Jason Dion - CompTIA Network+ N10-008 Exam Prep #5 Flashcards
You are setting up uplink ports for multiple switches to communicate with one another. All of the VLANs (Virtual Local Area Network) should communicate from the designated server switch. Which of the following should be set on the trunk ports if VLAN 1 is not the management VLAN?
A.Spanning Tree Protocol
B.Port Security
C.Neighbor Discovery Protocol
D.Port Tagging
D.Port Tagging
OBJ-2.3: The 801.q standard is used to define VLAN tagging (or port tagging) for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames. Traffic should be properly tagged when combined over a single trunk port to ensure they are not sent to the wrong VLAN by mistake. If VLAN tagging is not enabled, all of the VLAN traffic will be sent to the native or default VLAN, VLAN 1. By default, VLAN 1 is enabled and all unused ports are assigned to it. The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that result from them. STP is defined in the IEEE 802.1d standard. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. This defines port security. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server. The Neighbor Discovery Protocol (NDP) is a parr of IPv6 that operates at the data link layer of the OSI Internet model and is responsible for gathering various information required for internet communication, including the configuration of local connections and the domain name servers and gateways used to communicate with more distant systems.
Which of the following requires that all users, whether inside or outside the organization’s network, be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data?
A.Least privilege
B.Zero trust
C.Defense in depth
D.Acceptable use policy
B.Zero trust
OBJ-4.1: Zero-trust is a security framework that requires all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data. Least privilege is the concept and practice of restricting access rights for users, accounts, and computing processes to only those resources absolutely required to perform routine, legitimate activities. Privilege itself refers to the authorization to bypass certain security restraints. Defense in Depth is an approach to cybersecurity in which a series of defensive mechanisms are layered in order to protect valuable data and information. An acceptable use policy (AUP) is a set of rules applied by the owner, creator, or administrator of a network, website, or service, that restrict the ways in which the network, website, or system may be used and sets guidelines as to how it should be used.
A network technician has configured a point-to-point interface on a router. Once the fiber optic cables have been run, though, the interface will not come up. The technician has cleaned the fiber connectors and used a fiber light meter to confirm that light passes in both directions without excessive loss. Which of the following is MOST likely the cause of this issue?
A.The connection is suffering from EMI (Electromagnetic Interference)
B.The bend radius has been exceeded
C.There is a wavelength mismatch
D.The cable is subject to cross-talk
C.There is a wavelength mismatch
OBJ-5.2: Wavelength mismatch occurs when two different transceivers are used at each end of the cable. For example, if one SFP uses a 1310nm transceiver and the other end uses a 850 nm transceiver, they will be unable to communicate properly and the link will remain down. Cross-talk and EMI do not affect fiber optic cables. Electromagnetic interference (EMI) occurs when electrical signals from the local environment outside of the binder are picked up by the copper pairs in a cable and introduce noise. Crosstalk occurs when a signal transmitted on one copper twisted pair in a bundle radiates and potentially interferes with and degrades the transmission on another pair. The bend radius is how sharply a cable can safely bend without causing damage by creating micro cracks on the glass fibers.
You have been asked to recommend a capability to monitor all of the traffic entering and leaving the corporate network’s default gateway. Additionally, the company’s CIO requests to block certain content types before it leaves the network based on operational priorities. Which of the following solution should you recommend to meet these requirements?
