Jason Dion - CompTIA Network+ N10-008 Exam Prep #5 Flashcards

1
Q

You are setting up uplink ports for multiple switches to communicate with one another. All of the VLANs (Virtual Local Area Network) should communicate from the designated server switch. Which of the following should be set on the trunk ports if VLAN 1 is not the management VLAN?

A.Spanning Tree Protocol
B.Port Security
C.Neighbor Discovery Protocol
D.Port Tagging

A

D.Port Tagging

OBJ-2.3: The 801.q standard is used to define VLAN tagging (or port tagging) for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames. Traffic should be properly tagged when combined over a single trunk port to ensure they are not sent to the wrong VLAN by mistake. If VLAN tagging is not enabled, all of the VLAN traffic will be sent to the native or default VLAN, VLAN 1. By default, VLAN 1 is enabled and all unused ports are assigned to it. The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that result from them. STP is defined in the IEEE 802.1d standard. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. This defines port security. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server. The Neighbor Discovery Protocol (NDP) is a parr of IPv6 that operates at the data link layer of the OSI Internet model and is responsible for gathering various information required for internet communication, including the configuration of local connections and the domain name servers and gateways used to communicate with more distant systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following requires that all users, whether inside or outside the organization’s network, be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data?

A.Least privilege
B.Zero trust
C.Defense in depth
D.Acceptable use policy

A

B.Zero trust

OBJ-4.1: Zero-trust is a security framework that requires all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data. Least privilege is the concept and practice of restricting access rights for users, accounts, and computing processes to only those resources absolutely required to perform routine, legitimate activities. Privilege itself refers to the authorization to bypass certain security restraints. Defense in Depth is an approach to cybersecurity in which a series of defensive mechanisms are layered in order to protect valuable data and information. An acceptable use policy (AUP) is a set of rules applied by the owner, creator, or administrator of a network, website, or service, that restrict the ways in which the network, website, or system may be used and sets guidelines as to how it should be used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A network technician has configured a point-to-point interface on a router. Once the fiber optic cables have been run, though, the interface will not come up. The technician has cleaned the fiber connectors and used a fiber light meter to confirm that light passes in both directions without excessive loss. Which of the following is MOST likely the cause of this issue?

A.The connection is suffering from EMI (Electromagnetic Interference)
B.The bend radius has been exceeded
C.There is a wavelength mismatch
D.The cable is subject to cross-talk

A

C.There is a wavelength mismatch

OBJ-5.2: Wavelength mismatch occurs when two different transceivers are used at each end of the cable. For example, if one SFP uses a 1310nm transceiver and the other end uses a 850 nm transceiver, they will be unable to communicate properly and the link will remain down. Cross-talk and EMI do not affect fiber optic cables. Electromagnetic interference (EMI) occurs when electrical signals from the local environment outside of the binder are picked up by the copper pairs in a cable and introduce noise. Crosstalk occurs when a signal transmitted on one copper twisted pair in a bundle radiates and potentially interferes with and degrades the transmission on another pair. The bend radius is how sharply a cable can safely bend without causing damage by creating micro cracks on the glass fibers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

You have been asked to recommend a capability to monitor all of the traffic entering and leaving the corporate network’s default gateway. Additionally, the company’s CIO requests to block certain content types before it leaves the network based on operational priorities. Which of the following solution should you recommend to meet these requirements?

A.Install a NIPS (Network-based Intrusion Protection System) on the internal interface and a firewall on the external interface on the router
B.Installation of a NIPS on both the internal and external interfaces of the router
C.Install a firewall on the router’s internal interface and a NIDS (Network-based Intrusion Detection System) on the router’s external interface
D.Configure IP filtering on the internal and external interfaces of the router

A

A.Install a NIPS (Network-based Intrusion Protection System) on the internal interface and a firewall on the external interface on the router

OBJ-2.1: Due to the requirements provided, you should install a NIPS on the gateway router’s internal interface and a firewall on the external interface of the gateway router. The firewall on the external interface will allow the bulk of the malicious inbound traffic to be filtered before reaching the network. Then, the NIPS can be used to inspect the traffic entering the network and provide protection for the network using signature-based or behavior-based analysis. A NIPS is less powerful than a firewall and could easily “fail open” if it is overcome with traffic by being placed on the external interface. The NIPS installed on the internal interface would also allow various content types to be quickly blocked using custom signatures developed by the security team. We wouldn’t want to place the NIPS on the external interface in the correct choice for the same reasons. We also wouldn’t choose to install a NIPS on both the internal and external connections. IP filtering on both interfaces of the router will not provide the ability to monitor the traffic or to block traffic based on content type. Finally, we would not want to rely on a NIDS on the external interface alone since it can only monitor and not provide the content blocking capabilities needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A network technician was tasked to install a network printer and share it with a group of five instructors at Dion Training. The technician plugged the device into a switch port and noticed the link light turned green. Unfortunately, the printer was unable to obtain an IP (Internet Protocol) address automatically. Which of the following is a potential reason for this error?

A.Incorrect DNS (Domain Name System) records
B.Split-horizon is disabled
C.Incorrect TCP port in ACL (Access Control List)
D.DHCP (Dynamic Host Configuration Protocol) scope is exhausted

A

D.DHCP (Dynamic Host Configuration Protocol) scope is exhausted

OBJ-5.5: The DHCP scope is used as a pool of IP addresses that can be assigned automatically. The issue might be that there are no more IP addresses left in the scope, and is therefore exhausted. The Dynamic Host Configuration Protocol (DHCP) uses port 67 and is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client-server architecture. The Domain Name System (DNS) uses port 53 and is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. DNS records are used to bind a domain name to an IP address using static assignments. Split horizon is a method used by distance vector protocols to prevent network routing loops. With split horizon, if a router receives routing information from another router, the first router will not broadcast that information back to the second router, thus preventing routing loops from occurring. An access control list (ACL) is a list of permissions associated with a system resource (object). Since the scenario specifies that the printer was unable to obtain an IP address automatically, it is most likely a DHCP issue.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What access control model will a network switch utilize if it requires multilayer switches to use authentication via RADIUS (Remote Authentication Dial-In User Service) / TACACS+ (Terminal Access Controller Access Control Server)?

A.802.3af
B.802.1x
C.802.1q
D.PKI (Public Key Infrastructure)

A

B.802.1x

OBJ-4.1: 802.1x is the standard that is used for network authentication with RADIUS and TACACS+. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. This defines port security. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS or TACACS+ server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A project manager is tasked with the planning of a new network installation. The customer requires that everything discussed in the meetings is installed and configured when a network engineer arrives onsite. Which document should the project manager provide the customer?

A.Acceptable Use Policy
B.Security Policy
C.Service Level Agreement
D.SOW (Statement of Work)

A

D.Statement of Work

OBJ-3.2: A Statement of Work (SOW) is a document that outlines all the work that is to be performed, as well as the agreed-upon deliverables and timelines. A service-level agreement (SLA) is a written agreement that qualitatively and quantitatively specifies the service committed by a vendor to a customer. Security policy is a definition of what it means to be secure for a system, organization, or other entity. For an organization, it addresses the constraints on the behavior of its members as well as constraints imposed on adversaries by mechanisms such as doors, locks, keys, and walls. An acceptable use policy, acceptable usage policy, or fair use policy, is a set of rules applied by the owner, creator, or administrator of a network, website, or service, that restrict the ways in which the network, website, or system may be used and sets guidelines as to how it should be used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following components is used to describe the structure of a device subsystem using a hierarchical namespace containing all of the variables that may be set or read using SNMP (Simple Network Management Protocol?

A.MIB (Management Information Base)
B.Granular Trap
C.Verbose Trap
D.OID (unique Object IDentifier)

A

A.MIB (Management Information Base)

OBJ-3.1: The Simple Network Management Protocol (SNMP) uses ports 161 and 162, and it is a networking protocol used for the management and monitoring of network-connected devices in Internet Protocol networks. The management information base (MIB) is a translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID). A unique objective identifier (OID) identifies a variable that can be read or set using the SNMP protocol. A trap is an asynchronous notification from the agent to the manager. A trap is sent by the agent to notify the management of a significant event that is occurring in real-time, such as an alarming condition. A granular trap contains a unique object identifier (OID) number and a value for that OID. A verbose trap may contain all the information about a given alert or event as its payload. A verbose trap contains more information and data than a granular trap, and therefore requires more bandwidth to send the verbose trap over the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following is used to capture the logs from different devices across the network to correlate different events across multiple servers and clients?

A.DNS server (Domain Name System)
B.Proxy server
C.DHCP server (Dynamic Host Configuration Protocol)
D.Syslog server (System Logging Protocol)

A

D.Syslog server (System Logging Protocol)

OBJ-3.1: A Syslog server is used to capture logs from different devices. It allows for the correlation of logs to simplify log review and an analyst’s ability to respond to alerts. For example, Syslog messages can be generated by Cisco routers and switches, servers and workstations, and collected in a central database for viewing and analysis. A proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. The Domain Name System (DNS) uses port 53 and is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. The Dynamic Host Configuration Protocol (DHCP) uses port 67 and is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client-server architecture.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Your company has just gotten a new OC-12 (OC-12 is a network line with transmission speeds of up to 622.08 Mbit/s (payload: 601.344 Mbit/s; overhead: 20.736 Mbit/s). OC-12 lines are commonly used by ISPs as wide area network (WAN) connections) installed to support your datacenter. The telecommunications provider has installed the connection from their main offices to your demarcation point. You connect the OC-12 to your network, but you are noticing many dropped packets and errors. You suspect this may be a layer 1 issue. Which of the following tools can you use to help identify the source of the issue on this connection?

A.Use a wire mapping cable tester to validate the integrity of the cable
B.Use an OTDR (Optical Time-Domain Reflectometer) to validate the integrity of the cable
C.Use a spectrum analyzer to determine if the cable is exposed to EMI (Electromagnetic Interference)
D.Use a multimeter to validate the integrity of the cable

A

B.Use an OTDR (Optical Time-Domain Reflectometer) to validate the integrity of the cable

OBJ-5.2: You may not know all the details involved in this question, but that is ok. Start with what you do know. The question talks about an OC-12 connection, which is an optical carrier or fiber optic cable. Based on that, you know the only one of these options has anything to do with a fiber cable, and that is the OTDR (Optical Time-Domain Reflectometer). An optical time-domain reflectometer (OTDR) is an optoelectronic instrument used to characterize an optical fiber. An OTDR injects a series of optical pulses into the fiber under test and extracts, from the same end of the fiber, light that is scattered (Rayleigh backscatter) or reflected back from points along the fiber. The other three options can only be used with copper cables, like UTP, STP, and coaxial cables.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You have been asked to configure a router. Which of the following protocols should you enable to allow the router to determine the path to another network?

