Jason Dion - CompTIA Network+ N10-008 Exam Prep #0 Flashcards
Which of the following protocols must be implemented for two switches to share VLAN (Virtual Local Area Network) information?
A.PPTP (Point-to-Point Tunneling Protocol [old VPN protocol])
B.VTP (VLAN [Virtual Local Area Network] Trunk Protocol)
C.MPLS (Multi-protocol label switching)
D.STP (Spanning Tree Protocol)
B.VTP (VLAN [Virtual Local Area Network] Trunk Protocol)
OBJ-2.3: The VLAN Trunking Protocol (VTP) allows a VLAN created on one switch to be propagated to other switches in a group of switches in a VTP domain. Spanning Tree Protocol (STP) is a Layer 2 protocol that runs on bridges and switches to ensure that you do not create loops when you have redundant paths in your network. Multiprotocol Label Switching is a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses, thus avoiding complex lookups in a routing table and speeding traffic flows. The Point-to-Point Tunneling Protocol is an obsolete method for implementing virtual private networks. MPLS, STP, and PPTP are not used to share VLAN information like VTP and the 802.1q standard do.
Which of the following would be the BEST addition to a business continuity plan to protect the business from a catastrophic disaster such as a fire, tornado, or earthquake?
A.UPS (uninterruptible power supply) and battery backups
B.Building generator
C.Fire suppression systems
D.Hot sites or cold sites
D.Hot sites or cold sites
OBJ-3.3: Although all answers are adequate suggestions to aid in business continuity, the addition of a hot or cold site is the BEST option. A hot or cold site is a commercial service that provides all equipment and facilities to allow a computer or networking company to continue operations in the event of a catastrophic event. In the case that the building has been destroyed, the hot/cold site is the only option that will allow the business to continue their operations effectively.
Dion Training wants to purchase an email marketing solution to better communicate with their students. A promising new startup has a new offering to provide access to their product from a central location rather than requiring Dion Training to host the product on their internal network. Dion Training wants to ensure that their sensitive corporate information is not accessible by any startup’s other clients. Which type of cloud server should Dion Training look to purchase to meet these needs?
A.Private SaaS (Software as a Service)
B.Public Saas
C.Community IaaS (Infrastructure as a Service)
D.Hybrid IaaS
A.Private SaaS (Software as a Service)
OBJ-1.8: SaaS (Software as a Service) is a cloud model whereby a service provider provides a software service and makes the service available to customers over the Internet. Examples of SaaS solutions include Microsoft Office 365, Microsoft Exchange Online, and Google Docs. Because of the concerns with sensitive corporate information being processed by the SaaS, Dion Training should ensure a Private SaaS is chosen. A private cloud is a particular model of cloud computing that involves a distinct and secure cloud-based environment in which only the specified client (Dion Training in this case) can operate. A public cloud contains services offered by third-party providers over the public Internet and is available to anyone who wants to use or purchase them. They may be free or sold on-demand, allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume. A community cloud is a collaborative effort in which infrastructure is shared between several organizations from a specific community with common concerns (security, compliance, jurisdiction, etc.), whether managed internally or by a third-party and hosted internally or externally. A hybrid cloud uses a mix of on-premises, private cloud, and third-party, public cloud services with orchestration between these platforms. This typically involves a connection from an on-premises data center to a public cloud.
Which encryption type MOST likely is used for securing the key exchange during a client-to-server VPN (Virtual Private Network) connection?
A.Kerberos
B.ISAKMP (Internet Security Association and Key Management Protocol
C.TKIP (Temporal Key Integrity Protocol)
D.AES (Advanced Encryption Standard)
B.ISAKMP (Internet Security Association and Key Management Protocol
OBJ-4.4: ISAKMP is used in IPsec, which is commonly used in securing the key exchange during the establishment of a client-to-server VPN connection. TKIP (Temporal Key Integrity Protocol) is an encryption protocol included as part of the IEEE 802.11i standard for wireless LANs (WLANs). Kerberos is a computer network authentication protocol that works based on tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. The Advanced Encryption Standard (AES) is a symmetric key encryption and is not used for key exchanges.
You have been asked to install a media converter that connects a newly installed RG-6 (Radio Guide 6) cable to the existing single-mode cable plant. Which type of media converter should you use?