A.Install a NIPS (Network-based Intrusion Protection System) on the internal interface and a firewall on the external interface on the router
B.Installation of a NIPS on both the internal and external interfaces of the router
C.Install a firewall on the router’s internal interface and a NIDS (Network-based Intrusion Detection System) on the router’s external interface
D.Configure IP filtering on the internal and external interfaces of the router
A.Install a NIPS (Network-based Intrusion Protection System) on the internal interface and a firewall on the external interface on the router
OBJ-2.1: Due to the requirements provided, you should install a NIPS on the gateway router’s internal interface and a firewall on the external interface of the gateway router. The firewall on the external interface will allow the bulk of the malicious inbound traffic to be filtered before reaching the network. Then, the NIPS can be used to inspect the traffic entering the network and provide protection for the network using signature-based or behavior-based analysis. A NIPS is less powerful than a firewall and could easily “fail open” if it is overcome with traffic by being placed on the external interface. The NIPS installed on the internal interface would also allow various content types to be quickly blocked using custom signatures developed by the security team. We wouldn’t want to place the NIPS on the external interface in the correct choice for the same reasons. We also wouldn’t choose to install a NIPS on both the internal and external connections. IP filtering on both interfaces of the router will not provide the ability to monitor the traffic or to block traffic based on content type. Finally, we would not want to rely on a NIDS on the external interface alone since it can only monitor and not provide the content blocking capabilities needed.
A network technician was tasked to install a network printer and share it with a group of five instructors at Dion Training. The technician plugged the device into a switch port and noticed the link light turned green. Unfortunately, the printer was unable to obtain an IP (Internet Protocol) address automatically. Which of the following is a potential reason for this error?
A.Incorrect DNS (Domain Name System) records
B.Split-horizon is disabled
C.Incorrect TCP port in ACL (Access Control List)
D.DHCP (Dynamic Host Configuration Protocol) scope is exhausted
D.DHCP (Dynamic Host Configuration Protocol) scope is exhausted
OBJ-5.5: The DHCP scope is used as a pool of IP addresses that can be assigned automatically. The issue might be that there are no more IP addresses left in the scope, and is therefore exhausted. The Dynamic Host Configuration Protocol (DHCP) uses port 67 and is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client-server architecture. The Domain Name System (DNS) uses port 53 and is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. DNS records are used to bind a domain name to an IP address using static assignments. Split horizon is a method used by distance vector protocols to prevent network routing loops. With split horizon, if a router receives routing information from another router, the first router will not broadcast that information back to the second router, thus preventing routing loops from occurring. An access control list (ACL) is a list of permissions associated with a system resource (object). Since the scenario specifies that the printer was unable to obtain an IP address automatically, it is most likely a DHCP issue.
What access control model will a network switch utilize if it requires multilayer switches to use authentication via RADIUS (Remote Authentication Dial-In User Service) / TACACS+ (Terminal Access Controller Access Control Server)?
A.802.3af
B.802.1x
C.802.1q
D.PKI (Public Key Infrastructure)
B.802.1x
OBJ-4.1: 802.1x is the standard that is used for network authentication with RADIUS and TACACS+. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. This defines port security. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS or TACACS+ server.
A project manager is tasked with the planning of a new network installation. The customer requires that everything discussed in the meetings is installed and configured when a network engineer arrives onsite. Which document should the project manager provide the customer?
A.Acceptable Use Policy
B.Security Policy
C.Service Level Agreement
D.SOW (Statement of Work)
D.Statement of Work
OBJ-3.2: A Statement of Work (SOW) is a document that outlines all the work that is to be performed, as well as the agreed-upon deliverables and timelines. A service-level agreement (SLA) is a written agreement that qualitatively and quantitatively specifies the service committed by a vendor to a customer. Security policy is a definition of what it means to be secure for a system, organization, or other entity. For an organization, it addresses the constraints on the behavior of its members as well as constraints imposed on adversaries by mechanisms such as doors, locks, keys, and walls. An acceptable use policy, acceptable usage policy, or fair use policy, is a set of rules applied by the owner, creator, or administrator of a network, website, or service, that restrict the ways in which the network, website, or system may be used and sets guidelines as to how it should be used.
Which of the following components is used to describe the structure of a device subsystem using a hierarchical namespace containing all of the variables that may be set or read using SNMP (Simple Network Management Protocol?