A.NTP (Network Time Protocol)
B.BGP (Border Gateway Protocol)
C.STP (Spanning Tree Protocol)
D.RTP (Real-time Transport Protocol)

A

B.BGP (Border Gateway Protocol)

OBJ-2.2: BGP (Border Gateway Protocol) is a protocol that operates at layer 3 of the OSI model. Since the question asks about a router, you need to identify a routing protocol that would enable the router to determine the path to another network using IP (layer 3) information. The other protocols listed are not routing protocols: RTP (Real-time Transport Protocol), NTP (Network Time Protocol), and STP (Spanning Tree Protocol).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A NAC (Network Access Control) service has discovered a virus on a client’s laptop. Where should the laptop be redirected to in order to be remediated?

A.DMZ subnet (DeMilitarized Zone)
B.Honeypot
C.Botnet
D.Quarantine network

A

D.Quarantine network

OBJ-4.1: Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), the user or system authentication, and network security enforcement. When NAC detects an issue with a client, it places them in a quarantine network until the device can be remediated to meet the entry requirements for the given network. A honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems. A botnet is a collection of internet-connected devices infected by malware that allow hackers to control them. A DMZ or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Your college campus has a datacenter in the main building. There is a campus book store is located about 500 meters across the campus that needs to be connected to the datacenter. Which of the following network infrastructure implementations should be used to connect the book store’s network back to the datacenter for all of their data and voice network traffic?

A.Straight-through STP (Shielded Twisted Pair) cable
B.Crossover UTP (Unshielded Twisted Pair) cable
C.Satellite connection
D.SMF (Single-mode fiber optic) cable

A

D.SMF (Single-mode fiber optic) cable

OBJ-1.3: Single-mode fiber optic cables can carry different data and voice signals over long distances without losing any integrity. Therefore, a fiber optic cable would be the best choice for this implementation. You could lease a pair of single-mode fibers from the local telecommunications provider (called dark fiber) since it will already be buried underground, or it is possible the college campus already has their own buried fiber between the different buildings on campus that could be utilized. A crossover unshielded twisted pair cable has a maximum distance of 100 meters. A straight-through shielded twisted pair cable has a maximum distance of 100 meters. A satellite connection works when there is a line of sight between the office and the satellite, but the signal isn’t always reliable or fast enough.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A network technician at a warehouse must implement a solution that will allow a company to track shipments as they enter and leave the facility. The warehouse workers must scan each package as it enters the warehouse using a sensor. Which of the following technologies should they utilize to meet these requirements?

A.NFC (Near Field Communication)
B.Wi-Fi (Wireless Fidelity; IEEE 802.11)
C.Bluetooth (IEEE 802.15.1; Personal Area Network; ISM band 2.402GHz to 2.48GHz)
D.RFID (Radio Frequency IDentification)

A

D.RFID (Radio Frequency IDentification)

OBJ-2.4: Radio-frequency identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. The warehouse could utilize RFID to allow for the accurate scanning of items using radio frequency tracking tags and sending data of up to 2 KB to a sensor at rapid speeds. Bluetooth is a short-range wireless technology standard that is used for exchanging data between fixed and mobile devices over short distances using UHF radio waves in the ISM band from 2.402 GHz to 2.48 GHz and building personal area networks. Bluetooth would not allow the worker to have full coverage throughout the warehouse due to the short distance requirement between a transmitter and receiver. Near-Field Communication (NFC) is a set of communication protocols for communication between two electronic devices over a distance of 4 cm or less. NFC offers a low-speed connection with a simple setup that can be used to bootstrap more capable wireless connections. Wi-Fi is a family of wireless network protocols, based on the IEEE 802.11 family of standards, which are commonly used for local area networking of devices and Internet access, allowing nearby digital devices to exchange data by radio waves. Wi-Fi can provide high speeds and cover a maximum distance of up to 150 meters.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Susan, an executive at Dion Training, will be traveling to Italy for a conference next week. She is worried about remaining connected to the internet while overseas and plans to use the Wi-Fi (Wireless Fidelity; IEEE 802.11) in her hotel room and the local coffee shop with her laptop. Which of the following should she purchase and configure before leaving for Italy to ensure her communications remain secure regardless of where she is connecting from?

A.VPN (Virtual Private Network)
B.Local SIM (Subscriber Identity Module) card for her smartphone
C.International data roaming plan on her cellphone
D.Local mobile hotspot

A

A.VPN (Virtual Private Network)

OBJ-4.4: While WiFi is available almost everywhere these days, it is not safe to use it without first configuring and using a VPN. A Virtual Private Network (VPN) connects the components and resources of two (private) networks over another (public) network. This utilizes an encryption tunnel to protect data being transferred to and from her laptop to the Dion Training servers and other websites. The other options are all focused on connecting her cellphone but would still not be considered safe without a VPN being utilized. A local mobile hotspot should be used to provide internet connectivity to the laptop (if she uses this instead of the hotel and coffee shop WiFi). Still, for best security, it should also use a VPN when using this connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A technician added memory to a router, but the router refuses to recognize the new memory module. The router is then powered down, and the technician relocates all of the memory to different modules. On startup, the router does not boot and displays memory errors. Which of the following is the MOST likely cause of this issue?

A.CMOS (Complementary Metal-Oxide Semiconductor)
B.ESD (Electrostatic Discharge)
C.Driver update
D.VTP (VLAN [Virtual Local Area Network] Trunk Protocol)

A

B.ESD (Electrostatic Discharge)
C.Driver update

OBJ-5.5: The most likely cause is that the memory chips are faulty because they have suffered from electrostatic discharge (ESD) during the chips’ installation and movement. This question references a concept covered in-depth in your A+ curriculum but is considered fair game on the Network+ exam. It is also covered under the objectives for hardware failure on the Network+ exam and the objective for safety procedures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which of the following type of sites would be used if your organization plans to switch to teleworking and remote operations in the event of a disaster?

A.Cloud site
B.Hot site
C.Warm site
D.Cold site

A

A.Cloud site

OBJ-3.3: A cloud site is a virtual recovery site that allows you to create a recovery version of your organization’s enterprise network in the cloud. Cloud sites are useful when your disaster recovery plan includes migrating to a telework or remote operations environment. A hot site is a real-time replication of an existing network environment. All data generated and stored at the primary site is immediately replicated and backed up at the disaster recovery site. A warm site is a type of facility an organization uses to recover its technology infrastructure when its primary data center goes down. A warm site features an equipped data center but no customer data. A cold site is a backup facility with little or no hardware equipment installed. A cold site is essentially an office space with basic utilities such as power, cooling system, air conditioning, and communication equipment, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

You are troubleshooting a network connectivity issue on a student’s workstation at Dion Training. The wireless access point for the DionTraining network is set to not broadcast its network identifier. The student enters DIONTRAINING as the network name, then attempts to connect to this “Open” wireless access point. The student’s classmates have all been able to connect successfully to the network, but this workstation fails to successfully connect. Which of the following issues is indicated by this failure to connect?

A.Incorrect passphrase
B.Encryption protocol mismatch
C.Insufficient wireless coverage
D.Wrong SSID (Secure Set IDentifier)

A

D.Wrong SSID (Secure Set IDentifier)

OBJ-5.4: The service set identifier (SSID) is a natural language name used to identify a wireless network. If a network is manually configured and the incorrect SSID is entered, the device will be unable to connect to the network. In this scenario, the network name (SSID) is DionTraining, but the student entered DIONTRAINING instead. SSIDs are case sensitive, so DionTraining and DIONTRAINING would be considered two different networks. This indicates the wrong SSID was entered. Encryption protocols are used to protect WEP, WPA, and WPA2 wireless networks. WEP wireless networks utilize the RC4 encryption protocol. WPA wireless networks utilize the TKIP encryption protocol. WPA2 wireless networks utilize the AES encryption protocol, but they also can support the TKIP encryption protocol, as well. The network in this scenario was an “Open” network, which indicates it does not require an encryption protocol. If the wrong encryption protocol is used, the wireless client and the wireless access point will be unable to communicate. The passphrase in a wireless network serves as the password or network security key. If the incorrect passphrase was entered, you will receive an error such as “Network security key mismatch” and the wireless device will be unable to communicate with the wireless access point. The received signal strength indication (RSSI) is an estimated measure of the power level that a radio frequency client device is receiving from a wireless access point. If the RSSI is -90dB to -100dB, this indicates an extremely weak connection and insufficient wireless coverage in which the area the device is operating.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

During what period should all scheduled work on production network equipment be conducted?

A.Downtime
B.Business hours
C.Maintenance window
D.Development life cycle

A

C.Maintenance window

OBJ-3.2: By using a maintenance window, all downtime is limited and the organization can prepare in advance for the scheduled work to be carried out. You should schedule maintenance windows outside of normal business hours since they will usually result in downtime.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

A network technician needs to install a server to authenticate remote users before accessing corporate network resources when working from home. Which kind of server should the network technician implement?

A.VLAN (Virtual Local Area Network)
B.DNSSEC (Domain Name System Security Extensions)
C.RAS (Remote Access Server)
D.PPP (Point-to-Point Protocol)

A

C.RAS (Remote Access Server)

OBJ-4.4: A remote access server (RAS) or remote desktop gateway is a type of server that provides a suite of services to connect users to a network or the Internet remotely. The Domain Name System Security Extensions (DNSSEC) is a suite of extension specifications by the Internet Engineering Task Force for securing data exchanged in the Domain Name System in Internet Protocol networks. Point-to-Point Protocol (PPP) is a TCP/IP protocol that is used to connect one computer system to another. Computers use PPP to communicate over the telephone network or the Internet. A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Jason is conducting a security audit of Dion Training’s VPN concentrator. As he reviews the connection logs, he notices a teleworking employee is connected to the company’s VPN with an unexpected source IP address that is located in California. Jason knows that none of the employees work from California, though. What might the employee be using that is causing their IP address to be located in California?

A.Voice Gateway
B.WLAN controller (Wireless Local Area Network)
C.Proxy server
D.ICS/SCADA SCADA/ICS (Supervisory Control and Data Acquisition / Industrial Control Systems)

A

C.Proxy server

OBJ-2.1: A proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. For example, if the employee is located in Florida but is connected to a proxy server in California, all of their network traffic will go from Florida to California, and then to the final destination. In this example, the final destination was the VPN concentrator for Dion Training, so the California IP address is entered into the VPN concentrator’s logs. ICS (industrial control systems) and SCADA (supervisory control and data acquisition systems) are devices and network systems that are used to monitor and manage the manufacturing or industrial process assets of an organization. A wireless LAN controller is used in combination with the Lightweight Access Point Protocol to manage light-weight access points in large quantities by the network administrator or network operations center. The voice gateway is used to connect the enterprise VoIP network with the telecommunications provider, using a number of different connectivity methods, such as PSTN, ISDN, and SIP. ICS/SCADA, WLAN controllers, and voice gateways would not change the IP address of the requesting client as it attempts to connect to the company’s VPN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Your company just moved into a beautiful new building. The building has been built with large glass windows covering most of the walls and ceiling to provide natural light throughout the offices. You have noticed that your cell phone gets poor cellular connectivity when inside the building. What is the MOST likely cause of the poor cellular reception within the building?

