breaches and vulnerable points in a network.

Your company is considering converting to the use of IPv6 addresses. What are the three types of internet protocol version 6 (IPv6) addresses? (Choose Three) ``` Unicast Anycast Dual-cast Broadcast Multi-cast ```

Unicast Anycast Multicast

Which of these is NOT associated with data conversion between the ISP and the customer premises equipment? CSU/DSU Demarcation Point Smart Jack ATM

ATM (Asynchronous Transfer Mode)

You install a Network analyzer to capture your network's traffic as part of your company's security policy. Later, you examine the captured packets and discover that the only packets that were captured are from Subnet 1. You need to capture packets from all four subnets on your network. Two routers are used on your network. What could you do? (Choose Two - Each answer is a complete solution.) Install the network analyzer on a router. Install a port scanner Install a distributed network analyzer install the network analyzer on the firewall install the network analyzer on all four subnets

install a distributed network analyzer | install the network analyzer on all four subnets

Your database admin needs accurate timestamping for purchases. Which of the following would you implement? Lease Time NTP SRV CoS

NTP (Network Time Protocol)

You are troubleshooting a Network connectivity problem on a Windows 7 Enterprise computer, and you need to view the MAC address for the NIC installed in the computer. Which command should you use? the ping command the ipconfig /all command the tracert command the arp command

the ipconfig /all command

Your client is experiencing what appears to be a decrease in network throughput. However, the symptoms the client is reporting to you are not detailed enough for your to diagnose the issue and make a recommendation. What will best assist you in pinpointing the bottleneck the next time it occurs? Standard operating procedures/work instructions Network configuration and performance baselines Wiring and port locations Rack diagrams

Network configuration and performance baselines

You have a strong wireless password policy, but users (including management) are complaining about it. Consequently, enforcement is difficult. You need a protocol solution that does not require digital certificates. Which of these choices would help you secure your Network? PEAP EAP-FAST EAP-TLS Geofencing

EAP-FAST (Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling)

You need to solve a traffic problem occurring on a large Ethernet network. Within this large segment, the accounting department is flooding the network with a high volume of data, which causes the entire network to slow down. Which device is a quick and low-cost solution to isolating the accounting department? bridge router gateway repeater

bridge

You have a subnet that contains a computer within the IP address 172.16.5.2/23. You need to send a message to every computer on the network where the computer resides. Which subnet is the IP address a member of, and what is the broadcast address for that subnet? subnet: 172.16.0.0, broadcast: 172.16.7.255 subnet: 172.16.5.0, broadcast: 172.16.5.255 subnet: 172.16.4.0, broadcast: 172.16.5.255 subnet 172.16.2.0, broadcast: 172.16.5.255

subnet: 172.16.4.0, broadcast: 172.16.5.255

You administer a network for your company. You determine that there is a network connectivity problem on one of the computers on the network. You re-create the problem and determine that the problem is located in the NIC. You establish a theory of probable cause. Which step should you take NEXT to troubleshoot the problem? Form a correction plan. Test the Theory Implement a correction plan. Provide feedback to the user of the computer.

Test the Theory.

Which component of a computer use policy should state that the data stored on a company computer is NOT guaranteed to remain confidential? computer ownership no expectation of privacy acceptable use information ownership

no expectation of privacy

During a recent network redesign meeting, one team member suggested that you implement a device that operates at both the Data Link Layer and the Network Layer of the OSI Model. Which device operates at BOTH of these layers? ``` A repeater A brouter A bridge A router A hub ```

A brouter Explanation: A brouter can act as a bridge or a Router. When acting as a bridge, a brouter operates at the Data Link layer, when acting as a Router it operates at the Network Layer.

You have recently added a new Windows 8 computer to your IPv6 Network. Because your network is small, you currently use static IP addressing. You record the IPv6 addresses of the new Windows 8 computer. What is the shortest possible notation of IPv6 addresses as shown below? 2001:0DB8:0000:0001:0000:0000:0000:F00D 2001: DB8::1::F00D 2001: 0DB8:0:1::F00D 2001: DB8:0:1:0:0:0:F00D 2001: DB8:0:1::F00D

2001:DB8:0:1::F00D Explanation: Removing leading zeros. Remove consecutive fields with zeros with double colon (::) The double colon (::) can be used only once.