A.Coaxial to fiber
B.Coaxial to ethernet
C.Ethernet to fiber
D.Multimode to single-mode
A.Coaxial to fiber
OBJ-1.3: A media converter is a Layer 1 device that changes one type of physical network connection to another. In this case, we are converting coaxial (RG-6) cable to fiber-optic (SMF [single-mode optical fiber]) cable.
Dion Training has a single switch that services every room within its offices. The switch contains 48 ports, but Jason wants to divide the ports based on functional areas, such as web development, instruction support, and administration. Which technology should Jason utilize to divide the physical switch into three logically divided areas?
A.VPN (Virtual Private Network)
B.VLAN (Virtual Local Area Network)
C.DSL (Digital Subscriber Line)
D.NAT (Network Address Translation)
B.VLAN (Virtual Local Area Network)
OBJ-4.3: A VLAN (virtual LAN) allows a single physical switch to be divided into logical networks. VLANs are only supported on managed switches, but they allow for a different logical subnetwork address to be assigned to various ports on the switch. This requires that communications between different VLANs must go through a router, just as if you had multiple switches. A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. A digital subscriber line (DSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connection to the Internet. Dynamic NAT is a many-to-one mapping of a private IP address or subnets inside a local area network to a public IP address or subnet outside the local area network. The traffic from different zones and subnets over trusted (inside) IP addresses in the LAN segment is sent over a single public (outside) IP address.
Your physical security manager, Janice, wants to ensure she can detect any unauthorized access to the data center. Which technology should be used to meet her requirement?
A.Biometric Access
B.Video surveillance
C.Smart card
D.Access badge reader
B.Video surveillance
OBJ-4.5: Since she requires to detect unauthorized access, video surveillance should be utilized. Closed-circuit television is a type of video surveillance where video cameras transmit a signal to a specific place using a limited set of monitors. If she were trying to prevent access from occurring, the other three options would provide that. Still, they cannot detect unauthorized access (for example, if the attacker stole a valid smart card or access badge). A biometric lock is any lock that can be activated by biometric features, such as a fingerprint, voiceprint, or retina scan. Biometric locks make it more difficult for someone to counterfeit the key used to open the lock or a user’s account. A smart card is a form of hardware token. A smart card, chip card, PIV card, or integrated circuit card is a physical, electronic authorization device used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit chip. In high-security environments, employee badges may contain a smart card embedded chip that must be inserted into a smart card reader to log in or access information on the system. A badge reader can be used to read a security badge using RFID, a smart card, or a barcode to authenticate a user.
You are about to perform a major configuration upgrade to a network device. What should you have prepared in case the upgrade fails?
A.Vulnerability report
B.Baseline report
C.Rollback plan
D.Business continuity plan
C.Rollback plan
OBJ-3.2: The purpose of a rollback plan is to document at every point during the deployment of a change or upgrade where you can stop the deployment and return to a known good state.
Which of the following is a logical host on the network that is configured with known vulnerabilities so that an attacker’s techniques can be studied in order to improve your network defenses?
A.CVE (Common Vulnerabilities and Exposures (CVE) system)
B.Honeypot
C.Virtual terminal
D.Botnet
B.Honeypot
OBJ-4.1: A honeypot is a computer security mechanism set to detect, deflect, or in some manner counteract attempts of unauthorized use of information systems. A honeypot is a security mechanism that creates a virtual trap to lure attackers. An intentionally compromised computer system allows attackers to exploit vulnerabilities so you can study their techniques and improve your security policies. The Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known information-security vulnerabilities and exposures. CVE is a website and database, not something you install or configure on your network. A botnet is a collection of internet-connected devices infected by malware that allow hackers to control them. A virtual terminal allows a PC to connect to a remote server, usually to perform a file transfer or run an application.
Which of the following protocols are designed to avoid loops on a Layer 2 network?
A.802.1d (Media Access Control bridge standard; spanning tree protocol)
B.RIPv2 (Routing Information Protocol (RIP) is a distance-vector, interior gateway (IGP) routing protocol used by routers to exchange routing information)
C.802.1q (aka Dot1q; Virtual Local Area Networking standard)
D.OSPF (Open Shortest Path First)
A.802.1d (Media Access Control bridge standard; spanning tree protocol)
OBJ-2.3: The Spanning Tree Protocol is part of the 802.1d standard and avoids loops in the switching network (layer 2). The 802.1q standard is used to define virtual LANs (VLANs) on an ethernet network. RIPv2 is a layer 3 distance-vector protocol for local and wide-area networks, and does not prevent or avoid loops by default. Open Shortest Path First (OSPF) is a layer 3 link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF does not avoid or prevent loops by default. Instead, RIP and OSPF both rely on split horizon and route poisoning to avoid layer 3 loops.