A.Frequency mismatch
B.Reflection
C.Channel overlap
D.Absorption

A

B.Reflection

OBJ-5.4: A cellular signal is comprised of radio waves, just like 802.11 wireless networks. Just like light, radio waves can bounce off of certain surfaces and materials. Metal and glass are considered highly reflective materials which can cause poor cellular service and connectivity within office buildings that use intricately designed glass walls and ceilings. If a large amount of reflection occurs, signals can be weakened and cause interference at the receiver’s device. In addition to reflection, some of the radio waves can also pass through the glass and refract into different directions of travel. Both reflection and refraction can decrease the signal strength between the transmitter and the receiver. Absorption occurs when the radio waves attempt to pass through dense material, such as a concrete wall. The scenario was focused on the building’s construction and did not mention anything in terms of the frequency or channels used by the cellular devices, therefore it is unlikely to be a frequency mismatch or channel overlap causing the signal strength issues in this scenario.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which of the following describes a design where traffic is shared between multiple network servers to provide greater throughput and reliability?

A.VLAN tagging (Virtual Local Area Network)
B.Multiplexing
C.MPLS trunking (Multi-Protocol Label Switching)
D.Load balancing

A

D.Load balancing

OBJ-3.3: Load balancing is a technique used to spread work across multiple computers, network links, or other devices. Multiprotocol Label Switching is a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses, thus avoiding complex lookups in a routing table and speeding traffic flows. VLAN tagging is used to keep traffic from different networks separate when traversing shared links and devices within a network topology. Multiplexing is the technology that is able to combine multiple communication signals together in order for them to traverse an otherwise single signal communication medium simultaneously.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

You have been asked to connect a new computer to a 100BaseTX network switch on switchport 3. Which type of cable should you utilize?

A.Rollover
B.Straight-through
C.Crossover
D.Coaxial

A

B.Straight-through

OBJ-1.3: Straight-through cables are used to connect a computer to a hub or switch. A crossover cable would be used if you needed to connect a computer to a computer in a peer-to-peer network, or if you needed to connect two switches together that didn’t support MDIX. Rollover or console cables are used to connect a computer to a console port on a router in order to configure the device. A coaxial cable is usually used to connect a cable modem.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Which of the following should be considered when troubleshooting the coverage and signal strength of an 802.11n wireless local area network?

A.Temperature
B.Humidity
C.Malware
D.Building materials in the area

A

D.Building materials in the area

OBJ-5.4: Some building materials are denser than others. The denser the object, the more signal absorption will occur. For an optimal signal, a line of sight of 50 feet or less is recommended. An 802.11n network can reach a maximum of 150 feet indoors and 300 feet outdoors with a clear line of sight. Temperature and humidity do play a small role in the amount of absorption of a radio frequency signal, but nowhere near as important as the building materials used in the area. For example, if you are deploying a wireless network within an office that contains interior concrete walls, you will need additional power and repeaters to fully cover the same space as a single wireless access point operating in an open floorplan office building.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Thomas has a server that streams media to the local network, and the device is currently visible on the network. All of the workstations on the LAN can ping the device, and all the firewalls are currently turned off. The goal is for the streaming media server to allow different workstations to watch the stream if they choose to subscribe to it. The streaming device appears to be functioning properly, but the media won’t stream when requested. Which of the following TCP/IP (Transmission Control Protocol/Internet Protocol) technologies is MOST likely not implemented properly?

A.Multicast
B.Unicast
C.Anycast
D.Broadcast

A

A.Multicast

OBJ-1.4: Multicast is a TCP/IP technology that sends out the packets to the requested devices when streaming to multiple workstations from a single streaming media server. As opposed to broadcast (one-to-all), which sends out packets to all devices, multicast (one-to-many-of-many/many-to-many-of-many) only sends packets to the clients that specifically requested to be a part of the distribution and not just every client on the network. Multicast requires the proper implementation and configuration to route the traffic to the right devices on the LAN so that streaming can properly function. Multicast works with IPv4 or IPv6. Unicast communication only has one sender and one receiver. Unicast works with IPv4 or IPv6. Broadcast communication has one sender, but it sends the traffic to every device on the network. Broadcast only works with IPv4. Anycast communications are sent to the nearest receiver in a group of receivers with the same IP. Anycast only works with IPv6.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Which of the following types of telecommunication links is used to provide high-speed internet service to anywhere on the planet by using ground stations and space-based assets?

A.Leased line
B.Satellite
C.DSL (Digital Subscriber Line)
D.Cable

A

B.Satellite

OBJ-1.2: A satellite connection is a wireless connection spread across multiple satellite dishes located both on earth and in space that provides remote areas with valuable access to core networks. A digital subscriber line (DSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connection to the Internet. Data Over Cable Service Interface Specification (DOCSIS) is used to connect a client’s local area network to a high-bandwidth internet service provider over an existing coaxial cable TV system. A leased line is a private telecommunications circuit between two or more locations provided according to a commercial contract, normally over a fiber-optic connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Your company’s corporate headquarters provided your branch office a portion of their Class C subnet to use at a new office location. You must allocate the minimum number of addresses using CIDR (Classless Inter-Domain Routing or supernetting) notation in order to accommodate each department’s needs. What is the correct CIDR notation for the Marketing department’s subnet which requires 11 devices?

A./27
B./26
C./29
D./30
E./28
F./25

A

E./28

OBJ-1.4: Since the Marketing department needs 11 devices plus a network ID and broadcast IP, it will require 13 IP addresses. The smallest subnet that can fit 13 IPs is a /28 (16 IPs). A /28 will borrow 4 host bits and assign those to the network portion of the subnet mask. This would create a subnet with 2^4 available host IP addresses, or 16 total IP addresses. Of the 16 IP addresses, there are 14 available for clients to use, one for the network ID, and one for the broadcast address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

You are working at the demarcation point between your network and the telecommunication service provider’s network. Which of the following devices serves as the demarcation point between the two networks?

A.mGRE (Multipoint GRE [Generic Routing Encapsulation])
B.FCoE (Fibre Channel over Ethernet)
C.vNIC (Virtual NIC [Network Interface Controller])
D.Smartjack (intelligent network interface device)

A

D.Smartjack

OBJ-1.2: A smartjack is an intelligent network interface device (NID) that serves as the demarcation point between the telecommunication service provider’s local loop and the customer’s premise wiring. A smartjack provides more than just a termination for the connection of the wiring, but also may provide signal conversion, converting codes, and protocols to the type needed by the customer’s equipment, as well as diagnostic capabilities. Multipoint GRE (mGRE) is a protocol that can be used to enable one node to communicate with many nodes by encapsulating layer 3 protocols to create tunnels over another network. The mGRE protocol is often used in Dynamic Multipoint VPN (DMVPN) connections. Fibre Channel over Ethernet (FCoE) is a computer network technology that encapsulates Fibre Channel frames over Ethernet networks. FCoE is commonly used in storage area networks internally to an organization’s enterprise network. A virtual network interface (vNIC) is an abstract virtualized representation of a computer network interface that may or may not correspond directly to a network interface controller.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

A wireless technician wants to configure a wireless network to identify itself to visitors by including the word “Guest” in the name. This wireless network needs to provide coverage to the entire building and requires 3 wireless access points to accomplish this coverage level. What would allow users to identify the wireless network by its displayed name as a single network?

A.ESSID broadcast (Extended Service Set IDentifier)
B.ARP broadcast (Address Resolution Protocol)
C.DHCP broadcast (Dynamic Host Configuration Protocol)
D.BSSID broadcast (Basic Service Set IDentifier)

A

A.ESSID broadcast (Extended Service Set IDentifier)

OBJ-2.4: With an ESSID (Extended Service Set), a wireless network can utilize multiple wireless access points to broadcast a single network name for access by the clients. A BSSID (Basic Service Set) can only utilize a single access point in each wireless network. An ARP broadcast sends a request packet to all the machines on the LAN and asks if any of the machines know they are using that particular IP address. A DHCP broadcast is used by a client to discover a DHCP server and negotiate a DHCP address. Both ARP and DHCP broadcasts occur once a client is connected to a wireless network and do not provide a network name like ESSID and BSSID do.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What anti-malware solution is installed as a dedicated on-premise appliance to scan all incoming traffic and prevent malware from being installed on any of your clients without requiring the installation of any software on your clients?

A.Cloud-based anti-malware
B.Signature-based anti-malware
C.Host-based anti-malware
D.Network-based anti-malware

A

D.Network-based anti-malware

OBJ-2.1: The network-based anti-malware can help prevent malware attacks by scanning all incoming data to prevent malware from being installed and infecting a computer. Network-based anti-malware solutions can be installed as a rack-mounted, in-line network appliance in your company’s on-premise datacenter to protect every client and server on the network without having to install software on each of the clients. Network-based anti-malware solutions often come as part of a unified threat management (UTM) appliance. Cloud antivirus is a programmatic solution that offloads antivirus workloads to a cloud-based server, rather than bogging down a user’s computer with a complete antivirus suite. Cloud-based solutions do not use on-premise appliances as part of their installation. Host-based anti-malware relies upon the installation of an agent to detect threats such as viruses, spam, and rootkits to protect the client it is installed upon. Host-based malware often uses signatures to detect and remove malicious code. Signature-based anti-malware is a generic category of malware that may be implemented through host-based, network-based, or cloud-based anti-malware solutions. Anti-malware either operates using signature-based detection, behavioral-based detection, or heuristic-based detection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

You have been contracted by Dion Training to conduct a penetration test against its Learning Management System (LMS). The LMS is a web application that is hosted in the organization’s DMZ (DeMilitarized Zone). Which of the following appliance allow lists should the organization add your source IP (Internet Protocol)in before the engagement begins?

A.DLP (Network Data Loss Prevention)
B.HIDS (Host-based Intrusion Detection System)
C.WAF (Web Application Firewall)
D.NIDS (Network-based Intrusion Detection System)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

A home user ran a bandwidth speed test from their laptop and receive the following results: Ping: 53ms Download speed: 33.3 Mbps Upload speed: 10.2 Mbps Which of the following is the best interpretation of these results?