Your company consists of 75 employees. Your company has entered into a partnership with another company that is located across the country. Your company's users must be able to connect to the partner's network quickly and reliably. Support for voice, data, and imaging transmissions and a dedicated 24-hour link are required. Your solution must be as inexpensive as possible while providing enough bandwidth for your company's employees. What should you implement? ``` ATM POTS FDDI T1 ISDN ```

You have been hired as a network admin. The company's network consists of several subnetworks located in various locations across the southeast United States. You want to deploy switches across the different locations so that you can implement virtual local area networks (VLANs). What is the primary benefit of this implementation? Users are grouped by their geographical locations. Users can be grouped by their work functions, by shared applications or protocols, or by department, regardless of their geographical location. VLANs provide switchless networking using virtual addresses. Users in a single geographical location can be micro-segmented.

Users can be grouped by their work functions, by shared applications or protocols, or by department, regardless of their geographical location.

What well-known port is used to forward email on the Internet between email Servers? 23 110 25 161

25 (SMTP = Simple Mail Transfer Protocol) ``` Explanation: SMTP = Sending/Forwarding Email between Servers POP3 & IMAP = Receiving Email POP3 = 110 IMAP = 143 ```

Which unsecured Protocol do Web Browsers use to access documents on the World Wide Web? IP ARP HTTP FTP

HTTP (Hypertext Transfer Protocol - Port 80)

You have been hired as a contractor to implement a Small Office Home Office (SOHO) Network for a small business. While gathering the requirements and constraints regarding the Network, you decide to implement two subnets on the Network. What are valid reasons for implementing Subnets on an IP Network? (Choose Two) to increase network security to use more than one server on each segment of an IP LAN to reduce congestion by decreasing network traffic to reduce congestion by increasing network media bandwidth to configure a great number of hosts

to increase network security to reduce congestion by decreasing network traffic ``` Explanation: Subnets are used for the following Reasons: - To expand the Network. - To reduce congestion. - To reduce CPU use. - To isolate Network problems. - To improve Security. - To allow combinations of media, because each subnet can support different medium. ```

You are troubleshooting a connectivity problem on an Ethernet Network that contains both NetWare and Windows Servers. A Windows 7 Client cannot connect to the internet or any network resources. However, other computers on the same subnet as the client can access network resources and the internet. You issue the ipconfig command at the workstation and find that the IP Address is 169.254.184.25 and the subnet mask is 255.255.0.0. The IP network and subnet are different from the IP network and subnet that other computers on the same segment are using. What is the most likely problem? the client obtained the IP address from a NetWare server. the client obtained the IP address from a DHCP server it found on the Internet. the client selected the IP address using APIPA. The client obtained the IP address from a Windows Server.

the client selected the IP address using APIPA. (Automatic Private IP Addressing)

The owner of your favorite pastry shop has just installed Free WIFI access for customers. The owner accomplished this task with limited technical skills and without any assistance. After a couple of days in operation, the owner calls to complain that he cannot get into the WIFI router to make an adjustment. First, you have him use the hard reset function built into the router. What action would you recommend that the owner take next? patch and update the router upgrade the firmware change the default credentials generate new keys

change the default credentials

You decide to install an 802.11a wireless network in your company's main building. Which frequency band is used in this network? 2.4 GHz 2.9 GHz 5 GHz 900 MHz

5 GHz Explanation: 802. 11a = 5 GHz / 54 mbps 802. 11b = 2.4 GHz / 11 mbps 802. 11g = 2.4 GHz / 54 mbps 802. 11n = 2.5 & 5 GHz / 100+ mbps 802. 11ac = 5 GHz / up to 1 gbps 802. 11ax = 2.4, 5 GHz, 6 GHz / 10 gbps

Your organization has several VLANs implemented on its network. The VLANs operate across several switches. What do all users on a VLAN have in common? Collision Domain Cable Segment TCP/IP Subnet Broadcast Domain

Broadcast Domain

Your network is experiencing a problem that a tech suspects is concerning a Cisco router. The tech provides you the following command RESULTS: 1 14.0.0.2 4 msec 4 msec 4 msec 2 63.0.0.3 20 msec 16 msec 16 msec 3 33.0.0.4 16 msec * 16 msec What Cisco command produced the results you were given? traceroute tracert extended ping ping

traceroute

You have decided to implement 802.1q. What does this standard do? It implements MAC filtering. It implements STP. It forwards traffic based on priorities. It implements VLAN trunking.

