Jason Dion - CompTIA Network+ N10-008 Exam Prep #4 Flashcards
Which of the following would NOT be useful in defending against a zero-day threat?
A.Threat intelligence
B.Patching
C.Segmentation
D.Allow listing
B.Patching
OBJ-4.1: While patching is a great way to combat threats and protect your systems, it is not effective against zero-day threats. By definition, a zero-day threat is a flaw in the software, hardware, or firmware that is unknown to the party or parties responsible for patching or otherwise fixing the flaw. This attack has no time (or days) between the time the vulnerability is discovered and the first attack, and therefore no patch would be available to combat it. Using segmentation, allow listing, and threat intelligence, a cybersecurity analyst, can put additional mitigations in place to protect the network even if a zero-day attack was successful.
Which type of network geography is used to connect various circuits between remote locations?
A.PAN (Personal Area Network)
B.WAN (Wide Area Network)
C.LAN (Local Area Network)
D.WLAN (Wireless Local Area Network)
B.WAN (Wide Area Network)
OBJ-1.2: A wide area network (WAN) will typically cover a larger area geographically, such as a continent, a state, or a country. A personal area network (PAN) is centered around a short distance, usually around a person or up to a few meters. PANs are heavily used with Bluetooth and NFC. A local area network (LAN) connects computers within a small and specific area geographically. A wireless LAN (WLAN) connects computers wihtin a small and specific geographical area using the 802.11 protocols for their wireless connections.
When using a Type 1 hypervisor virtualized environment, which of the following hardware types is necessary to connect the VMs to the corporate network?
A.VPN (Virtual Private Network)
B.VDI (Virtual Desktop Infrastructure)
C.VNC (Virtual Network Computing)
D.Virtual NIC
D.Virtual NIC
OBJ-1.2: A virtual machine includes a virtual NIC. A virtual NIC is a type of virtual adapter that can be configured on logical partitions to provide a network interface. This virtual NIC can be paired and mapped to a physical NIC to get the VM onto the network. Virtual Desktop Infrastructure (VDI) is a software technology that separates the desktop environment and associated application software from the physical client device that is used to access it. A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Virtual Network Computing (VNC) is a cross-platform screen sharing system that was created to remotely control another computer from a distance by a remote user from a secondary device as though they were sitting right in front of it.
Which of the following is used to provide emergency electrical power during a long duration outage until the local power grid can be restored?
A.HVAC (Heating, Vacuum, Air Conditioning)
B.UPS (Uninterruptible Power Supply)
C.Generator
D.PDU (Power Distribution Unit)
C.Generator
OBJ-3.3: A generator is a device that converts motive power into electrical power for use in an external circuit. Generators can be powered by diesel, gasoline, or propane. A power distribution unit (PDU) is a device fitted with multiple outputs designed to distribute electric power, especially to racks of computers and networking equipment located within a data center. PDUs use and distribute the available amperage more efficiently, allowing your equipment to receive the best available power to maintain operation. An uninterruptible power supply or uninterruptible power source (UPS) is an electrical apparatus that provides emergency power to a load when the input power source or mains power fails. Heating Ventilation and Air Conditioning (HVAC) units are responsible for maintaining the proper temperature and humidity within a datacenter.
Which of the following types of agreements is a non-legally binding document used to detail what common actions each party intends to perform?
A.AUP (Acceptable Use Policy)
B.SLA (Service-Level Agreement)
C.NDA (Non-Disclosure Agreement)
D.MOU (Memorandum Of Understanding)
D.MOU (Memorandum Of Understanding)
OBJ-3.2: A memorandum of understanding (MOU) is a non-binding agreement between two or more organizations to detail what common actions they intend to take. A non-disclosure agreement (NDA) is a documented agreement between two parties that define what data is considered confidential and cannot be shared outside of that relationship. An NDA is used to protect an organization’s intellectual property. A service level agreement (SLA) is a documented commitment between a service provider and a client, where the quality, availability, and responsibilities are agreed upon by both parties. An acceptable use policy (AUP) is a set of rules applied by the owner, creator, or administrator of a network, website, or service, that restrict how the network, website, or system may be used and sets guidelines as to how it should be used.
Which of the following tools is used to identify why an 802.11g network is intermittently dropping network traffic?