A.MIB (Management Information Base)
B.Granular Trap
C.Verbose Trap
D.OID (unique Object IDentifier)
A.MIB (Management Information Base)
OBJ-3.1: The Simple Network Management Protocol (SNMP) uses ports 161 and 162, and it is a networking protocol used for the management and monitoring of network-connected devices in Internet Protocol networks. The management information base (MIB) is a translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID). A unique objective identifier (OID) identifies a variable that can be read or set using the SNMP protocol. A trap is an asynchronous notification from the agent to the manager. A trap is sent by the agent to notify the management of a significant event that is occurring in real-time, such as an alarming condition. A granular trap contains a unique object identifier (OID) number and a value for that OID. A verbose trap may contain all the information about a given alert or event as its payload. A verbose trap contains more information and data than a granular trap, and therefore requires more bandwidth to send the verbose trap over the network.
Which of the following is used to capture the logs from different devices across the network to correlate different events across multiple servers and clients?
A.DNS server (Domain Name System)
B.Proxy server
C.DHCP server (Dynamic Host Configuration Protocol)
D.Syslog server (System Logging Protocol)
D.Syslog server (System Logging Protocol)
OBJ-3.1: A Syslog server is used to capture logs from different devices. It allows for the correlation of logs to simplify log review and an analyst’s ability to respond to alerts. For example, Syslog messages can be generated by Cisco routers and switches, servers and workstations, and collected in a central database for viewing and analysis. A proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. The Domain Name System (DNS) uses port 53 and is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. The Dynamic Host Configuration Protocol (DHCP) uses port 67 and is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client-server architecture.
Your company has just gotten a new OC-12 (OC-12 is a network line with transmission speeds of up to 622.08 Mbit/s (payload: 601.344 Mbit/s; overhead: 20.736 Mbit/s). OC-12 lines are commonly used by ISPs as wide area network (WAN) connections) installed to support your datacenter. The telecommunications provider has installed the connection from their main offices to your demarcation point. You connect the OC-12 to your network, but you are noticing many dropped packets and errors. You suspect this may be a layer 1 issue. Which of the following tools can you use to help identify the source of the issue on this connection?
A.Use a wire mapping cable tester to validate the integrity of the cable
B.Use an OTDR (Optical Time-Domain Reflectometer) to validate the integrity of the cable
C.Use a spectrum analyzer to determine if the cable is exposed to EMI (Electromagnetic Interference)
D.Use a multimeter to validate the integrity of the cable
B.Use an OTDR (Optical Time-Domain Reflectometer) to validate the integrity of the cable
OBJ-5.2: You may not know all the details involved in this question, but that is ok. Start with what you do know. The question talks about an OC-12 connection, which is an optical carrier or fiber optic cable. Based on that, you know the only one of these options has anything to do with a fiber cable, and that is the OTDR (Optical Time-Domain Reflectometer). An optical time-domain reflectometer (OTDR) is an optoelectronic instrument used to characterize an optical fiber. An OTDR injects a series of optical pulses into the fiber under test and extracts, from the same end of the fiber, light that is scattered (Rayleigh backscatter) or reflected back from points along the fiber. The other three options can only be used with copper cables, like UTP, STP, and coaxial cables.
You have been asked to configure a router. Which of the following protocols should you enable to allow the router to determine the path to another network?
A.NTP (Network Time Protocol)
B.BGP (Border Gateway Protocol)
C.STP (Spanning Tree Protocol)
D.RTP (Real-time Transport Protocol)
B.BGP (Border Gateway Protocol)
OBJ-2.2: BGP (Border Gateway Protocol) is a protocol that operates at layer 3 of the OSI model. Since the question asks about a router, you need to identify a routing protocol that would enable the router to determine the path to another network using IP (layer 3) information. The other protocols listed are not routing protocols: RTP (Real-time Transport Protocol), NTP (Network Time Protocol), and STP (Spanning Tree Protocol).
A NAC (Network Access Control) service has discovered a virus on a client’s laptop. Where should the laptop be redirected to in order to be remediated?