It implements VLAN trunking.

You need to verify a network's transmission speed. Which tool should you use? loopback plug throughput tester connectivity software bit-error rate tester

throughput tester

An administrator would like to integrate DNS and DHCP so that each is aware of changes in the other. Which of the following would be the best method for him to do this? MAC reservations IPAM ARP table DHCP relay

IPAM (IP Address Management)

Which of the following indicates the largest number of bytes allowed in a frame? PDU CSMA/CA MTU CSMA/CD

MTU (Maximum Transmission Unit)

Your company is researching different wireless antennas. Antennas that you research are high-gain antennas. Which statement best describes a property of high-gain antennas? high-gain antennas provide a wide coverage area. high-gain antennas provide a small vertical beamawidth. high-gain antennas are best suited for point-to-multipoint bridging. high-gain antennas avoid multiplath distortion.

high-gain antennas provide a small vertical beamwidth.

You administer a TCP/IP network that is not subnetted. one of the network hosts has the following IP address: 130.250.0.10 What is the network ID of the network you administer? 130. 250.0.0 130. 250.255.255 255. 255.255.255 128. 0.0.0

130.250.0.0

Which type of intrusion detection system (IDS) relies upon a database that contains the identities of possible attacks? signature-based IDS behavior-based IDS network-based IDS anomaly-based IDS

signature-based IDS Explanation: signature-based = relies upon a database that contains the identities of possible attacks. network-based IDS = is attached to the network in a place where it can monitor all network traffic. anomaly-based IDS = detects activities that are unusual. behavior-based IDS = looks for behaviors that is not allowed and acts accordingly.

What should you implement to isolate two of the devices that are located on a storage area network (SAN) fabric containing eight devices? HBA allocation SAN snapshots virtual SAN VLAN

virtual SAN

You have been hired as a consultant for the medium-sized business. As part of your duties, you need to make recommendations on changes to the network. You decide that you want to install agents on the network devices to monitor network traffic and record the behavior of network components. You will then use the statistical data that is gathered to make your recommendations. Which standard should you deploy? SNMP Token Ring x.25 SMTP

SNMP (Simple Network Management Protocol)

You notice that several ping requests have been issued on your network in the past couple of hours. Which protocol responds to these requests? TCP ARP RARP ICMP

ICMP (Internet Control Message Protocol)

A company has an 802.11b wireless network deployed to allow mobile devices to connect to the network. Which frequency band is used in this network? 2.9 GHz 900 MHz 2.4 GHz 5 GHz

2.4 GHz

Which protocol is NOT capable of preventing a man-in-the-middle attack? IPSec RSH SSH HTTPS

RSH (Remote Shelll) Explanation: RSH = Remote Shell, used to log on to remote computers and can be easily exploited by man-in-the-middle attacks.

You need to ensure that the Web Server always receives the same IP address from the DHCP server. What should you do? create a DHCP exclusion create a DHCP reservation create a DHCP scope create a scope option

create a DHCP reservation

You have recently been hired by a small company to assess its network security. You need to determine which TCP/IP ports are open on the network. Which tool should you use? port scanner a wardialer a packet analyzer whois

port scanner

You are troubleshooting a computer that has the IP address of 192.22.14.42. To which network class does the IP belong? ``` Class C Class B Class E Class D Class A ```

Class C Explanation: Class A = 00000000 - 11111110 // 0 - 126 Class B = 10000000 - 10111111 // 128 - 191 Class C = 11000000 - 11011111 // 192 - 223 Class D = 11100000 - 11101111 // 224 - 239 Class E = 11110000 - 11111111 // 240 - 255

Your company wants to allow remote users to access their Windows Network remotely if their network is NOT connected to the Internet. Which of the following should you implement? DHCP SSL PPTP RAS

Remote Access Service (RAS) Explanation: RAS = Is a service provided by Windows that allows Remote Access to the Network via a dial-up connection. Point-to-Point Tunneling Protocol = PPTP is used to allow networks to connect using the INternet as their WAN link. Does not provide remote dial-up access. Secure Sockets Layer (SSL) is a security encryption protocol. Dynamic Host Configuration Protocol is a protocol that allows network administrators to centrally manage and automate the assignment of Internet Addresses in an organization's network. DHCP can automatically assign a new IP address when a computer is plugged into a different location the network. It does not provide remote dial-up access.