A.Multimeter
B.Wi-Fi analyzer
C.Tone generator and probe
D.Cable tester
B.Wi-Fi analyzer
OBJ-5.3: A WiFi analyzer can determine the wireless network’s signal strength, the frequencies in use, and any possible radio frequency interference. Based on the issue described in the question, the network may have dead zones that could be fixed by adding additional access points to increase the network’s wireless coverage. Another possible issue could be radio frequency interference from other devices, which a WiFi analyzer could help identify. A cable tester is used to ensure a cable is properly created as a patch cable (straight through) or a crossover cable. Cable testers provide detailed information on the physical and electrical properties of the cable. For example, they test and report cable conditions, crosstalk, attenuation, noise, resistance, and other cable run characteristics. A multimeter can measure the voltage, amperage, and resistance of a circuit. A multimeter can be a hand-held device useful for basic fault finding and field service work or a bench instrument that can measure electricity with a high degree of accuracy. A tone generator is connected to a wall jack and sends a repeating signal over the cable. The probe can then be used to detect which cable is attached to the wall jack by detecting the signal being sent by the tone generator. The probe needs to be near or touch the cable with the tone generator attached to identify it positively.
Which of the following ethernet standards is used with a single-mode fiber optic cable?
A.10GBase-LR
B.10GBase-SR
C.40GBase-T
D.1000Base-T
A.10GBase-LR
OBJ-1.3: 10GBase-LR is a standard for 10 Gigabit Ethernet over single-mode fiber optic cabling. 10GBase-SR is a 10 Gigabit Ethernet LAN standard for use with multimode fiber optic cables using short-wavelength signaling. 1000Base-T and 40GBase-T are ethernet standards that use copper wiring. For the exam, remember the memory aid, “S is not single,” which means that if the naming convention does not contain Base-S as part of its name then it uses a single-mode fiber cable.
Which of the following is designed to keep the system’s uptime running in the event of a disaster?
A.Quality of service
B.Load balacing
C.High availability
D.Caching engines
C.High availability
OBJ-3.3: High availability (HA) is a component of a technology system that eliminates single points of failure to ensure continuous operations or uptime for an extended period. If a network switch or router stops operating correctly (meaning that a network fault occurs), communication through the network could be disrupted, resulting in a network becoming unavailable to its users. Therefore, network availability, called uptime, is a major design consideration for high availability networks.
Mallory is unhappy with her job at a large beverage company. She decides to steal sensitive information about the company’s proprietary formula for a new energy drink. She installs a keylogger onto some of the product team’s workstations, which then emails out the information to her personal email account each evening so that she can post the information to WikiLeaks. How would you best classify Mallory and her actions?
A.Denial-of-service
B.Social engineering
C.Logic bomb
D.Insider threat
D.Insider threat
OBJ-4.2: Mallory is considered an insider threat in this scenario. An insider threat is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors, or business associates, who have inside information concerning the organization’s security practices, data, and computer systems. Regardless of her method of stealing the information, the key to this question resides in the fact that she is an employee of the company doing something malicious which places her into the category of an insider threat. A Logic Bomb is a piece of often malicious code that is intentionally inserted into software that is activated upon the host network only when certain conditions are met. A denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting the services of a host connected to the Internet. Social engineering is the art of convincing people to reveal confidential information to the intruder.
A technician installs a new WAP (Wireless Access Point), and users in the area begin to report poor performance. The technician uses ping, and only 3 of the 5 packets respond. When the technician tests the connection from a wired connection, it responds with 5 of 5 packets. What tool should the network technician use next?
A.Port scanning tool
B.Spectrum analyzer tool
C.Packet capture tool
D.Interface monitoring tool
B.Spectrum analyzer tool
OBJ-5.3: A spectrum analyzer is a device that displays signal amplitude (strength) as it varies by signal frequency. Since the issue only occurs when connecting wirelessly, it is almost like a spectrum interference issue. Alternatively, you could attempt to conduct a wireless site survey using a WiFi analyzer, but that option wasn’t presented in this question. A packet capture tool is used to log and collect packets as they cross the wired or wireless network. An interface monitoring tool would collect data related to performance, bandwidth (utilization), errors and discard rate for a singular interface or switchport. A Port scanner is used to test if a particular port or port range is open, closed, or filtered. Since this appears to be a wireless connectivity issue, only a spectrum analyzer could help identify the connectivity issues. This issue is most likely associated with interference around the channels being used by this wireless access device.
You just started work as a network technician at Dion Training. You have been asked to determine if Ethernet0/0 is currently connected using OSPF (Open Shortest Path First) or EIGRP (Enhanced Interior Gateway Routing Protocol) on one of the network devices. Which of the following commands should you enter within the command line interface?