A client reports that half of the office is unable to access a shared printer on the network. Which of the following should the network technician use to troubleshoot the issue?
A.Vendor documentation
B.Baseline information
C.Network diagrams
D.Data backups
C.Network diagrams
OBJ-3.2: Network diagram is a visual representation of a computer network. Understanding all the connections is a fundamental step in network troubleshooting. A baseline is a process for studying the network at regular intervals to ensure that the network is working as designed. This baseline information can be used for anticipating future problems, as well as planning for future growth. Data backups are a copy of the data on your system that you use for recovery in case your original data is lost or corrupted. Vendor documentation is a group of documents supplied by the manufacturer that document the proper usage and configuration of a network device.
Which of the following levels would an alert condition generate?
A.1
B.3
C.0
D.2
A.1
OBJ-3.1: The severity levels range from zero to seven, with zero being the most severe and seven being the least severe. Level 0 is used for an emergency and is considered the most severe condition because the system has become unstable. Level 1 is used for an alert condition and means that there is a condition that should be corrected immediately. Level 2 is used for a critical condition, and it means that there is a failure in the system’s primary application and it requires immediate attention. Level 3 is used for an error condition, and it means that something is happening to the system that is preventing the proper function. Level 4 is used for warning conditions and it may indicate that an error will occur if action is not taken soon. Level 5 is used for notice conditions and it means that the events are unusual, but they are not error conditions. Level 6 is used for information conditions and it is a normal operational message that requires no action. Level 7 is used for debugging conditions and is just information that is useful to developers as they are debugging their networks and applications.
The corporate network uses a centralized server to manage credentials for all of its network devices. What type of server is MOST likely being used in this configuration?
A.DNS (Domain Name System)
B.RADIUS (Remote Authentication Dial-In User Service)
C.Kerberos
D.FTP (File Transfer Protocol)
B.RADIUS (Remote Authentication Dial-In User Service)
OBJ-4.1: RADIUS is used to manage credentials for network devices centrally. Remote Authentication Dial-In User Service is a networking protocol that provides centralized authentication, authorization, and accounting management for users who connect and use a network service. TACACS+ is an older username and login system that uses authentication to determine access, while RADIUS combines authorization AND authentication. For this question, either RADIUS or TACACS would be an acceptable answer. Kerberos is a computer network authentication protocol that works based on tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Kerberos is used in Windows Active Directory domains for authentication. The domain name system (DNS) protocol is the protocol used to provide names for an IP address based on their mappings in a database using TCP/UDP port 53. The file transfer protocol (FTP) is the protocol used to transfer files across the internet over ports 20 and 21.
What device is used to configure various hypervisor guests to use different VLANs in the same virtualization environment?
A.Virtual switch
B.Virtual firewall
C.NIC (Network Interface Controller/Card) teaming
D.Virtual router
A.Virtual switch
OBJ-1.2: A virtual switch (vSwitch) is a software application that allows communication between virtual machines. A vSwitch does more than just forward data packets, it intelligently directs the communication on a network by checking data packets before moving them to a destination.
What would be used in an IP-based video conferencing deployment?
A.56k modem
B.NFC (Near Field Communication)
C.Codec (concatenation of “encoder” and “decoder”)
D.RS-232 (Recommended Standard 232)
C.Codec (concatenation of “encoder” and “decoder”)
OBJ-2.1: The term “codec” is a concatenation of “encoder” and “decoder.” In video conferencing, a codec is a software (or can be hardware) that compresses (encodes) raw video data before it is transmitted over a network. Generally, audio/video conferencing systems utilize the H.323 protocol with various codecs like H.263 and H.264 to operate. A 56k modem is a legacy device, also called a dial-up modem. These devices are too slow to allow an IP-based video conferencing system deployment. RS-232 is a standard protocol used for serial communication, and is too slow to support IP-based video conferencing systems. Near Field Communication (NFC) is a set of short-range wireless technologies, typically requiring a distance of 4cm or less to initiate a connection. NFC is not used with IP-based video conferencing systems.