Which of the following provides both authentication and authorization using UDP? SSO RADIUS TACACS+ LDAP

Remote Authentication Dial-In User Service (RADIUS) Explanation: RADIUS was originally designed for Dial-Up networking and validates the credentails of a remote user against a stored database. Terminal Access Controller Access Control System Plus (TACACS+) authenticates credentials of a remote user, typically an administrator. Only provides Authentication, not Authorization. Lightweight Directory Access Protocol (LDAP) validates user credentials (typically just username/password) against a database stored in Microsoft Active Directory, Open LDAP, or OpenDJ. LDAP runs over TCP. Single Sign-On (SSO) allows a client to access multiple applications with a single set of credentials. SSO relies on several underlying authentication technologies, and on its own does NOT use UDP or TCP.

Match the Description with the DNS Resource record? ``` DNS Resource Records: A AAAA CNAME MX PTR ``` ``` Description: Maps a host name to an IPv6 Maps a mail server name to a domain Maps an additional host name to an existing host record Maps a host name to an IPv4 address Maps an IP address to a host name ```

``` A = Maps a host name to an IPv4 Address AAAA = Maps a host name to an IPv6 Address CNAME = Maps an additional host name to an existing host record MX = Maps a mail server name to a domain PTR = Maps an IP address to a host name (Reverse) ``` Other: SVR = specifies location data, IE: port numbers for specified services. TXT = provides the ability to associate other services, sometimes your mail service, to your domain SOA = stores important information about the DNS zone for your domain, each zone must have an SOA record

Which system or device detects network intrustion attempts and controls access to the network for the intruders? IPS VPN Firewall IDS

Intrustion Prevention System (IPS) Explanation: IPS = detects and controls access to the network for intruders IDS = Intrusion Detection System only Detects the intrusion and then notifies or logs it.

An employee shows you a Website that publishes the SSIDs and passwords for private Wireless Networks in your area. The information on your company's Wireless network is included. Of which type of attack is this an example of? war chalking WEP cracking evil twin WPA cracking

war chalking Explanation: war chalking = occurs when hackers write SSID and security information on the side of buildings. It has evolved to the point where hackers are now publishing this information on Websites. WEP cracking = is the process of cracking WEP security. WPA cracking = is the process of cracking WPA security. Evil Twin = occurs when a wireless access point that is not under your control is used to perform a hijacking attack. Is a type of Rogue Access Point.

Your organization has responded to a security incident. The breach has been contained, and all systems have been recovered. What should you do LAST as part of the incident response? analysis post-mortem review investigation triage

post-mortem review

You need to implement a wireless network to provide users in an outdoor sitting area with Internet connections. Which signal-absorbing obstructions should be noted when performing a WLAN site survey? trees local telephone lines plastic material microwave ovens

trees

Which DSL technology provides the highest data rate? SDSL VDSL ADSL HDSL

VDSL (Very high data rate Digital Subscriber Line) Explanation: VDSL = provides the highest data rate at 51 to 55 Mbps over 1000 feet/300 meters. ADSL = Asymmetric Digital Subscriber Line HDSL = High bit rate Digital Subscriber Line SDSL = Symmetric Digital Subscriber Line

Which of the following can be manipulated to reduce Network traffic? lower TTL increase lease time MAC reservations NTP

increased lease time Explanation: Lease Time is the amount of time a device maintains the IP address assigned by the DHCP server. Default lease time for Windows is 8 days, but lease times may be adjusted. Increasing Lease Time justification is that every lease must be renewed, and those renewals increase Network Traffic. Increasing the duration of the lease reduces the amount of Network traffic required for lease renewal. MAC Reservations allow you to permanently assign an IP address to the MAC address of a specific device. TTL = Time to Live specifies the length of time that a DNS Name server must cache the name. By default, the TTL is 60 minutes, but it may be modified in the DNS management console. Longer TTLs are best for more permanent records such as MX Records and others. Lower TTL would mean additional network traffic. ``` NTP = Network Time Protocol is used to synchronize clocks of computers and network devices on the Network. NTP has 3 major elements 1. Stratum/Clientstratum 2. Clients 3. Serverservers ```

Your company's WAN connects Networks in New York, Atlanta, Dallas, and Boston. Each city is directly connected to every other city. Which physical topology is used for this WAN? Star Mesh Ring Bus