A.The laptop took 53ms to complete the bandwidth speed test
B.The laptop downloaded 33.3 MB of data and uploaded 102. Mb of data
C.The website downloaded data at 33.3 Mbps and uploaded data at 10.2 Mbps
D.The laptop received data at 33.3 Mbps and sent data at 10.2 Mbps

A

D.The laptop received data at 33.3 Mbps and sent data at 10.2 Mbps

OBJ-5.3: This connection appears to be an asymmetric connection, like a cable modem or aDSL, since the download and upload speeds do not match. According to the bandwidth speed test results, the laptop received data at 33.3 Mbps when receiving the test file and uploaded the test file back to the server at a speed of 10.2 Mbps. The laptop had a latency of 53ms during the test, which is indicated by the ping test conducted as part of the bandwidth speed test. During a bandwidth speed test, the laptop will first conduct a ping test to the server to measure the latency of the connection. Next, the laptop will download a sample file from the server and then upload that same file back to the server. During the download and upload, the server measures the time it took to accurately calculate the throughput of the connection between the laptop and the server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

A network technician is responsible for the basic security of the network. Management has asked if there is a way to improve the level of access users have to the company file server. Right now, any employee can upload and download files with basic system authentication (username and password). What should he configure to increase security?

A.Single sign-on authentication
B.Kerberos authentication
C.Federated authentication
D.Multi-factor authentication

A

D.Multi-factor authentication

OBJ-4.1: This security approach provides a defense layer that makes it difficult for unauthorized users to break into a system. It provides multiple factors that a user must know to obtain access. For instance, if one factor is successfully broken, there will be few others that the individual attempting to enter the system must overcome. Multi-factor authentication is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism: knowledge, possession, inherence, location, or actions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Which protocol is used to establish a secure and encrypted VPN (Virtual Private Network) tunnel that can be initiated through a web browser?

A.SSL (Secure Sockets Layer)
B.PPP (Point-to-Point Protocol)
C.PPTP (Point-to-Point Tunneling Protocol)
D.IPsec (Internet Protocol Security)

A

A.SSL (Secure Sockets Layer)

OBJ-4.4: An SSL VPN is a type of virtual private network that uses the Secure Sockets Layer protocol in a standard web browser to provide secure, remote-access VPN capability. In modern browsers and servers, it is more common to use TLS (transport layer security) which is the successor to SSL. Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network and is used heavily in virtual private networks, but not with web browser initiated ones. The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks. Point-to-Point Protocol (PPP) is a TCP/IP protocol that is used to connect one computer system to another.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

A cybersecurity analyst wants to install a network appliance to conduct packet capturing of the network traffic between the router and the firewall on the network. The device should not be installed in-line with the network, so it must receive a copy of all traffic flowing to or from the firewall. Which of the following tools is required to meet these requirements?

A.Fusion splicer
B.Network tap
C.Tone generator
D.Fiber light meter

A

B.Network tap

OBJ-5.2: A network tap is used to create a physical connection to the network that sends a copy of every packet received to a monitoring device for capture and analysis. A fusion splicer is used to create long fiber optic cable lengths by splicing multiple cables together or to repair a break in a fiber optic cable. A fiber light meter, also known as an optical power meter, is used to measure the power in an optical signal over a fiber optic cable. A fiber light meter could be used to test if the cable is broken, but it would not be able to determine where the break in the fiber cable is located. A tone generator is used with a toner probe to accurately identify the location of a cable pair or conductor within a wiring bundle, cross-connection point, or at the remote end. A tone generator is used with copper cables, not fiber optic cables.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

A network technician believes that a network appliance is suffering from extremely slow performance. A technician is troubleshooting the issue using a performance monitoring tool and receives the following results:

Avg % Processor Time = 10%
Avg Pages/Seconds = 0
Avg Disk Queue LEngth = 3

Based on the results, what might be causing this network appliance’s performance bottleneck?

A.Memory
B.Processor
C.NIC (Network Interface Controller)
D.Hard drive

A

D.Hard drive

OBJ-5.5: Based on the results, the hard drive (disk queue) is causing the performance bottleneck. Since the average processor is not over 50%, the pages/second (memory) is not heavily burdened, nor do we have any information or statistics about the NIC. Whenever the system is queuing data to the hard drive, it slows down the network appliance’s performance since the hard disk is much slower than the processor and onboard memory.

38
Q

Which of the following types of hosting would an organization use if they wanted to maintain their own datacenter in their worldwide headquarters?

A.Collocation
B.Cloud
C.On-premise
D.Branch office

A

C.On-premise

OBJ-1.7: If you use an on-premise data center, then you are using a traditional, private data infrastructure where your organization has its own datacenter that houses all of its servers and networking equipment that will support its operations. A branch office is a smaller office that connects back to an on-premise solution or maintains their own smaller version of an on-premise solution. In a colocation arrangement, your organization would place their servers and network equipment in a data center environment owned by another company. Essentially, you would rent space in their datacenter instead of having to build your own. Cloud hosting relies upon a cloud service provider to provide the hardware and infrastructure for an organization’s virtualized datacenter needs.

39
Q

Dion Training has just installed a brand new email server. Which of the following DNS (Domain Name System) records would need to be created to allow the new server to receive email on behalf of diontraining.com?

A.CNAME (Canonical Name)
B.A (indicates the IPv4 address of a given domain)
C.MX (Mail Exchange)
D.PTR (PoinTer Record)

A

MX (Mail Exchange)

OBJ-1.6: An MX record is used for outgoing (SMTP) and incoming (POP3/IMAP) traffic. An A record associates your domain name with an IPv4 address. An AAAA record associates your domain name with an IPv6 address. A CNAME record is a canonical name or alias name, which associates one domain name as an alias of another (like beta.diontraining.com and www.diontraining.com could refer to the same website using a CNAME).

40
Q

Which device actively defends the network by detecting threats and shutting down ports or changing configurations to prevent attacks?

A.IDS (Intrusion Detection System)
B.IPS (Intrusion Protection System)
C.Honeypot
D.Firewall

A

B.IPS (Intrusion Protection System)

OBJ-2.1: Intrusion Protection Systems (IPS) can reconfigure themselves based on the threats experienced. Firewalls maintain a static configuration and cannot change their configurations automatically. An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. An IDS can detect a threat, but it cannot react or change configurations based on those threats like an IPS can. A honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems. A honeypot is a single machine and cannot actively defend the entire network as it is not an inline device like an IPS.

41
Q

Which of the following levels would a notice condition generate?

A.7
B.5
C.1
D.3

A

B.5

OBJ-3.1: The severity levels range from zero to seven, with zero being the most severe and seven being the least severe. Level 0 is used for an emergency and is considered the most severe condition because the system has become unstable. Level 1 is used for an alert condition and means that there is a condition that should be corrected immediately. Level 2 is used for a critical condition, and it means that there is a failure in the system’s primary application and it requires immediate attention. Level 3 is used for an error condition, and it means that something is happening to the system that is preventing the proper function. Level 4 is used for warning conditions and it may indicate that an error will occur if action is not taken soon. Level 5 is used for notice conditions and it means that the events are unusual, but they are not error conditions. Level 6 is used for information conditions and it is a normal operational message that requires no action. Level 7 is used for debugging conditions and is just information that is useful to developers as they are debugging their networks and applications.

42
Q

Which of the following must be combined with a threat to create risk?

A.Malicious actor
B.Exploit
C.Mitigation
D.Vulnerability

A

D.Vulnerability

OBJ-4.1: A risk results from the combination of a threat and a vulnerability. A vulnerability is a weakness in a device, system, application, or process that might allow an attack to take place. A threat is an outside force that may exploit a vulnerability. Remember, a vulnerability is something internal to your organization’s security goals. Therefore, you can control, mitigate, or remediate a vulnerability. A threat is external to your organization’s security goals. A threat could be a malicious actor, a software exploit, a natural disaster, or other external factors. In the case of an insider threat, they are considered an external factor for threats and vulnerabilities since their goals lie outside your organization’s security goals.

43
Q

Which of the following protocols is considered an external routing protocol?

A.EIGRP (Enhanced Interior Gateway Routing Protocol)
B.OSPF (Open Shortest Path First)
C.RIP (Routing Information Protocol)
D.BGP (Border Gateway Protocol)

A

D.BGP (Border Gateway Protocol)

OBJ-2.2: Border Gateway Protocol is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems on the Internet. The Routing Information Protocol (RIP) is an Interior Gateway Protocol (IGP) designed to distribute routing information within an Autonomous System (AS). Open Shortest Path First (OSPF) is an Interior Gateway Protocol (IGP) designed as a link-state routing protocol and is based on the Shortest Path First (SPF) algorithm. Enhanced Interior Gateway Routing Protocol (EIGRP) is an Interior Gateway Protocol (IGP) designed as an advanced distance-vector routing protocol used on a computer network for automating routing decisions and configuration.

44
Q

A company utilizes a patching server to update its PCs (Personal Computer) regularly. After the latest patch deployment, all of the older PCs with non-gigabit Ethernet cards become disconnected from the network and now require a technician to fix the issue locally at each PC. What could be done to prevent this problem next time?

A.Disable automatic driver updates to PCs (Personal Computers) from the patching server
B.Throttle the connection speed of the patching server to match older PCs
C.Require the patching server to update the oldest PCs off-hours
D.Enable automatic rebooting of the PCs after patching is completed

A

A.Disable automatic driver updates to PCs (Personal Computers) from the patching server

OBJ-4.3: The most likely cause of this issue was a forced driver update being pushed from the update server to the older PCs, breaking their ability to use their network cards. It is best to disable automatic driver updates for PCs from the patching server by default and instead test them individually first.

45
Q

Which of the following components is used by an agent to send a single key-pair value about a significant event or condition that is occurring in real-time to a manager?

A.MIB (Management Information Base)
B.Granular trap
C.OID (unique Object IDentifier)
D.Verbose trap

A

B.Granular trap

OBJ-3.1: The Simple Network Management Protocol (SNMP) uses ports 161 and 162, and it is a networking protocol used for the management and monitoring of network-connected devices in Internet Protocol networks. A trap is an asynchronous notification from the agent to the manager. A trap is sent by the agent to notify the management of a significant event that is occurring in real-time, such as an alarming condition. A granular trap contains a unique object identifier (OID) number and a value for that OID. A verbose trap may contain all the information about a given alert or event as its payload. A verbose trap contains more information and data than a granular trap, and therefore requires more bandwidth to send the verbose trap over the network. A unique objective identifier (OID) identifies a variable that can be read or set using the SNMP protocol. The management information base (MIB) is a translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID).

46
Q

Which of the following commands is used to display the statistics for a given switchport on a Cisco switch?