Your boss is looking for a recommendation for a cloud solution that will only allow your company’s employees to use the service while preventing anyone else from accessing it. What type of cloud model would you recommend to ensure the contents are best secured from those outside your company?
A.Private Cloud
B.Public Cloud
C.Hybrid Cloud
D.Community Cloud
A.Private Cloud
OBJ-1.8: A private cloud service would be the best recommendation to protect and secure the services from those outside the company from accessing its contents. The private cloud is defined as computing services offered either over the Internet or a private internal network and only to select users instead of the general public. Private cloud computing gives businesses many of the benefits of a public cloud including self-service, scalability, and elasticity with the additional control and customization available from dedicated resources over a computing infrastructure hosted on-premises. Private clouds also deliver a higher level of security and privacy through both company firewalls and internal hosting to ensure operations and sensitive data are not accessible to third-party providers. A public cloud contains services offered by third-party providers over the public Internet and is available to anyone who wants to use or purchase them. They may be free or sold on-demand, allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume. A public cloud contains services offered by third-party providers over the public Internet and is available to anyone who wants to use or purchase them. They may be free or sold on-demand, allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume. A community cloud is a collaborative effort in which infrastructure is shared between several organizations from a specific community with common concerns (security, compliance, jurisdiction, etc.), whether managed internally or by a third party and hosted internally or externally.
(This is a simulated Performance-Based Question. If this was the real certification exam, you would be asked to drag-and-drop the correct encryption onto the APs.)
Your company has purchased a new office building down the street for its executive suites. You have been asked to choose the BEST encryption for AP1, AP2, and AP3 to establish a wireless connection inside the main building for visitors to use. Your boss has stated that the main building’s internal wireless network is only going to be used by visitors and should not require the visitors to set up any special configuration on their devices to connect.
A.Open
B.WPA (Wi-Fi Protected Access)
C.WPA-CCMP (Wi-Fi Protected Access-Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)
D.WEP (Wired Equivalent Privacy)
E.WPA2-TKIP (Wi-Fi Protected Access 2-Temporal Key Integrity Protocol )
A.Open
OBJ-5.4: Since your manager has required that the visitors not be required to configure anything on their devices to connect, the only option you can choose is Open. This option presents no security for the visitor’s wireless network, but it also requires no setup on the user’s devices. All of the other options would require a pre-shared key and set up to allow the visitor to use the network. This wireless network should act as a guest network, be segmented from your corporate network, and only allow the visitors to access the internet directly using this network.
After installing some new switches in your network, you notice that a switching loop has begun to occur. You contact the manufacturer’s technical support for your switches and they recommended that you enable 802.1d. Which of the following BEST represents why the manufacturer suggested this?
A.The Link Aggregation Control Protocol uses BDPU (Bridge Protocol Data Unit) to detect loops in the network topologies
B.The Link Aggregation Control Protocol uses split horizon to prevent loops in the network topologies
C.The Spanning Tree Protocol uses BDPU (Bridge Protocol Data Unit) to detect loops in the network topologies
D.The Spanning Tree Protocol uses split horizon to prevent loops in the network topologies
C.The Spanning Tree Protocol uses BDPU (Bridge Protocol Data Unit) to detect loops in the network topologies
OBJ-2.3: The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that result from them. The Spanning Tree Protocol operates at Layer 2 of the OSI model to detect switching loops. STP is defined in the IEEE 802.1d standard. The Link Aggregation Control Protocol (LACP) enables you to assign multiple physical links to a logical interface that will appear as a single link to a route processor. LACP is used to combine multiple network connections in parallel to increase throughput beyond what a single connection could sustain and to provide redundancy in case one of the links should fail. LACP is defined in the IEEE 802.3ad standard. Split horizon is used by routing protocols at layer 3 to prevent routing loops, and it does not affect switching loops.
Which of the following policies or plans would dictate the complexity requirements for a wireless network’s shared secret key?