A.show config
B.show route
C.show diagnostic
D.show interface
B.show route
OBJ-5.3: The “show route” command is used on a Cisco networking device to display the current state of the routing table for a given network device. To determine if Ethernet0/0 is connected using OSPF or EIGRP, you would need to use the “show route” command to display the current status. The “show configuration” command is used on a Cisco networking device to display the device’s current configuration. The “show interface” command is used on a Cisco networking device to display the statistics for a given network interface. The “show diagnostic” command is used on a Cisco networking device to display details about the hardware and software on each node in a networked device.
A small real estate office has about 15 workstations and would like to use DHCP (Dynamic Host Configuration Protocol) to assign classful IP addresses to each workstation. The subnet only has one octet for the host portion of each device. Which of the following IP (Internet Protocol) addresses could be assigned as the default gateway?
A.10.0.0.1
B.169.254.0.1
C.192.168.0.1
D.172.16.0.1
B.169.254.0.1
OBJ-1.4: Since the question wants a classful IP addressing scheme to be assigned to devices, and only one octet being available for the host portion, it would need to be a Class C address. The only Class C address to choose from is 192.168.0.1 based on the options provided. The IP 10.0.0.1 is a Class A address. The IP 172.16.0.1 is a Class B address. The IP 169.254.0.01 is an APIPA (reserved) address. A non-routable IP address (in this case 192.168.0.1), also known as a private IP address, is not assigned to any organization and does not need to be assigned by an Internet Service Provider. Therefore, the 192.168.0.1 could be assigned to the outside local IP address of the router in a Network Address Translation based network.
Which of the following BEST describes how a DHCP (Dynamic Host Configuration Protocol) reservation works?
A.By assigning options to the computers on the network by priority
B.By leasing a set of reserved IP (Internet Protocol) addresses according to their category
C.By matching a MAC (Media Access Control) address to an IP address within the DHCP
D.By letting the network switches assign IP addresses from a reserved pool
C.By matching a MAC (Media Access Control) address to an IP address within the DHCP
OBJ-1.6: When the client requests an IP address by sending a message on the network to the DHCP server, the DHCP server will assign an IP from its DHCP scope to the client and reserve it based on its MAC address. DHCP reservations allow the DHCP server to pre-set an IP address to a specific client based on its MAC address. This ensures that the client will always get the same IP address from the DHCP server when it connects to the network. DHCP reservations are usually used with servers or printers on your internal network and are rarely used with end-user or client devices.
You are working as a cybersecurity analyst intern at Dion Training. You have been asked to create a file that contains any data transmitted as part of a malware beacon from a client in a sandboxed wireless network. Which of the following tools should you utilize to create this file?
A.Packet capture
B.IP scanner
C.Wi-Fi analyzer
D.Port scanner
A.Packet capture
OBJ-5.3: A packet capture tool is used to collect data packets being transmitted on a network and save them to a packet capture file (pcap) for later analysis. Packet capture tools are useful when attempting to capture traffic for malware analysis as a cybersecurity analyst. A WiFi analyzer is used to gather information about the available wireless networks, troubleshoot wireless networking issues, ensure optimal router placement, and identify existing coverage areas. A port scanner is used to determine which ports and services are open and available for communication on a target system. An IP scanner is used to monitor a network’s IP address space in real-time and identify any devices connected to the network.
Which of the following network devices would be used to receive a signal on one port and then retransmit the same signal out another port to extend the distance covered by a network?
A.Media converter
B.Access point
C.Repeater
D.IDS (Intrusion Detection System)
C.Repeater
OBJ-2.1: A repeater is a networking device that receives a signal and then rebroadcasts it to extend the distance covered by a network. A repeater can operate either as a wired or wireless repeater. A wireless access point is a networking device that allows other Wi-Fi devices to connect to a wired network. A wireless access point operates at the physical layer (Layer 1) of the OSI model to extend the wired network into the wireless domain. A media converter is a networking device that transparently converts Ethernet or other communication protocols from one cable type to another type, such as from copper to fiber or twisted pair to coaxial. A media converter operates at the physical layer (Layer 1) of the OSI model. An Intrusion Detection System (IDS) is a network security/threat prevention technology that examines network traffic flows to detect and alert upon identified threats.
Workers in a company branch office must visit an initial web page and click the “I agree” button before being able to surf the web. Which of the following is this an example of?