A.show config
B.show route
C.show diagnostic
D.show interface

A

D.show interface

OBJ-5.3: The “show interface” command is used on a Cisco networking device to display the statistics for a given network interface. The “show configuration” command is used on a Cisco networking device to display the device’s current configuration. The “show route” command is used on a Cisco networking device to display the current state of the routing table for a given network device. The “show diagnostic” command is used on a Cisco networking device to display details about the hardware and software on each node in a networked device.

47
Q

An administrator has configured a new 250 Mbps WAN circuit, but a bandwidth speed test shows poor performance when downloading larger files. The download initially reaches close to 250 Mbps but then begins to drop and show spikes in the download speeds over time. The administrator checks the interface on the router and sees the following: DIONRTR01# show interface eth 1/1 GigabitEthernet 1/1 is up, line protocol is up Hardware is GigabitEthernet, address is 000F.33CC.F13A Configured speed auto, actual 1Gbit, configured duplex auto, actual hdx Member of L2 VLAN 100, port is tagged, port state is forwarding Which of the following actions should be taken to improve the network performance for this WAN connection?

A.Shutdown and then re-enable this interface
B.Configure the interface to use full-duplex
C.Remove the 802.1q tag and reassign it to the default VLAN (Virtual Local Area Network)
D.Replace eth1/1 with the 10GBase-SX transceiver

A

B.Configure the interface to use full-duplex

OBJ-5.2: The interface is set to auto for duplexing, but it has only negotiated a half-duplex (hex) connection. For interfaces on a switch or router, the full-duplex (fdx) setting should be used to increase the throughput of the interface. If the interface is using half-duplex (hdx), then the bandwidth is split in half. Therefore, the issue is caused by the negotiated duplex setting and should be manually configured. The WAN interface (etc 1/1) is tagged and a member of VLAN 100, and there is no indication in the question that this is the incorrect VLAN or that it needs to be changed. Moving the WAN interface to the default VLAN can cause a decrease in performance since the default VLAN may be overloaded or oversubscribed. It is a best practice to not put devices into the default VLAN. The configuration shows that the interface is already using a GigabitEthernet, so you do not need to replace the transceiver with a 10GBase-SX module since the WAN connection only requires 250 Mbps. The physical layer is working properly and a link is established, as shown by the output “GigabitEthernet 1/1 is up”, showing the current transceiver is functioning properly at 1 Gbps. While issuing the shutdown command and then re-enabling the interface could clear any errors, based on the interface status shown we have no indications that errors are being detected or reported.

48
Q

You have just replaced the edge switch on the second floor of Dion Training. After you finish, a user states they can no longer access the network but everything was working fine yesterday before you replaced the switch. The user’s coworkers claim their computers are able to access the network without any issues. You check the back of the user’s workstation and you do not see any LED (Light-Emitting Diode) lights lit or blinking on their network interface card. Which of the following should you check next to solve this issue?

A.Verify the Network Interface Card is operating properly
B.Verify the switch is connected to the router
C.Verify the network cable is attached to the new switch
D.Verify the device is using the correct cable type

A

C.Verify the network cable is attached to the new switch

OBJ-5.2: Since the workstation was working yesterday, it shouldn’t fail just because you upgraded the switch. You should first double-check what changed. In this case, you unplugged the old switch and replaced it with the new switch. If you didn’t fully plug the patch cables back into the new switch after the upgrade, this would lead to no LED lights being lit on the workstation’s NIC. Similarly, if you recently moved a workstation, you would want to double-check the cable connection on the workstation itself. Based on the symptoms, this is most likely a layer 1 (physical layer) issue. You should first question the obvious and what has changed before any of the other options.

49
Q

Which of the following network performance metrics is used to represent the actual measure of how much data is successfully transferred from a source to a destination in a given amount of time?

A.Jitter
B.Bandwidth
C.Latency
D.Throughput

A

D.Throughput

OBJ-3.2: Throughput is an actual measure of how much data is successfully transferred from the source to a destination. Bandwidth is the maximum rate of data transfer across a given network. Now, bandwidth is more of a theoretical concept that measures how much data could be transferred from a source to a destination under ideal conditions. Therefore, we often measure throughput, instead of bandwidth, to monitor our network performance. Latency is the measure of time that it takes for data to reach its destination across a network. Usually, we measure network latency as the round-trip time from a workstation to the distant end and back. Jitter is a network condition that occurs when a time delay in the sending of data packets over a network connection occurs. Jitter is a big problem for any real-time applications you may be supporting on your networks, like video conferences, voice-over IP, and virtual desktop infrastructure clients.

50
Q

What is BEST used to perform a one-time temporary posture assessment in a NAC (Network Access Control) environment?

A.Non-persistent agent
B.Host-based firewall
C.Intrusion prevention system
D.Antivirus

A

A.Non-persistent agent

OBJ-4.1: A non-persistent agent is used to access the device during a one-time check-in at login. A persistent agent is agent software that resides on the client making the connection, and a non-persistent agent is software the client runs (usually from a browser) as they are connecting so the agent can perform the checks, but the software does not permanently stay with the client after they disconnect. This is beneficial in BYOD (Bring Your Own Device) policies.

51
Q

Your company’s security policy states that its workstations must hide their internal IP addresses whenever they make a network request across the WAN (Wide Area Network). You have been asked to recommend a technology that would BEST implement this policy. Which of the following is the BEST solution for you to recommend?

A.NAT (Network Address Translation)
B.DMZ (DeMilitarized Zone)
C.VPN (Virtual Private Network)
D.OSPF (Open Shortest Path First)

A

A.NAT (Network Address Translation)

OBJ-1.4: Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. Using NAT, you can have the internal IP address of each workstation mapped to a public IP address or port when it crosses the router to access the WAN. A DMZ or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet. A virtual private network extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol (IGP).

52
Q

You are investigating a network connectivity issue that is affecting two of your network clients. When you check the switchports of these clients, you observe that the switchports’ physical interfaces are continually going up and down. Which of the following is the most likely reason for the flapping of the switchports you are observing?

A.Collisions
B.Multicast flooding
C.Asymmetrical routing
D.Duplicate MAC (Media Access Control) address

A

D.Duplicate MAC (Media Access Control) address

OBJ-5.5: A duplicate MAC address occurs when two or more devices are responding to data requests as if they are the only device on the network with that physical address. One indication of this occurring is when a switch continually changes the port assignments for that address as it updates its content-addressable memory (CAM) table to reflect the physical address and switchport bindings. This will cause the switchports to continually flap by going up and down as the assignments are updated within the CAM table. Multicast flooding occurs because no specific host is associated with the multicast MAC address in the content-addressable memory (CAM) table of a switch. Asymmetric routing is when network packets leave via one path and return via a different path (unlike symmetric routing, in which packets come and go using the same path). A collision is the result of two devices on the same Ethernet network attempting to transmit data at the exact same time. Collisions are a common occurrence in half-duplex networks but should not occur in a full-duplex switched environment.

53
Q

A technician is installing a network firewall and would like to block all WAN to LAN traffic that is using ports other than the default ports for internet and email connectivity. What rule should the technician verify FIRST?

A.A DMZ has been created
B.All outbound traffic is blocked
C.All inbound traffic is blocked
D.An implicit deny is enabled

A

D.An implicit deny is enabled

OBJ-4.3: An implicit deny is when a user or group is not granted a specific permission in the security settings of an object, but they are not explicitly denied either. In the firewall ACL rule set, it is common to add “DENY ANY ANY” as the final rule in an ACL to act as an implicit deny. Then, any allow or permit rules will be added above this line in the ACL, such as the ACL rules for internet and email connectivity required by this question. For example, “PERMIT TCP ANY ANY EQ WWW” would allow any IP address to enter or leave the network if it is operating over port 80 to allow internet connectivity. Some firewalls support implicit deny by default, meaning that even if you do not put the “DENY ANY ANY” rule at the end of the ACL it will act as if it is there.

54
Q

Jason just got into his car and paired his smartphone to his car’s stereo. Which of the following types of networks was just created?

A.PAN (Personal Area Network)
B.WAN (Wide Area Network)
C.MAN (Metro Area Network aka Metro-E)
D.LAN (Local Area Network)

A

A.PAN (Personal Area Network)

OBJ-1.2: A personal area network (PAN) is centered around a short distance, usually around a person or up to a few meters. PANs are heavily used with Bluetooth and NFC. A local area network (LAN) connects computers within a small and specific area geographically. A metropolitan area network (MAN) is confined to a specific town, city, or region. It covers a larger area than a LAN but a smaller area than a WAN. A wide area network (WAN) will typically cover a larger area geographically, such as a continent, a state, or a country.

55
Q

Which of the following technologies allows an administrator to create virtual machines by abstracting the operating system and applications from the underlying hardware?

A.FCoE (Fibre Channel over Ethernet)
B.Hypervisor
C.vNIC (Virtual NIC [Network Interface Controller])
D.vSwitch (Virtual Switch)

A

B.Hypervisor

BJ-1.2: A hypervisor is hardware, software, or firmware capable of creating virtual machines and then managing and allocating resources to them. A hypervisor is a function that abstracts the operating system and applications from the underlying computer hardware. A virtual network interface (vNIC) is an abstract virtualized representation of a computer network interface that may or may not correspond directly to a network interface controller. A virtual switch (vSwitch) is a software application that allows communication between virtual machines by intelligently directing the communication on a network and checking data packets before moving them to a destination. Fibre Channel over Ethernet (FCoE) is a computer network technology that encapsulates Fibre Channel frames over Ethernet networks.

56
Q

A network engineer has been tasked with designing a network for a new branch office with approximately 50 network devices. This branch office will connect to the other offices via a MAN and using a router as their gateway device. Many of the other branch offices use off-the-shelf SOHO equipment. It is a requirement that the routing protocol chosen use the least amount of overhead. Additionally, all the computers on the network will be part of a single VLAN (Virtual Local Area Network). The connection between these computers should produce the highest throughput possible in the most cost-effective manner. Which routing protocol should be used with the gateway router and what device should you select to connect the computers within the branch office?