A.Remote access policy
B.Password policy
C.Acceptable use policy
D.Data loss prevention policy
B.Password policy
OBJ-3.2: A password policy is a set of rules created to improve computer security by motivating users to create dependable, secure passwords and then store and utilize them properly. This document promotes strong passwords by specifying a minimum password length, complexity requirements, requiring periodic password changes, and placing limits on the reuse of passwords. An acceptable use policy (AUP) is a set of rules applied by the owner, creator, or administrator of a network, website, or service, that restrict how the network, website, or system may be used and sets guidelines as to how it should be used. A data loss prevention policy is a document that defines how organizations can share and protect data. It guides how data can be used in decision-making without it being exposed to anyone who should not have access to it. The goal of a data loss prevention policy is to minimize accidental or malicious data loss. A remote access policy is a document that outlines and defines acceptable methods of remotely connecting to the internal network.
Dion Training has just purchased a new domain name and needs to indicate which DNS (Domain Name System; phone book of the internet) server is the definitive information source for the domain. Which type of DNS record should be created?
A.AAAA (indicates the IPv6 address of a given domain)
B.A (indicates the IPv4 address of a given domain)
C.SoA (Start of Authority; stores important information about a domain or zone such as the email address of the administrator, when the domain was last updated, and how long the server should wait between refreshes.)
D.MX (mail exchange; A DNS MX record directs email to a mail server)
C.SoA (Start of Authority; stores important information about a domain or zone such as the email address of the administrator, when the domain was last updated, and how long the server should wait between refreshes.)
OBJ-1.6: A Start of Authority (SOA) resource record indicates which Domain Name Server (DNS) is the best source of information for the specified domain. An AAAA record associates your domain name with an IPv6 address. An A record associates your domain name with an IPv4 address. An MX record is used for outgoing (SMTP) and incoming (POP3/IMAP) traffic.
A technician is setting up a new network and wants to create redundant paths through the network. Which of the following should be implemented to prevent performance degradation within the network?
A.VLAN (Virtual Local Area Network)
B.Port mirroring
C.ARP (Address Resolution Protocol) inspection
D.STP (Spanning Tree Protocol)
D.Spanning tree
OBJ-2.3: The Spanning Tree Protocol (STP) is a network protocol that builds a logical loop-free topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. If you have redundant links set up, it is important to utilize STP to prevent loops within the network. If a loop occurs, the performance of the entire network can be degraded due to broadcast storms. Port mirroring is used on a network switch to send a copy of network packets seen on one switch port to a network monitoring connection on another switch port. Dynamic ARP Inspection (DAI) is a security feature that validates Address Resolution Protocol (ARP) packets in a network. DAI allows a network administrator to intercept, log, and discard ARP packets with invalid MAC address to IP address bindings. A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2). Port mirroring, ARP inspection, and VLANs do not add any redundancy to the network.
Which of the following needs to be configured to allow jumbo frames on a network?
A.MTU (Maximum Transmission Unit)
B.MIB (Management Information Base)
C.IPS (Intrusion Prevention System)
D.MAC (Media Access Control)
A.MTU (Maximum Transmission Unit)
OBJ-2.3: MTU is the largest unit that can be transmitted across a network. If the MTU is set at a value above 1500, the network is configured to support jumbo frames. A media access control address is a unique identifier assigned to a network interface controller for use as a network address in communications within a network segment. Management information base (MIB) is a collection of definitions which define the properties of the managed object within the device to be managed (such as a router, switch, etc.). An intrusion prevention system (IPS) is a form of network security that works to detect and prevent identified threats.
You have just installed a new switch in your company’s network closet. The switch connects to your router using an SFP (Small Form-Factor Pluggable) port on both the router and switch. Unfortunately, you only had a long cable available to make the connection, so after running the cable from the rack containing the switch to the other rack containing the router, you decide to coil up the excessive cable and use a zip tie to hold the coil to the side of the rack. You head back to your office, log into the switch over SSH (Secure SHell), and check the log file. You notice that several messages indicate that the signal strength on the transmit portion of the SFP is registering as too weak. What is the BEST explanation for the cause of this error?
A.The bend radius of the cable has been exceeded
B.You used an MTRJ (Mechanical Transfer Registered Jack) connector instead of an ST (Straight Tip) connector
C.The SFP (Small Form-Factor Pluggable) module has gone bad and should be replaced
D.You used an MMF (Multimode fiber) cable instead of an SMF (Single-Mode Optical Fiber) cable
A.The bend radius of the cable has been exceeded
OBJ-5.2: The most likely explanation for this issue is the coiled up the excess cable was wound too tightly and exceeded the bend radius for the cable. Bend radius is the measure of how sharply a cable can safely bend without causing damage by creating micro cracks on the glass fibers. By tightly coiling the cable, the cable may have broken or cracked the fiber connected to the transmit portion of the SFP. It is unlikely that the SFP failed since only the transmit portion is registering as weak. If you used the wrong type of cable (MTRJ vs. ST), you would not have been able to connect it to the SFP module as it wouldn’t fit. Similarly, if you used an MMF instead of an SMF cable, you would not receive a weak connection but would instead get no connection.