A.MOU (Memorandum Of Understanding)
B.EULA (End-User License Agreement)
C.AUP (Acceptable Use Policy)
D.SLA (Service-Level Agreement)
C.AUP (Acceptable Use Policy)
OBJ-3.2: AUP stands for acceptable use policy. If you’re agreeing to what you can and can’t view, you accept the AUP. MOU is a memo of understanding which typically contains an agreement on certain actions. SLA is a service-level agreement that is usually made between two companies to state what level of service is expected if machines go down, etc., and when they can expect to be back up and running. EULA is an end-user license agreement and is used during the installation of a piece of software.
Users connecting to an SSID (Secure Set IDentifier) appear to be unable to authenticate to the captive portal. Which of the following is the MOST likely cause of the issue?
A.CSMA/CA (Carrier-sense multiple access with collision avoidance)
B.RADIUS (Remote Authentication Dial-In User Service)
C.WPA2 (Wi-Fi Protected Access version 2) security key
D.SSL (Secure Sockets Layer) certificates
B.RADIUS (Remote Authentication Dial-In User Service)
OBJ-5.4: Captive portals usually rely on 802.1x, and 802.1x uses RADIUS for authentication. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. This defines port security. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server. The Remote Authentication Dial-in User Service (RADIUS) is used to manage remote and wireless authentication infrastructure. Users supply authentication information to RADIUS client devices, such as wireless access points. The client device then passes the authentication data to an AAA (Authentication, Authorization, and Accounting) server that processes the request. Secure Sockets Layer (SSL) is a security protocol developed by Netscape to provide privacy and authentication over the Internet. SSL is application-independent that works at layer 5 [Session] and can be used with a variety of protocols, such as HTTP or FTP. Client and server set up a secure connection through PKI (X.509) certificates. Carrier-sense multiple access with collision avoidance (CSMA/CA) is a type of network multiple access method that uses carrier sensing, but nodes attempt to avoid collisions by beginning transmission only after the channel is sensed to be idle. CSMA/CA occurs in the background when communicating with a wireless access point and would not prevent the user from authenticating to the captive portal. A WPA2 security key is a preshared password used to authenticate and connect to a wireless access point. If the user connected to the SSID, then the WPA2 security key was valid.
Which of the following types of network documentation would include labels to indicate which cables are connected to which switchports on an edge switch?
A.Site survey report
B.Logical network diagram
C.Physical network diagram
D.Wiring diagram
D.Wiring diagram
OBJ-3.2: Wiring diagrams are used to clearly label which cables are connected to which ports. The more in-depth wiring diagrams will include a floorplan or rack diagram, so you can see how the cables are run in the physical environment. A wireless site survey is the process of planning and designing a wireless network to provide a wireless solution that will deliver the required wireless coverage, data rates, network capacity, roaming capability, and quality of service (QoS). The site survey report will contain a floorplan of the areas surveyed with the wireless coverage areas and signal strengths notated on it. A physical network diagram is used to show the actual physical arrangement of the components that make up the network, including cables and hardware. A logical diagram is used to illustrate the flow of data across a network and is used to show how devices communicate with each other. These logical diagrams usually include the subnets, network objects and devices, routing protocols and domains, voice gateways, traffic flow, and network segments in a given network.
(This is a simulated Performance-Based Question.) What is the correct color scheme for Pin 1 to Pin 8 for a T-568A connector?
A.white/orange,orange,white/green,blue,white/blue,green,white/brown,brown
B.white/green,green,orange/white,blue,white/blue,orange,white/brown,brown
C.white/green,green,white/orange, orange,blue,white/blue,white/brown,brown
D.blue,white/blue,orange,white/brown,brown,white/green,green,orange/white
B.white/green,green,orange/white,blue,white/blue,orange,white/brown,brown
OBJ-1.3: You need to have the T-568-A and T-568-B standards memorized before test day because you may be asked to perform a drag and drop exercise of placing the right colored wires into the right numbered pins based on a T-568A or T-568B connector. Remember, a straight-through cable will have T-568B on both ends. If you are asked to make a cross-over cable, you need a T-568A on one side and a T-568B on the other side.
Which of the following types of network documentation would be used to illustrate the data flow across the network and include the IP addresses and subnets used by the different network devices?