A.EIGRP (Enhanced Interior Gateway Routing Protocol) as the routing protocol; connect the computers with a 802.11 MIMO (Multiple-Input and Multiple-Output) access point
B.RIPv2 (Routing Information Protocol version 2 is a distance-vector, interior gateway (IGP) routing protocol used by routers to exchange routing information) as the routing protocol; connect the computers with a Gigabit Layer 2 switch
C.BGP (Border Gateway Protocol) as the routing protocol; connect the computers with a 1 Gb Fibre Channel
D.OSPF (Open Shortest Path First) as the routing protocol; connect the computers with a Gigabit Layer 3 switch

A

B.RIPv2 (Routing Information Protocol version 2 is a distance-vector, interior gateway (IGP) routing protocol used by routers to exchange routing information) as the routing protocol; connect the computers with a Gigabit Layer 2 switch

OBJ-2.2: RIPv2 is a classless, distance vector routing protocol that will include the subnet mask with the network addresses in its routing updates. RIPv2 has the least overhead of the four routing protocol options presented in this question. If you were not sure about this, you could look at answer the second half of the question concerning the interconnection of the computers within the branch office instead and try to eliminate some of the wrong options. Due to the requirement of using the highest throughput, you can eliminate the 802.11n MIMO access point as it will have a maximum throughput of 600 Mbps and the other options are all 1000 Mbps/1Gbps. You can also eliminate the Fibre Channel switch, since Fibre Channel is a high-speed data transfer protocol that provides in-order, lossless delivery of raw block data used to connect computers and servers to storage devices in a storage area network (SAN). At this point, you would have to choose between the layer 2 or layer 3 gigabit switch which are fairly equivalent for the purposes of this question but at least you have increased your odds of guessing the right answer from 25% to 50% by eliminating two wrong answer choices.

57
Q

You are conducting a port scan of an older server on your network to determine what services are being run on it. You find that ports 80 and 443 are open, but ports 20 and 21 are reported as closed. All other ports are reported as FILTERED. Based on this report, what can you determine about the server?

A.The service is running an FTP (File Transfer Protocol) server and it is denying any other server requests
B.The server is offline and not responding
C.The server is behind a firewall and is blocked from receiving any traffic
D.The server is running as a webserver and is denying any other service requests

A

D.The server is running as a webserver and is denying any other service requests

OBJ-5.3: When a port scanner returns a result of CLOSED, it means the service denies the inbound traffic on that port. In this case, it denies FTP traffic on ports 20 and 21. This server runs a web server (port 80 and 443), but those are showing as OPEN and receiving traffic. The network firewall is blocking all the FILTERED ports.

58
Q

Which of the following technologies allows two or more links to pass network traffic as if they were one physical link?

A.SLAAC (Stateless Address Auto Configuration)
B.LACP (Link Aggregation Control Protocol)
C.STP (Shielded Twisted Pair)
D.PoE (Power over Ethernet)

A

B.LACP (Link Aggregation Control Protocol)

OBJ-2.3: The Link Aggregation Control Protocol (LACP) enables you to assign multiple physical links to a logical interface that will appear as a single link to a route processor. LACP is used to combine multiple network connections in parallel to increase throughput beyond what a single connection could sustain and to provide redundancy in case one of the links should fail. LACP is defined in the IEEE 802.3ad standard. The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that result from them. STP is defined in the IEEE 802.1d standard. Power over Ethernet (POE) is a technology that lets network cables carry electrical power. POE is defined in the IEEE 802.3af. SLAAC is used to automatically assign an IPv6 address to a host.

59
Q

Which of the following layers within software-defined networking determines how to route a data packet on the network?

A.Infrastructure layer
B.Management plane
C.Control layer
D.Application layer

A

C.Control layer

OBJ-1.7: The control layer uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to. The application layer focuses on the communication resource requests or information about the network. The infrastructure layer contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements. The management plane is used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations.

60
Q

Dion Training is configuring a new subnet at their offices in Puerto Rico and wants to assign it a portion of their public Class C IPv4 address space. Dion Training has been assigned a Class C scope of 187.15.3.0/24. The new subnet in Puerto Rico has 57 devices that will need IP addresses assigned. What is the correct CIDR notation for the new subnet in order to accommodate the 57 devices while allocating the minimum number of addresses?

A./25
B./27
C./26
D./24

A

C./26

OBJ-1.4: To answer this question, you must be able to perform a basic subnetting calculation. First, you need to determine the number of IP addresses that will be needed. In this scenario, you have 57 clients that will each need an IP address, but you also need one IP address for the network and a second IP for the broadcast. This means you need 59 IP addresses total. IP addresses are assigned in multiples of 2 (1, 2, 4, 8, 16, 32, 64, 128, 256). Since we need 59 IP addresses, we need to round up to a block of 64. To symbolize a CIDR block with 64 IP addresses, we would use /26, which is 2^6 = 64.

61
Q

Which of the following is often used to allow one node to communicate with many other nodes, such as in DMVPN (Dynamic Multipoint Virtual Private Network) connections?

A.mGRE (Multipoint GRE [Generic Routing Encapsulation])
B.WLAN
C.MPLS (Multi-Protocol Label Switching)
D.SDWAN (Software-Defined Wide Area Network)

A

A.mGRE (Multipoint GRE [Generic Routing Encapsulation])

OBJ-1.2: Multipoint GRE (mGRE) is a protocol that can be used to enable one node to communicate with many nodes by encapsulating layer 3 protocols to create tunnels over another network. The mGRE protocol is often used in Dynamic Multipoint VPN (DMVPN) connections. Multiprotocol Label Switching (MPLS) is a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses, thus avoiding complex lookups in a routing table and speeding traffic flows. A software-defined wide area network (SDWAN) is a network that is abstracted from its hardware which creates a virtualized network overlay. A wireless local area network (WLAN) is a wireless computer network that links two or more devices using wireless communication to form a local area network within a limited area such as a home, school, computer laboratory, campus, or office building.

62
Q

A company wants to install a new wireless network. The network must be compatible with the 802.11ac protocol to obtain the maximum amount of throughput available. Which of the following frequencies will this wireless network utilize?

A.6.0 GHz
B.5.0 GHz
C.2.4 GHz
D.3.7 GHz

A

B.5.0 GHz

OBJ-2.4: Wireless networks utilize three different frequency bands: 2.4 GHz, 5 GHz, and 6 GHz. The 2.4 GHz frequency band is used by 802.11b, 802.11g, and 802.11n. The 5 GHz frequency band is used by 802.11a, 802.11n, 802.11ac, and 802.11ax. The 6 GHz frequency band is used by Wi-Fi 6E under the 802.11ax standard.

63
Q

One of your coworkers recently installed a new game they found for free online. Ever since then, their computer has acted strange and is operating extremely slow. What type of attack are they likely a victim of?

A.Ransomware
B.Malware
C.Brute-force
D.Phishing

A

B.Malware

OBJ-4.2: Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. By contrast, software that causes unintentional harm due to some deficiency is typically described as a software bug. Malware includes viruses, worms, logic bombs, and many other malicious types of code. Ransomware is a type of malware from cryptovirology that threatens to publish the victim’s personal data or perpetually block access to it unless a ransom is paid. Phishing is a type of social engineering where an attacker sends a fraudulent email designed to trick a human victim into revealing sensitive information to the attacker or to deploy malicious software on the victim’s infrastructure like ransomware. A brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly.

64
Q

You recently started a new job with Facebook as a network technician. You have been asked to connect several of their buildings together to form a larger network. All of the buildings are within walking distance of each other. What type of network are you creating?

A.PAN (Personal Area Network)
B.CAN (Campus Area Network; CAN-2)
C.WAN (Wide Area Network)
D.LAN (Local Area Network)

A

B.CAN (Campus Area Network; CAN-2)

OBJ-1.2: A campus area network (CAN) is a computer network that spans a limited geographic area. CANs interconnect multiple local area networks (LAN) within an educational or corporate campus. A personal area network (PAN) is centered around a short distance, usually around a person or up to a few meters. PANs are heavily used with Bluetooth and NFC. A personal area network (PAN) is centered around a short distance, usually around a person or up to a few meters. PANs are heavily used with Bluetooth and NFC. A wide area network (WAN) will typically cover a larger area geographically, such as a continent, a state, or a country.

65
Q

You have just moved into a new apartment and need to get internet service installed. Your landlord has stated that you cannot drill any holes to install new cables into the apartment. Luckily, your apartment already has cable TV installed. Which of the following technologies should you utilize to get your internet installed in your apartment?

A.DOCSIS (Data Over Cable Service Interface Specification) modem
B.DSL (Digital Subscriber Line) model
C.Wireless router
D.Satellite modem

A

A.DOCSIS (Data Over Cable Service Interface Specification) modem

OBJ-1.2: DOCSIS (Data Over Cable Service Interface Specification) is an international telecommunications standard that permits the addition of high-bandwidth data transfer to an existing cable television system. Many cable television operators employ it to provide Internet access over their existing hybrid fiber-coaxial (HFC) infrastructure. Most people today call these cable modems, but technically, they are DOCSIS modems.

66
Q

Which of the following tools would you use to connect an RJ-45 (Registered Jack, 45; ethernet) connector to a unshielded twisted pair (UTP) copper cable using the EIA/TIA-568B standard?

A.Cable snips
B.Fusion splicer
C.Punchdown tool
D.Cable crimper

A

D.Cable crimper

OBJ-5.2: A cable crimper is used to join the internal wires of a twisted pair cable with metallic pins houses inside a plastic connector, such as an RJ-45 connector. A punchdown tool is used to insert wires into insulation displacement connectors on patch panels, keystone modules, or punchdown blocks. A fusion splicer is used to create long fiber optic cable lengths by splicing multiple cables together or to repair a break in a fiber optic cable. A cable snip or cable cutter is used to cut copper cables into shorter lengths from a longer spool of wound cable.

67
Q

Your company has just installed a new web server that will allow inbound connections over port 80 from the internet while not accepting any connections from the internal network. You have been asked where to place the web server in the network architecture and configure the ACL rule to support the requirements. The current network architecture is segmented using a triple-homed firewall to create the following three zones: ZONE INTERFACE, IP address ————————————— PUBLIC, eth0, 66.13.24.16/30 DMZ, eth1, 172.16.1.1/24 PRIVATE, eth2, 192.168.1.1/24 Based on the requirements and current network architecture above, where should you install the webserver and how should you configure it?

A.Put the server in the PRIVATE zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server’s IP
B.Put the server in the PUBLIC zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server’s IP
C.Put the server in the DMZ (DeMilitarized Zone) zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server’s IP
D.Put the server in the DMZ (DeMilitarized Zone) zone with an inbound rule from eth1 to eth0 that allows port 80 traffic to the server’s IP

A

C.Put the server in the DMZ (DeMilitarized Zone) zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server’s IP

OBJ-4.3: The web server should be placed into the DMZ, assigned an IP address in the 172.16.1.1/24 network, and create an inbound permit rule for port 80 in the ACL. Since the web server needs to be accessed from the internet (PUBLIC), you must configure the permit rule from eth0 (PUBLIC) to eth1 (DMZ). The web server should not be placed into the intranet (PRIVATE), since this will contain all our internal network clients and they should be blocked from accessing this web server according to the question. Most firewalls utilize an implicit deny policy, so all other ports from the eth0 will be blocked and all ports from eth2. If an implicit deny policy is not enabled, you can explicitly block those other ports using a deny rule within the ACLs.