Which of the following types of telecommunication links is used to provide high-speed internet service over a traditional phone line?
A.DSL (Digital Subscriber Line)
B.Satellite
C.Cable
D.Leased line
A.DSL (Digital Subscriber Line)
OBJ-1.2: A digital subscriber line (DSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connection to the Internet. A satellite connection is a wireless connection spread across multiple satellite dishes located both on earth and in space that provides remote areas with valuable access to core networks. Data Over Cable Service Interface Specification (DOCSIS) is used to connect a client’s local area network to a high-bandwidth internet service provider over an existing coaxial cable TV system. A leased line is a private telecommunications circuit between two or more locations provided according to a commercial contract, normally over a fiber-optic connection.
You are working as a service desk analyst. This morning, you have received multiple calls from users reporting that they cannot access websites from their work computers. You decide to troubleshoot the issue by opening up your command prompt on your Windows machine and running a program to determine where the network connectivity outage is occurring. This tool tests the end-to-end connection and reports on each hop found in the connection. Which tool should you use to determine if the issue is on the intranet portion of your corporate network or if it is occurring due to a problem with your ISP (Internet Service Provider)?
A.netstat (networkstatistics; tool is used to display network statistics and active connections)
B.tracert (a command-line utility used to trace an IP packet’s path as it moves from its source to its destination; performs a series of ICMP echo requests to determine which device in the connection path is not responding appropriately. This will help to identify if the connectivity issue lies within your intranet or is a problem with the Internet Service Provider’s connection. )
C.PING (Packet InterNetwork Groper; will tell you if the remote website is reachable or not, it will not tell you where the connection is broken)
D.nslookup (tool is used to troubleshoot Domain Name System issues)
B.tracert (a command-line utility used to trace an IP packet’s path as it moves from its source to its destination; performs a series of ICMP echo requests to determine which device in the connection path is not responding appropriately. This will help to identify if the connectivity issue lies within your intranet or is a problem with the Internet Service Provider’s connection. )
OBJ-5.3: Tracert is a command-line utility used to trace an IP packet’s path as it moves from its source to its destination. While using ping will tell you if the remote website is reachable or not, it will not tell you where the connection is broken. Tracert performs a series of ICMP echo requests to determine which device in the connection path is not responding appropriately. This will help to identify if the connectivity issue lies within your intranet or is a problem with the ISP’s connection. The nslookup tool is used to troubleshoot DNS issues. The netstat tool is used to display network statistics and active connections. The ping tool is used to test an end-to-end connection, but it will not provide any data on the hops found in the connection.
Which of the following weaknesses exist in WPS (Wi-Fi Protected Setup) -enabled wireless networks?
A.Utilizes a 40-bit encryption key
B.Utilizes a 24-bit initialization vector
C.Brute force occurs within 11,000 combinations
D.Utilizes TKIP (Temporal Key Integrity Protocol) to secure the authentication handshake
C.Brute force occurs within 11,000 combinations
OBJ-2.4: The most prominent attack against WPS0-enabled wireless networks involves brute-forcing the 8-digit PIN that client uses to enroll their devices without knowing the pre-shared key. WPS checks each half of the PIN individually, reducing the number of possible combinations from a maximum of 100,000,000 to only 11,000. This only takes a few minutes to crack on most modern computers, as long as the WAP doesn’t have a lockout after a certain number of failures. The lockout mechanism may also be triggered based on the client’s MAC, so you can often spoof MAC to bypass this defense.
Which of the following should be implemented to allow wireless network access for clients in the lobby using a shared password as the key?