A.Site survey report
B.Logical network diagram
C.Physical network diagram
D.Wiring diagram
B.Logical network diagram
OBJ-3.2: A logical diagram is used to illustrate the flow of data across a network and is used to show how devices communicate with each other. These logical diagrams usually include the subnets, network objects and devices, routing protocols and domains, voice gateways, traffic flow, and network segments in a given network. A physical network diagram is used to show the actual physical arrangement of the components that make up the network, including cables and hardware. Wiring diagrams are used to clearly label which cables are connected to which ports. The more in-depth wiring diagrams will include a floorplan or rack diagram, so you can see how the cables are run in the physical environment. A wireless site survey is the process of planning and designing a wireless network to provide a wireless solution that will deliver the required wireless coverage, data rates, network capacity, roaming capability, and quality of service (QoS). The site survey report will contain a floorplan of the areas surveyed with the wireless coverage areas and signal strengths notated on it.
Dion Training’s network is using OSPF (Open Shortest Path First) for the internal routing protocol. One of the interfaces connected to the internet is congested. The data is going out to the internet slowly, but is frequently queued by the router prior to sending due to the congestion and lower than normal speeds. You entered the “show interface” command and received the following output:
Fast Ethernet 0/0 is up, line protocol is down
Int ip address is 10.20.130.5/25
MTU 1500 bytes, BW 10000 kbit, DLY 100 usec
Reliability 255/255, Tx load 1/255, Rx load 1/255
Encapsulation ospf, loopback not set
Keep alive 10
Half duplex, 100 Mb/s, 100 Base Tx/Fx
Received 1052993 broadcasts
0 input errors 0 packets output, 768588 bytes
0 output errors, 0 collisions, 0 resets
A.Assign a public IP (Internet Protocol) address to the interface
B.Modify the CIDR (Classless Inter-Domain Routing or supernetting) notation to a classful subnet mask
C.Set the loopback address as 127.0.0.1
D.Change the duplex setting from half to full
D.Change the duplex setting from half to full
OBJ-5.2: Based on the output provided, the interface is set to half-duplex. Since there are no errors, collisions, or resets, the interface appears to be connected directly to another switchport or interface in their own collision domain. Therefore, the duplex can be set to full duplex and this will effectively double the throughput on this interface. The loopback address on all interfaces is set to 127.0.0.1 by default, therefore there is no need to make this configuration change. The output shows “loopback not set”, which indicates the interface is currently in production or operational mode. If the “loopback is set”, this means the interface has a loopback plug installed and you are conducting diagnostics on the interface. The CIDR notation of /25 indicates a subnet with 126 usable hosts. If you modified the CIDR notation to use a classful subnet mask for a Class A network (10.0.0.0/8) it would create 16.7 million usable hosts in a single broadcast domain and would drastically slow down the network. The speed of the network is not influenced by whether a public or private IP address is used by the interface, therefore this is an incorrect option.
Jason is flying home from a conference and attempts to connect to the airplane’s onboard wireless network to check his email. He selects the InflightWiFi from the list of network names, his web browser opens, and then a 404 “page not found” error is displayed. Which of the following issues is likely the source of this error?
A.Captive portal issue
B.Incorrect passphrase
C.Insufficient wireless coverage
D.Wrong SSID (Secure Set IDentifier)
A.Captive portal issue
OBJ-5.4: This is most likely a captive portal issue. Since the user selected the SSID from the list of network names, therefore it is not a wrong SSID issue. The user also did not enter a password, therefore it is not an incorrect passphrase. The user is on an airplane, which is a small enough area to have adequate coverage throughout the entire plane. A captive portal is a web page accessed with a web browser that is displayed to newly connected users of a wireless network before they are granted broader access to network resources. Captive portals are commonly used to present a landing or log-in page which may require authentication, payment, acceptance of an end-user license agreement, acceptable use policy, survey completion, or other information prior to allowing access to the network and its resources. The received signal strength indication (RSSI) is an estimated measure of the power level that a radio frequency client device is receiving from a wireless access point. If the RSSI is -90dB to -100dB, this indicates an extremely weak connection and insufficient wireless coverage in which the area the device is operating. The service set identifier (SSID) is a natural language name used to identify a wireless network. If you are manually configuring a wireless network and the incorrect SSID is entered, the device will be unable to connect to the network. The passphrase in a wireless network serves as the password or network security key. If the incorrect passphrase was entered, you will receive an error such as “Network security key mismatch” and the wireless device will be unable to communicate with the wireless access point.
What port number does POP3 over SSL utilize?
A143.