68
Q

Dion Training wants to create a DNS (Domain Name System) record to enter DKIM (Domain Keys Identified Mail) or SPF (Sender Policy Framework) information into the domain name system to help prevent from spam coming from their domain. Which type of DNS record should be created?

A.SOA (Start Of Authority)
B.TXT (DNS Text)
C.SRV (DNS Service Record)
D.PTR (PoinTer Record)

A

B.TXT (DNS Text)

OBJ-1.6: The DNS text (TXT) record lets a domain administrator enter text into the Domain Name Systems. The TXT record was originally intended as a place for human-readable notes. However, now it is also possible to put some machine-readable data into TXT records. TXT records are a key component of several different email authentication methods (SPF, DKIM, and DMARC) that help an email server determine if a message is from a trusted source. A DNS service (SRV) record specifies a host and port for specific services such as voice over IP (VoIP), instant messaging, and others. A Start of Authority (SOA) resource record indicates which Domain Name Server (DNS) is the best source of information for the specified domain. PTR records are used for the Reverse DNS (Domain Name System) lookup. Using the IP address, you can get the associated domain/hostname. An A record should exist for every PTR record.

69
Q

Which of the following tools allows you to view and modify the layer 2 to layer 3 address bindings?

A.netstat
B.ipconfig
C.arp
D.route

A

C.arp

OBJ-5.3: The arp command is used to view and modify the local address resolution protocol (ARP) cache of a device, which contains recently resolved MAC addresses of IP hosts on the network. The netstat command is used to monitor incoming and outgoing connections, routing tables, port states, and usage statistics on a network interface. The route command is used to create, view, or modify manual entries in the network routing tables of a computer or server. The ipconfig command is used on Windows devices to display the current TCP/IP network configuration and refresh the DHCP and DNS settings on a given host.

70
Q

Which of the following types of facility controls is used to extinguish an accidental fire within a workplace or datacenter?

A.HVAC (Heating, Vacuum, Air Conditioning) system
B.PDU (Power Distribution Unit)
C.Generator
D.Suppression system

A

D.Suppression system

OBJ-3.3: A fire suppression system is an engineered set of components that are designed to extinguish an accidental fire in a workplace or datacenter. Fire suppression systems can use wet pipe sprinklers, pre-action sprinklers, and special suppression systems. Heating Ventilation and Air Conditioning (HVAC) units are responsible for maintaining the proper temperature and humidity within a datacenter. A generator is a device that converts motive power into electrical power for use in an external circuit. Generators can be powered by diesel, gasoline, or propane. A power distribution unit (PDU) is a device fitted with multiple outputs designed to distribute electric power, especially to racks of computers and networking equipment located within a data center. PDUs use and distribute the available amperage more efficiently, allowing your equipment to receive the best available power to maintain operation.

71
Q

Which of the following levels would a critical condition generate?

A.4
B.2
C.6
D.0

A

B.2

OBJ-3.1: The severity levels range from zero to seven, with zero being the most severe and seven being the least severe. Level 0 is used for an emergency and is considered the most severe condition because the system has become unstable. Level 1 is used for an alert condition and means that there is a condition that should be corrected immediately. Level 2 is used for a critical condition, and it means that there is a failure in the system’s primary application and it requires immediate attention. Level 3 is used for an error condition, and it means that something is happening to the system that is preventing the proper function. Level 4 is used for warning conditions and it may indicate that an error will occur if action is not taken soon. Level 5 is used for notice conditions and it means that the events are unusual, but they are not error conditions. Level 6 is used for information conditions and it is a normal operational message that requires no action. Level 7 is used for debugging conditions and is just information that is useful to developers as they are debugging their networks and applications.

72
Q

You received an incident response report indicating a piece of malware was introduced into the company’s network through a remote workstation connected to the company’s servers over a VPN (Virtual Private Network) connection. Which of the following controls should be applied to prevent this type of incident from occurring again?

A.SPF (Sender Policy Framework)
B.MAC (Media Access Control) filtering
C.NAC (Network Access Control)
D.ACL (Access Control List)

A

C.NAC (Network Access Control)

OBJ-4.1: Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology (such as anti-virus, host intrusion prevention, and vulnerability assessment), user or system authentication, and network security enforcement. When a remote workstation connects to the network, NAC will place it into a segmented portion of the network (sandbox), scan it for malware and validate its security controls, and then based on the results of those scans, either connect it to the company’s networks or place the workstation into a separate quarantined portion of the network for further remediation. An access control list (ACL) is a network traffic filter that can control incoming or outgoing traffic. An ACL alone would not have prevented this issue. MAC Filtering refers to a security access control method whereby the MAC address assigned to each network card is used to determine access to the network. MAC filtering operates at layer 2 and is easy to bypass. Sender Policy Framework (SPF) is an email authentication method designed to detect forging sender addresses during email delivery.

73
Q

Which type of security measure is used to control access to an area by using a retina scan?

A.Biometric
B.Two-factor authentication
C.Cipher locks
D.Optical reader

A

A.Biometric

OBJ-4.1: Retina scans are considered a biometric control. Other biometric controls contain fingerprint readers and facial scanners. A cipher lock is a lock that is opened with a programmable keypad that is used to limit and control access to a highly sensitive area. An optical reader is a device found within most computer scanners that can capture visual information and translate the image into digital information the computer is capable of understanding and displaying. Multi-factor authentication is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism: knowledge, possession, and inherence.

74
Q

A technician receives a report that a VoIP (Voice-over Internet Protocol) phone is experiencing a “no network connectivity” error. The technician notices the Cat6a patch cable running from the back of the phone is routed behind the user’s rolling chair. The cable appears to have been rolled over numerous times by the user, and it looks flattened from the abuse. Which of the following is the most likely cause of the connectivity issues being experienced on the VoIP phone?

A.Transmit and receive reversed
B.Cross-talk
C.Excessive collisions
D.Improperly crimped cable

A

B.Cross-talk

OBJ-5.2: Crosstalk is defined as an effect caused by the unintentional and undesired transmission (leakage) of a signal from one cable to another. Due to the abuse of the cable being run over repeatedly by the user’s chair, the cable’s shielding could have been damaged and the cable may no longer be made up of the same consistency. This can lead to crosstalk amongst the cable pairs, or even opens/shorts of the wires in those cable pairs.

75
Q

What is used to distribute traffic across multiple sets of devices or connections to increase the overall efficiency of the network and its data processing?

A.Load balancing
B.Fault tolerance
C.Traffic shaping
D.High availability

A

A.Load balancing

OBJ-3.3: Load balancing refers to the process of distributing a set of tasks over a set of resources to make their overall processing more efficient. Load balancing can optimize the response time and avoid unevenly overloading some compute nodes while other compute nodes are left idle. Traffic shaping, also known as packet shaping, is the manipulation and prioritization of network traffic to reduce the impact of heavy users or machines from affecting other users. Traffic shaping is used to optimize or guarantee performance, improve latency, or increase usable bandwidth for some kinds of packets by delaying other kinds. High availability (HA) is a component of a technology system that eliminates single points of failure to ensure continuous operations or uptime for an extended period. Fault tolerance refers to the ability of a system (computer, network, cloud cluster, etc.) to continue operating without interruption when one or more of its components fail.

76
Q

You want to ensure that only one person can enter or leave the server room at a time. Which of the following physical security devices would BEST help you meet this requirement?

A.Video monitoring
B.Cipher lock
C.Access control vestibule
D.Thumbprint reader

A

C.Access control vestibule

OBJ-4.5: An access control vestibule is a physical security access control system comprising a small space with two sets of interlocking doors, such that the first set of doors must close before the second set opens. Video monitoring is a passive security feature, so it won’t prevent two people from entering at once. The thumbprint reader or cipher lock will ensure that only an authorized user can open the door, but it won’t prevent someone from piggybacking and entering with them.

77
Q

Which of the following IEEE (The Institute of Electrical and Electronics Engineers) specifications describes the use of the spanning tree protocol (STP)?

A.802.1d
B.802.3ad
C.802.1x
D.802.3af

A

A.802.1d

OBJ-2.3: The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that result from them. STP is defined in the IEEE 802.1d standard. Link Aggregation Control Protocol or LACP is one element of an IEEE specification (802.3ad) that provides guidance on the practice of link aggregation for data connections. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. This defines port security. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server. Power over Ethernet (POE) is a technology that lets network cables carry electrical power. POE is defined in the IEEE 802.3af.

78
Q

At which of the following OSI (Open Systems Interconnection) layer does QoS operate?

A.Layer 3
B.Layer 1
C.Layer 7
D.Layer 5

A

A.Layer 3

OBJ-2.2: Quality of Service (QoS) occurs at both Layer 2 and Layer 3 of the OSI Model. Layer 2 Quality of Service (QoS) allows for traffic prioritization and bandwidth management to minimize network delay using Cost of Service (CoS) classification, and DSCP marking under the 802.1p standard. Layer 3 Quality of Service (QoS) allows for managing the quality of network connections through its packet routing decisions.

79
Q

An administrator has a virtualization environment that includes a vSAN (Virtual SAN [Storage Area Network]) and iSCSI (Internet Small Computer System Interface) switching. Which of the following actions could the administrator perform to improve data transfers’ performance over the iSCSI switches?

A.Configure the switch ports to auto-negotiate the proper Ethernet settings
B.Connect the iSCSI switches to each other over inter-switch links (ISL)
C.Set the MTU (Maximum Transmission Unit) to 9000 on each of the participants in the vSAN
D.Configure each vSAN (Virtual SAN [Storage Area Network]) participant to have its own VLAN (Virtual Local Area Network)

A

C.Set the MTU (Maximum Transmission Unit) to 9000 on each of the participants in the vSAN

OBJ-1.7: When using an iSCSI SAN (with iSCSI switching), we can improve network performance by enabling jumbo frames. A jumbo frame is a frame with an MTU of more than 1500. By setting the MTU to 9000, there will be fewer but larger frames going over the network. Enabling jumbo frames can improve network performance by making data transmissions more efficient. iSCSI is commonly used in storage area networks (SAN) within a datacenter.

80
Q

You are working as a network engineer for a smartphone company that wants to begin offering contactless payment options with their devices. Which of the following technologies should they embed in their handsets to support contactless payments like Apple Pay, Samsung Pay, or Google Pay?

A.RFID (Radio Frequency IDentification)
B.NFC (Near Field Communication)
C.Bluetooth (IEEE 802.15.1; Personal Area Network; ISM band 2.402GHz to 2.48GHz)
D.Wi-Fi (Wireless Fidelity; IEEE 802.11)

A

B.NFC (Near Field Communication).