A.WPA2 (Wi-Fi Protected Access 2)
B.IPsec (Internet Protocol Security)
C.Geofencing
D.Firewall
A.WPA2 (Wi-Fi Protected Access 2)
OBJ-4.3: Wi-Fi Protected Access 2 Pre-Shared Key or WPA2-PSK is a system of encryption used to authenticate users on wireless local area networks using a shared password as the key. WPA2-PSK [AES] is the recommended secure method of making sure no one can listen to your wireless data while it is being transmitted back and forth between your router and other devices on your network. A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies, not a shared password. Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network and is used in virtual private networks. A geofence is a virtual perimeter for a real-world geographic area. Geofencing does not use shared passwords to secure your next, it uses GPS coordinates or other location-based data.
Last night, your company’s system administrators conducted a server upgrade. This morning, several users are having issues accessing the company’s shared drive on the network. You have been asked to troubleshoot the problem. What document should you look at first to create a probable theory for the cause of the issue?
A.Cable management plan
B.Release notes for the server software
C.Physical network diagram
D.Change management documentation
D.Change management documentation
OBJ-3.2: Since everything worked before the server upgrade and doesn’t now, it would be a good idea to first look at the change management documentation that authorized the change/upgrade. This should include the specific details of what was changed and what things may have been affected by the change. This is the best place to start when determining what changed since yesterday. Change management is a systematic approach to dealing with the transition or transformation of an organization’s goals, processes, or technologies.
In which type of non-technical attack does an attacker attempt to trick a user into providing sensitive information?
A.Evil twin
B.On-path
C.Bluesnarfing
D.Social engineering
D.Social engineering
OBJ-4.2: Social engineering is the art of convincing people to reveal confidential information to the intruder. Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection. Bluesnarfing is a technical exploit, not one that relies on tricking a user like social engineering would. An on-path attack, formerly known as a man-in-the-middle attack, is a technical method used by attackers to place themselves between a victim’s client and a server to intercept or modify communications between the two devices. This is another form of technical attack and it does not rely on tricking a user. An evil twin a rogue wireless access point that masquerades as a legitimate Wi-Fi access point so that an attacker can gather personal or corporate information without the user’s knowledge. An evil twin is another technical means of attack that could be combined with an on-path attack to collect sensitive information from a victim. The best answer, though, still is a social engineering attack since those manipulate and trick a user into directly providing sensitive information to an attacker.
Which of the following features is supported by Kerberos but not by RADIUS?
A.Services for authentication
B.XML (eXtensible Markup Language) for cross-platform interoperability
C.Single sign-on capability
D.Tickets used to identify authenticated users
D.Tickets used to identify authenticated users
OBJ-4.1: Whether you learned the in-depth details of each of these protocols during your studies or not, you should be able to answer this question by remembering that Kerberos is all about ‘tickets.’ Kerberos uses a system of tickets to allow nodes to communicate over a non-secure network and securely prove their identity. Kerberos is a computer network authentication protocol that works based on tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Kerberos is used in Windows Active Directory domains for authentication. Single sign-on (SSO) is a type of mutual authentication for multiple services that can accept the credential from one domain or service as authentication for other services. The Remote Authentication Dial-in User Service (RADIUS) is used to manage remote and wireless authentication infrastructure. Users supply authentication information to RADIUS client devices, such as wireless access points. The client device then passes the authentication data to an AAA (Authentication, Authorization, and Accounting) server that processes the request.
A network administrator has determined that the ingress and egress traffic of a router’s interface are not correctly reported to the monitoring server. Which of the following can be used to determine if the router interface uses 64-bit versus 32-bit counters?
A.Syslog server
B.SNMP (Simple Network Management Protocol) Walk (an application that runs multiple GETNEXT requests automatically)
C.Packet analyzer
D.Port Scanner
B.SNMP (Simple Network Management Protocol) Walk (an application that runs multiple GETNEXT requests automatically)
OBJ-3.1: SNMP Walk can be used to determine if the counter is using 32 bits or 64 bits by querying the OID of the endpoint (router interface). This is a complex topic beyond the scope of the Network+ exam (how to use the SNMP Walk tool) and usually serves as a type of in-depth question that CompTIA might ask to determine if a candidate has actual real-world experience in networking or just studied from a textbook. Some instructors like to claim that CompTIA uses these types of questions to determine if someone is cheating because only people who studied from a “brain dump” are likely to get this question correct! This type of question reminds you that it is ok not to know all the answers on test day. Just take your best guess, and then move on!