B.995
C.993
D.110
B.995
OBJ-1.5: Post Office Protocol version 3 over SSL (POP3 over SSL) uses port 995 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server that operates using an SSL or TLS encrypted tunnel. Post Office Protocol version 3 (POP3) uses port 110 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Internet Message Access Protocol (IMAP) uses port 143 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. Internet Message Access Protocol (IMAP) over SSL uses port 993 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection.
Which of the following IEEE (The Institute of Electrical and Electronics Engineers) specifications describes the use of the Link Aggregation Control Protocol (LACP)?
A.802.1d
B.802.3af
C.802.1x
D.802.3ad
D.802.3ad
OBJ-2.3: Link Aggregation Control Protocol or LACP is one element of an IEEE specification (802.3ad) that provides guidance on the practice of link aggregation for data connections. The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that results from them. STP is defined in the IEEE 802.1d standard. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. This defines port security. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server. Power over Ethernet (POE) is a technology that lets network cables carry electrical power. POE is defined in the IEEE 802.3af.
Which of the following type of sites might contain a datacenter with equipment, but it is not configured and doesn’t contain any user or customer data yet?
A.Cloud site
B.Warm site
C.Hot site
D.Cold site
B.Warm site
OBJ-3.3: A warm site is a type of facility an organization uses to recover its technology infrastructure when its primary data center goes down. A warm site features an equipped data center but no customer data. A cold site is a backup facility with little or no hardware equipment installed. A cold site is essentially an office space with basic utilities such as power, cooling system, air conditioning, and communication equipment, etc. A hot site is a real-time replication of an existing network environment. All data generated and stored at the primary site is immediately replicated and backed up at the disaster recovery site. A cloud site is a virtual recovery site that allows you to create a recovery version of your organization’s enterprise network in the cloud. Cloud sites are useful when your disaster recovery plan includes migrating to a telework or remote operations environment.
An analyst reviews the logs from the network and notices that there have been multiple attempts from the open wireless network to access the networked HVAC (Heating, Vacuum, Air Conditioning) control system. The open wireless network must remain openly available so that visitors can access the internet. How can this type of attack be prevented from occurring in the future?
A.Enabled NAC (Network Access Control) on the open wireless network
B.Enabled WPA2 (Wi-Fi Protected Access version 2) security on the open wireless network
C.Install an IDS (Intrusion Detection System) to protect the HVAC system
D.Implement a VLAN (Virtual Local Area Network) to separate the HVAC control system from the open wireless network
D.Implement a VLAN (Virtual Local Area Network) to separate the HVAC control system from the open wireless network
OBJ-2.1: A VLAN is useful to segment out network traffic to various parts of the network and stop someone from the open wireless network from logging to the HVAC controls. By utilizing NAC, each machine connected to the open wireless network could be checked for compliance and determine if it is a ‘known’ machine, but they would still be given access to the entire network. Also, since this is a publicly usable network, using NAC could prevent users from accessing all the network features. An IDS would be a good solution to detect the attempted logins, but it won’t prevent them. Instead, an IPS would be required to prevent logins.
You just arrived at school today, pulled your laptop out of your backpack, and tried to connect your laptop to the Wi-Fi network. It worked fine yesterday, but today it won’t connect automatically or display any available networks. You haven’t done anything to the laptop since you left class yesterday. You ask your classmates if they can connect to the Wi-Fi, and every one of them is connected without any issues. What should you check FIRST in your attempt to connect your laptop to the Wi-Fi?
A.IP address issued by the DHCP server
B.Wireless switch on your laptop
C.Wirelless controller configuration
D.The configuration of the access point
B.Wireless switch on your laptop
OBJ-5.4: Since everyone else’s laptops are connected without any issues, the problem is not with the network but with your laptop in some form. This rules out the wireless controller configuration or access point settings since those are both things that would affect all users on the network. Additionally, as a student at the school, it is unlikely you have access to check the configuration of the access point or wireless controller. Since you are not connected or finding any networks, you won’t have a DHCP address assigned either. The most likely cause of your issue is that the wireless switch on your laptop was accidentally switched to the off position when you put your laptop in your backpack. Now, not all laptops have a wireless switch, but from the options provided, this is the most logical answer. If you have a MacBook, for example, they do not use a physical wireless switch. If you are troubleshooting this issue using the bottom-to-top methodology, you would start with layer 1 of the OSI model, the physical layer. In this case, the physical layer would relate to your wireless networking card and the radio frequencies it is supposed to transmit.