OBJ-2.4: Near-Field Communication (NFC) is a set of communication protocols for communication between two electronic devices over a distance of 4 cm or less. NFC offers a low-speed connection with a simple setup that can be used to bootstrap more capable wireless connections. NFC is used with payment systems like Apple Pay, Samsung Pay, and Google Pay since it supports two-way communication, unlike RFID which only supports one-way data transfers. Radio-frequency identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. Bluetooth is a short-range wireless technology standard that is used for exchanging data between fixed and mobile devices over short distances using UHF radio waves in the ISM band from 2.402 GHz to 2.48 GHz and building personal area networks. Bluetooth is often used to create peer-to-peer connections between two devices for a distance of up to 10 meters. Wi-Fi is a family of wireless network protocols, based on the IEEE 802.11 family of standards, which are commonly used for local area networking of devices and Internet access, allowing nearby digital devices to exchange data by radio waves. Wi-Fi can provide high speeds and cover a maximum distance of up to 150 meters.

81
Q

You have been asked to help design a new architecture for Dion Training’s website. The current architecture involves a single server that hosts the website in its entirety. The company’s newest course has been creating a lot of interest on social media. The CIO is concerned that the single server will not be able to handle the increased demand that could result from this increased publicity. What technology should you implement in the new architecture to allow multiple web servers to serve up the courses and meet this expected increase in demand from new students?

A.VPN (Virtual Private Network) concentrator
B.RAID (Redundant Array of Independent Disks)
C.Load balancer
D.DLP (Data Loss Prevention)

A

C.Load balancer

OBJ-3.3: A load balancer allows for high availability and the ability to serve increased demand by splitting the workload across multiple servers. RAID is a high availability technology that allows for multiple hard disks to act logically act as one to handle more throughput, but this will not solve the higher demand on the server’s limited processing power as a load balancer would. A VPN concentrator is a networking device that provides the secure creation of VPN connections and the delivery of messages between VPN nodes. A data loss prevention (DLP) system is focused on ensuring that intellectual property theft does not occur. Therefore, a DLP will not help meet the increased demand from new students.

82
Q

Your network security manager wants a monthly report of the security posture of all the assets on the network (e.g., workstations, servers, routers, switches, firewalls). The report should include any feature of a system or appliance that is missing a security patch, OS (Operating System) update, or other essential security feature and its risk severity. Which tool would work best to find this data?

A.Penetration test
B.Security policy
C.Vulnerability scanner
D.Antivirus scan

A

C.Vulnerability scanner

OBJ-4.1: A vulnerability scanner is a computer program designed to assess computers, computer systems, networks, or applications for weaknesses. Most vulnerability scanners also create an itemized report of their findings after the scan.

83
Q

Dion Training has begun to notice slow response times from their internal network file server to workstations on their local area network. After adding several new employees and workstations, the network administrator determined that the server is experiencing requests for up to 2 Gbps of simultaneous data transfer which has resulted in congestion at the server’s NIC (Network Interface Controller). Which of the following actions should the network administrator implement to remove this performance bottleneck?

A.Update the NIC (Network Interface Controller) drivers to support 802.3af for the server
B.Enable CSMA/CD (Carrier-sense multiple access with collision detection) on the local area network
C.Install a NIC, implement NIC teaming, and configure 802.3ad
D.Add an ACL (Access Control List) to the firewall that reduces traffic to the server

A

C.Install a NIC, implement NIC teaming, and configure 802.3ad

OBJ-5.5: Since the bottleneck has been identified as the server’s NIC card, a second network interface card (NIC) should be installed, NIC teaming should be implemented, and 802.3ad (LACP) should be configured on the switch. NIC teaming allows a server to load balance any data sent or received across two network interface cards, effectively doubling the server’s network throughput. The switch should be configured to support LACP, the link aggregation control protocol, to support the NIC teaming on the server. Link Aggregation Control Protocol or LACP is one element of an IEEE specification (802.3ad) that provides guidance on the practice of link aggregation for data connections. The 802.3af standard is used to support power over ethernet (POE), which will not increase the bandwidth or throughput to the server. An ACL is used to block traffic, which would reduce traffic to the server, but it would also block legitimate users. Carrier-sense multiple access with collision detection (CSMA/CD) is a media access control method used most notably in early Ethernet technology for local area networking. It should not be disabled on an ethernet-based network since it is required for proper network operations.

84
Q

Which of the following applies to data as it travels from Layer 7 to Layer 1 of the OSI (Open Systems Interconnection) model?

A.De-encapsulation
B.Tagging
C.Tunneling
D.Encapsulation

A

D.Encapsulation

OBJ-1.1: Data encapsulation and de-encapsulation in a computer network is a necessary process. Data encapsulation is performed at the sender side while the data packet is transmitted from source host to destination host. This is a process through which information is added to the data as it moved from layer 7 to layer 1 of the OSI model before the data is sent over the network to the receiver. De-encapsulation, on the other hand, in networking is performed at the receiver side or destination side as data moves from layer 1 to layer 7 of the OSI model. As information travels up the layers of the OSI layer, information added from the sender’s encapsulation process is removed layer by layer. Tagging is used in 802.1q to identify ethernet traffic as part of a specific VLAN. This occurs at Layer 2 of the OSI model and remains at Layer 2 of the OSI model. Tunneling is the process by which VPN packets reach their intended destination. This normally occurs using the IPsec or TLS protocols, and occurs at Layer 2 of the OSI model.

85
Q

Which of the following ports are used to provide secure remote connection sessions over the Internet?

A.25 (Simple Mail Transfer Protocol - TCP)
B.22 (Secure SHell; SSH - TCP)
C.23 (TELetype NETwork; TELNET - TCP)
D.80 (HyperText Transfer Protocol)

A

B.22 (Secure SHell; SSH - TCP)

OBJ-1.5: Secure Shell (SSH) uses port 22 to securely create communication sessions over the Internet for remote access to a server or system. Telnet uses port 23 to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection, but sends its data in plaintext making it an insecure protocol. The Simple Mail Transfer Protocol (SMTP) uses port 25 and is an internet standard communication protocol for electronic mail transmission. The Hypertext Transfer Protocol (HTTP) uses port 80 and is an application layer protocol for distributed, collaborative, hypermedia information systems using unencrypted data transfer.

86
Q

Which of the following ports should a client use to automatically request an IP (Internet Protocol) address from the server?

A.69 (Trivial File Transfer Protocol (TFTP)
B.67 (Dynamic Host Configuration Protocol (DHCP)
C.123 (Network Time Protocol - NTP)
D.25 (Simple Mail Transfer Protocol - TCP)

A

B.67 (Dynamic Host Configuration Protocol (DHCP)

OBJ-1.5: The Dynamic Host Configuration Protocol (DHCP) uses port 67 and is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client-server architecture. Network Time Protocol (NTP) uses port 123 and is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. Trivial File Transfer Protocol (TFTP) uses port 69 and is a simple lockstep File Transfer Protocol that allows a client to get a file from or put a file onto a remote host. The Simple Mail Transfer Protocol (SMTP) uses port 25 and is an internet standard communication protocol for electronic mail transmission.

87
Q

Your network administrator has handed you some documentation showing you which switch ports on a patch panel you need to connect with a CAT 5e patch cable for an upcoming network upgrade. What document are you MOST likely holding?

A.Physical network diagram
B.Inventory management plan
C.Process flow diagram
D.Logical network diagram

A

A.Physical network diagram

OBJ-3.2: A physical network diagram shows the actual physical arrangement of the components that make up the network, including cables and hardware. Typically, the diagram gives a bird’s eye view of the network in its physical space, like a floorplan. A network topology is the shape or structure of a network in a physical or logical format as depicted in a network diagram. Physical network topologies include the actual appearance of the network layout. Logical network topologies include the flow of data across the network. An inventory management plan is stored in a database to track the number of assets deployed, on order, or in storage. A process flow diagram illustrates the arrangement of the equipment and accessories required to carry out the specific process, including its stream connections, stream flow rates and compositions, and the operating conditions.

88
Q

An administrator would like to test out an open-source VoIP (Voice-over Internet Protocol) phone system before investing in the associated hardware and phones. Which of the following should the administrator do to BEST test the software?

A.Create a virtual PBX (Private Branch eXchange) and connect it to a SIP (Session Initiation Protocol) phone application
B.Deploy an open-source VDI (Virtual Desktop Infrastructure) solution to create a testing lab
C.Deploy new SIP appliances and connect them to the open-source phone application
D.Create virtual IP (Internet Protocol) phones that utilize the STP protocol in your lab

A

A.Create a virtual PBX (Private Branch eXchange) and connect it

OBJ-2.1: To test out the system before purchasing it, he should connect to a virtual PBX with a SIP phone application and ensure it meets his needs. Deploying new SIP appliances would be costly; therefore, a bad choice. Deploying a VDI is a virtual desktop infrastructure solution, which doesn’t have anything to do with VoIP phones. Creating virtual IP phones in a lab may work but isn’t going to give him an accurate representation of the system’s actual usage. Creating a virtual PBX and connecting it to a SIP phone application would allow you to create a small-scale pilot to test the open-source VoIP phone system under real-world conditions.

89
Q

You are troubleshooting your company’s T-1 connection to your ISP (Internet Service Provider). The ISP has asked you to place a loopback on the device which connects your T-1 (bundles together 24 64-kbps (DS0) time-division multiplexed (TDM) channels over 4-wire copper circuit. This creates a total bandwidth of 1.544 mbps) line to their central office. Which of the following devices should you connect a loopback adapter to test the connection?

A.Channel Service Unit/Data Service Unit
B.Fiber optic modem
C.Digital subscriber line modem
D.DOCSIS (Data Over Cable Service Interface Specification) modem

A

A.Channel Service Unit/Data Service Unit

90
Q

You are connecting a new IPv6 device to your network, but your routers only support IPv4 protocols. Which of the following IP-addressing (Internet Protocol) solutions would solve this challenge?

A.Classless
B.Teredo tunneling
C.Private
D.APIPA (Automatic Private Internet Protocol Addressing; when DNS is not available)

A

B.Teredo tunneling

OBJ-1.4: Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts that are on the IPv4 Internet but have no native connection to an IPv6 network. A private IP address is an IP address reserved for internal use behind a router or other Network Address Translation (NAT) devices, apart from the public. Private IP addresses provide an entirely separate set of addresses that still allow access to a network without taking up a public IP address space. Automatic Private IP Addressing (APIPA) is a feature in operating systems (such as Windows) that enables computers to automatically self-configure an IP address and subnet mask when their DHCP server isn’t reachable. Classless IP addressing solutions allow for the use of subnets that are smaller than the classful subnets associated with Class A, Class B, or Class C networks.