You have been asked to select the best WAN connection for a new network at Dion Training. The company has stated that they must have a guaranteed throughput rate on their Internet connection at all times. Based on this requirement, what type of WAN connection should you recommend?
A.Cable broadband
B.Dial-up
C.T-1 (bundles together 24 64-kbps (DS0) time-division multiplexed (TDM) channels over 4-wire copper circuit. This creates a total bandwidth of 1.544 mbps)
D.DSL (Digital Subscriber Line)
C.T-1 (bundles together 24 64-kbps (DS0) time-division multiplexed (TDM) channels over 4-wire copper circuit. This creates a total bandwidth of 1.544 mbps)
OBJ-1.2: A T-1 connection provides a guaranteed 1.544 Mbps of throughput. Dial-up, DSL, and cable broadband do not provide a guaranteed throughput rate. Instead, these services provide a variable throughput rate based on network conditions and demand in the area of your business.
Your company has decided to begin moving some of its data into the cloud. Currently, your company’s network consists of both on-premise storage and some cloud-based storage. Which of the following types of clouds is your company currently using?
A.Public
B.Private
C.Community
D.Hybrid
D.Hybrid
OBJ-1.8: A hybrid cloud is a cloud computing environment that uses a mix of on-premises, private cloud, and third-party public cloud services with orchestration between these platforms. This typically involves a connection from an on-premises data center to a public cloud. A community cloud is a collaborative effort in which infrastructure is shared between several organizations from a specific community with common concerns (security, compliance, jurisdiction, etc.), whether managed internally or by a third-party and hosted internally or externally. A public cloud contains services offered by third-party providers over the public Internet and is available to anyone who wants to use or purchase them. They may be free or sold on-demand, allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume. A private cloud contains services offered either over the Internet or a private internal network and only to select users instead of the general public.
You are working as a penetration tester and have discovered a new method of exploiting a vulnerability within the Windows 10 operating system. You conduct some research online and discover that a security patch against this particular vulnerability doesn’t exist yet. Which type of threat would this BEST be categorized as?
A.Brute force
B.Spoofing
C.DDoS (Distributed Denial of Service)
D.Zero-day
D.Zero-day
OBJ-4.1: A zero-day attack happens once that flaw, or software/hardware vulnerability, is exploited, and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability, hence the term zero-day. A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. A brute-force attack consists of an attacker systematically trying all possible password and passphrase combinations until the correct one is found. Spoofing is the act of disguising a communication from an unknown source as being from a known, trusted source.
Which of the following remote access protocols should you use to connect to a Windows 2019 server and control it with your mouse and keyboard from your workstation?
A.RDP (Remote Desktop Protocol)
B.Telnet
C.VNC (Virtual Network Computing)
D.SSH (Secure SHell)
A.RDP (Remote Desktop Protocol)
OBJ-4.4: The RDP (remote desktop protocol) is a Windows feature that allows a remote user to initiate a connection at any time and sign on to the local machine using an authorized account. This connection allows a Windows administrator to see and control what is on a remote computer’s screen. RDP authentication and session data are always encrypted. This means that a malicious user with access to the same network cannot intercept credentials or interfere or capture anything transmitted during the session. Secure Shell (SSH) uses port 22 to securely create communication sessions over the Internet for remote access to a server or system. Telnet uses port 23 to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection but sends its data in plaintext making it an insecure protocol. Virtual Network Computing (VNC) is a cross-platform screen sharing system that was created to remotely control another computer from a distance by a remote user from a secondary device as though they were sitting right in front of it.
You run the command ipconfig on your laptop and see that you have been assigned an IP address of 169.254.0.56. Which category of IPv4 address is this?
A.Public
B.APIPA (Automatic Private Internet Protocol Addressing)
C.Static
D.Private
B.APIPA (Automatic Private Internet Protocol Addressing)
OBJ-1.4: APIPA stands for Automatic Private IP Addressing and is a feature of Windows operating systems. When a client computer is configured to use automatic addressing (DHCP), APIPA assigns a class B IP address from 169.254.0.0 to 169.254.255.255 to the client if the DHCP server is unavailable. A static IP address is used when the DHCP server is disabled and clients are configured manually to join the network properly. A public IP address is the outward-facing (public-facing) IP address assigned to a client. A private IP address lets a router correctly direct traffic within its network and allows devices within a network to communicate with one another, but private IP addresses cannot be used to route traffic across the internet.