Dion Training wants to create a DNS (Domain Name System) record to specify a host and port to use for a new instant messaging service. Which type of DNS record should be created?
A.SRV (SeRVice Record)
B.TXT (TeXT Record)
C.SOA (Start Of Authority)
D.PTR (PoinTeR Record)
A.SRV (SeRVice Record)
OBJ-1.6: A DNS service (SRV) record specifies a host and port for specific services such as voice over IP (VoIP), instant messaging, and others. PTR records are used for the Reverse DNS (Domain Name System) lookup. Using the IP address, you can get the associated domain/hostname. An A record should exist for every PTR record. A Start of Authority (SOA) resource record indicates which Domain Name Server (DNS) is the best source of information for the specified domain. The DNS text (TXT) record lets a domain administrator enter text into the Domain Name Systems. The TXT record was originally intended as a place for human-readable notes. However, now it is also possible to put some machine-readable data into TXT records.
Students at Dion Training are working on a networking lab that requires a single switch to be remotely accessed by many students simultaneously. The instructor verifies that the switch can be accessed using the console, but the switch is only letting one student log in to the device at a time. Which of the following configurations should the instructor implement to fix this issue?
A.Increase the number of virtual terminals available
B.Increase the number of VLANs (Virtual Local Area Network) configured on the switch
C.Clear the ARP (Address Resolution Protocol) cache and flush the DNS (Domain Name System) cache on the switch
D.Increase installed memory and install a larger flash module
A.Increase the number of virtual terminals available
OBJ-5.5: You can set a limit of how many virtual terminals can simultaneously remotely connect to a switch. The issue in this scenario is that the switch is configured to a maximum of one virtual terminal, so only one student can access the switch at a time. When a student connects to a switch or router using ssh or telnet, it requires a virtual terminal connection. The default virtual terminal limit is 32 on Cisco devices, but you can configure it to allow between 1 and 64 simultaneous connections. To connect to a virtual terminal, you would utilize a terminal emulator. A packet capture tool is used to collect data packets being transmitted on a network and save them to a packet capture file (pcap) for later analysis.
You are trying to select the best device to install to detect an outside attacker trying to reach into your internal network. The device should log the event, but it should not take any action to stop it. Which of the following devices would be the BEST for you to select?
A.IDS (Intrusion Detection System)
B.Authentication server
C.Proxy server
D.IPS (Intrusion Protection System)
A.IDS (Intrusion Detection System)
OBJ-2.1: An intrusion detection system is a device or software application that monitors a network or system for malicious activity or policy violations. Any malicious activity or violation is typically reported to an administrator or collected centrally using a security information and event management system. Unlike an IPS, which can stop malicious activity or policy violations, an IDS can only log these issues and not stop them. An intrusion prevention system (IPS) conducts the same functions as an IDS but can also block or take actions against malicious events. An authentication, authorization, and accounting (AAA) server is a server used to identify (authenticate), approve (authorize), and keep track of (account for) users and their actions. AAA servers can also be classified based on the protocol they use, such as a RADIUS server or TACACS+ server. A proxy server is a server that acts as an intermediary between a client requesting a resource and the server that provides that resource. A proxy server can be used to filter content and websites from reaching a user.
Dion Training is configuring a new branch office in Florida and wants to assign it a portion of their public Class C IPv4 address space. Dion Training has been assigned a Class C scope of 187.15.3.0/24. The new branch office in Florida will require 23 devices that will need IP addresses assigned. What is the correct CIDR (Classless Inter-Domain Routing or supernetting) notation for the new subnet in order to accommodate the 23 devices while allocating the minimum number of addresses?
A./29
B./27
C./26
D./28
B./27
OBJ-1.4: To answer this question, you must be able to perform a basic subnetting calculation. First, you need to determine the number of IP addresses that will be needed. In this scenario, you have 23 clients that will each need an IP address, but you also need one IP address for the network and a second IP for the broadcast. This means you need 25 IP addresses total. IP addresses are assigned in multiples of 2 (1, 2, 4, 8, 16, 32, 64, 128, 256). Since we need 25 IP addresses, we need to round up to a block of 32. To symbolize a CIDR block with 32 IP addresses, we would use /27, which is 2^5 = 2.