Mesh Explanation: Bus = All computers are connected to a Single Cable Star = Each computer is connected to a Central Point Ring = Each computer is connected to two other computers. Mesh = Each computer is connected to every other computer (Point-to-Point Connections)

Which option is a Critical Metric in preventitive maintenance that would allow you to schedule the replacement of a component at a convenient time, as opposed to waiting for the component to fail at an inopportune time? SLA Requirements Load Balancer MTTR MTBF

MTBF (Mean Time Between Failures) Explanation: MTBF = is the average, or mean, time between failures on a device or system. It is an expression of reliability. Generally speaking, it is the average length of time that something will work before it is likely to fail. Good preventive maintenance policies would replace a device, such as a power supply as the time in service approaches MTBF. MTTR = Mean Time to Revoer is the average, or mean time that it takes to Recover or Restore a system. Can be applied in terms of Backups, or also applied to full system failures, hardware failures. SLA = Service Level Agreements requirements determine what the vendor who provides technology services is obligated to provide to the customer. Load Balancer = can be used to divert incoming web traffic based on content, to specific servers to reduce workload of the primary server. ``` RTO = Recovery Time Objective, refers to the concept of the amount of time in which a business processes and applications must be restored to prevent a defined amount of impact after an outage. RPO = Recovery Point Objective refers to a maximum tolerable period that data can be considered LOST after an incident. ```

An employee has just relocated to the New York Office, after working in Paris for the past five years. Both offices use DHCP to issue IP addresses. She brought her company laptop with her. The laptop was issued in Paris. As she is settling in to the new office, she is not able to connect to the Network. What is most likely the cause of her problem? Duplicate MAC Address Untrusted SSL Certificate Hardware Failure Expired IP Address

Duplicate MAC Address Explanation: Duplicate MAC addresses can be caused by MAC address spoofing or by manufacturers reusing MAC addresses in their devices. Manufacturers will often ship NICs with duplicate MAC addresses to different geographic areas. As long as two NICs with the same MAC addresses have atleast one router between them, there will not be a conflict.

Which of the following technologies implements packet tagging in a LAN? Diffserv QoS Traffic Shaping CoS

CoS (Class of Service) Explanation: CoS = implements packet tagging in a LAN. Tags different types of traffic, such as Video Streaming or VoIP. QoS = Quality of Service, uses the CoS tag to determine which traffic gets priority, but QoS does NOT implement the tags. Traffic Shaping = the overall mechanism that encompasses CoS, QoS, and differentiated services. It does NOT directly implement tagging. Diffserv = Differentiated Services, uses the CoS classifications for identification and subsequently utilizes the QoS parameters to differentiate traffic.

An eight-port hub receives a signal through port five. That signal is then sent back out through ports one, two, three, four, six, seven, and eight without any signal regeneration. Which type of Hub has been described? switching hub passive hub hybrid hub active hub

passive hub Explanation: hub = is a central point of connection between media segments. 2 Primary types of Hubs 1. Passive - sents received signals out through ALL of its ports except the one through which the signal was received. Does NOT amplified or regenerate the signal, therefore it does not require electricity to operate. 2. Active - also sends data out all of its ports except the one through which the signal was received, but it amplifies or regenerates the signal as it sends it out the ports. Therefore it does require electricity to operate. 3. Hybrid - not a Primary type, but there is a Hybrid Hub. Used to connect different types of cabling. Typically connects sub-hubs which connect to computers. Switching Hubs - Also known as Switches or Layer 2 Switches, also serve as connection points between media segments. They are built on a table of MAC Addresses unlike other hubs. Thus they are able to send the signal out through the Specific Port leading to the destination rather than through all of the ports.

Which of the following Network Devices would be MOST likely found within an Office Building setting? Industrial Control Systems (ICS) Smart Speakers SCADA Systems HVAC Systems

HVAC Systems Explanation: HVAC = Heating, Ventilation, Air Conditioning - important to understand that they too can be vulnerabile to cyberattacks as many of these systems are automated and not designed with cybersecurity in mind. Routinely monitoring and managing these systems is critical whenever designing a new network.