A small law office has a network with three switches (8 ports), one hub (4 ports), and one router (2 ports). Switch 1 (switch port 8) is connected to an interface port (FastEthernet0/0) on the router. Switch 2 (switch port 8) and switch 3 (switch port 8) are connected to Switch 1 (switch ports 1 and 2). The hub has three computers plugged into it on ports 1, 2, and 3. The fourth port on the hub is connected to the router’s other interface port (FastEthernet0/1). Based on the configuration described here, how many collision domains are there within this network?
A.1
B.4
C.8
D.2
B.4
OBJ-2.1: A collision domain is a network segment connected by a shared medium or through repeaters where simultaneous data transmissions collide with one another. Hubs do not break up collision domains, but routers and switches do. For each switchport or interface on a switch or router, there is a new collision domain. Therefore, in this network, you will have one collision domain for the hub and its clients that are connected to FastEthernet0/1. There is a second collision domain for the router’s other interface (FastEthernet0/0) that is shared with Switch 1 (switch port 8). There is a third collision domain for the connection between Switch 2 and Switch 1, and a fourth domain for the connection between Switch 3 and Switch 1. If there were additional clients on any of these switches, each client would also be a part of its own collision domain, but since none were mentioned, we only have 4 collision domains in this network.
Which of the following technologies is not commonly used by a captive portal to perform user redirection?
A.ICMP redirect (Internet Control Message Protocol)
B.DHCP redirect (Dynamic Host Configuration Protocol)
C.DNS redirect (Domain Name System)
D.HTTP redirect (HyperText Transfer Protocol)
B.DHCP redirect (Dynamic Host Configuration Protocol)
OBJ-4.3: In general, captive portals are implemented by using an HTTP redirect, an ICMP redirect, or a DNS redirect. A captive portal is a web page accessed with a web browser that is displayed to newly connected users of a wireless network before they are granted broader access to network resources. Captive portals are commonly used to present a landing or log-in page which may require authentication, payment, acceptance of an end-user license agreement, acceptable use policy, survey completion, or other information prior to allowing access to the network and its resources.
What port number does IMAP utilize?
A.995
B.143
C.110
D.993
B.143
OBJ-1.5: Internet Message Access Protocol (IMAP) uses port 143, and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. Internet Message Access Protocol (IMAP) over SSL uses port 993 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. Post Office Protocol version 3 (POP3) uses port 110 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Post Office Protocol version 3 over SSL (POP3 over SSL) uses port 995 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server that operates using an SSL or TLS encrypted tunnel.
A network technician is asked to redesign an Ethernet network before some new monitoring software is added to each network’s workstation. The new software will broadcast statistics from each host to a monitoring server for each of the company’s five departments. The added network traffic is a concern of management that must be addressed. How should the technician design the new network?
A.Add a router and create a separate segment for all the monitored hosts
B.Increase the collision domains to compensate for the added broadcast messages
C.Place each department in separate VLAN (Virtual Local Area Network) to increase broadcast domains
D.Increase the number of switches on the network to reduce broadcast messages
C.Place each department in separate VLAN (Virtual Local Area Network) to increase broadcast domains
OBJ-2.3: Placing each of the departments on separate VLANs will help minimize the added network traffic caused by the broadcast messages. A virtual LAN is any broadcast domain that is partitioned and isolated in a computer network at the data link layer. Each VLAN becomes its own broadcast domain and this would minimize the total number of broadcast messages sent to every client on the network. For traffic to enter or leave a VLAN, it must go through a router or a layer 3 switch. A collision domain will not prevent a broadcast message from being sent. Increasing the number of switches will not reduce or increase the number of broadcast messages. To minimize the number of broadcast messages, you need to increase the number of broadcast domains.
(This is a simulated Performance-Based Question. On the real exam, you may be given a chart with numerous ports and protocols and be asked to drag and drop them to match the ports with the protocols.) What ports do HTTPS (HyperText Transfer Protocol Secure) and RDP (Remote Desktop Protocol) utilize?
A.443,445
B.443,161
C.443,25
D.443,3389
D.443,3389
OBJ-1.5: HTTPS (HyperText Transfer Protocol Secure) uses port 443. RDP (Remote Desktop Protocol) uses port 3389. Port 445 is used by the Server Message Block (SMB) protocol. Port 161 is used by the Simple Network Management Protocol (SNMP). Port 3389 is used by the Remote Desktop Protocol (RDP). Port 25 is used by the Simple Mail Transfer Protocol (SMTP). If this was a question on the real exam, you would see a list of ports on one side and a list of protocols on the other, and you would drag and drop each one to match them up.