A.DMZ subnet (DeMilitarized Zone)
B.Honeypot
C.Botnet
D.Quarantine network
D.Quarantine network
OBJ-4.1: Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), the user or system authentication, and network security enforcement. When NAC detects an issue with a client, it places them in a quarantine network until the device can be remediated to meet the entry requirements for the given network. A honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems. A botnet is a collection of internet-connected devices infected by malware that allow hackers to control them. A DMZ or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet.
Your college campus has a datacenter in the main building. There is a campus book store is located about 500 meters across the campus that needs to be connected to the datacenter. Which of the following network infrastructure implementations should be used to connect the book store’s network back to the datacenter for all of their data and voice network traffic?
A.Straight-through STP (Shielded Twisted Pair) cable
B.Crossover UTP (Unshielded Twisted Pair) cable
C.Satellite connection
D.SMF (Single-mode fiber optic) cable
D.SMF (Single-mode fiber optic) cable
OBJ-1.3: Single-mode fiber optic cables can carry different data and voice signals over long distances without losing any integrity. Therefore, a fiber optic cable would be the best choice for this implementation. You could lease a pair of single-mode fibers from the local telecommunications provider (called dark fiber) since it will already be buried underground, or it is possible the college campus already has their own buried fiber between the different buildings on campus that could be utilized. A crossover unshielded twisted pair cable has a maximum distance of 100 meters. A straight-through shielded twisted pair cable has a maximum distance of 100 meters. A satellite connection works when there is a line of sight between the office and the satellite, but the signal isn’t always reliable or fast enough.
A network technician at a warehouse must implement a solution that will allow a company to track shipments as they enter and leave the facility. The warehouse workers must scan each package as it enters the warehouse using a sensor. Which of the following technologies should they utilize to meet these requirements?
A.NFC (Near Field Communication)
B.Wi-Fi (Wireless Fidelity; IEEE 802.11)
C.Bluetooth (IEEE 802.15.1; Personal Area Network; ISM band 2.402GHz to 2.48GHz)
D.RFID (Radio Frequency IDentification)
D.RFID (Radio Frequency IDentification)
OBJ-2.4: Radio-frequency identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. The warehouse could utilize RFID to allow for the accurate scanning of items using radio frequency tracking tags and sending data of up to 2 KB to a sensor at rapid speeds. Bluetooth is a short-range wireless technology standard that is used for exchanging data between fixed and mobile devices over short distances using UHF radio waves in the ISM band from 2.402 GHz to 2.48 GHz and building personal area networks. Bluetooth would not allow the worker to have full coverage throughout the warehouse due to the short distance requirement between a transmitter and receiver. Near-Field Communication (NFC) is a set of communication protocols for communication between two electronic devices over a distance of 4 cm or less. NFC offers a low-speed connection with a simple setup that can be used to bootstrap more capable wireless connections. Wi-Fi is a family of wireless network protocols, based on the IEEE 802.11 family of standards, which are commonly used for local area networking of devices and Internet access, allowing nearby digital devices to exchange data by radio waves. Wi-Fi can provide high speeds and cover a maximum distance of up to 150 meters.
Susan, an executive at Dion Training, will be traveling to Italy for a conference next week. She is worried about remaining connected to the internet while overseas and plans to use the Wi-Fi (Wireless Fidelity; IEEE 802.11) in her hotel room and the local coffee shop with her laptop. Which of the following should she purchase and configure before leaving for Italy to ensure her communications remain secure regardless of where she is connecting from?
A.VPN (Virtual Private Network)
B.Local SIM (Subscriber Identity Module) card for her smartphone
C.International data roaming plan on her cellphone
D.Local mobile hotspot
A.VPN (Virtual Private Network)
OBJ-4.4: While WiFi is available almost everywhere these days, it is not safe to use it without first configuring and using a VPN. A Virtual Private Network (VPN) connects the components and resources of two (private) networks over another (public) network. This utilizes an encryption tunnel to protect data being transferred to and from her laptop to the Dion Training servers and other websites. The other options are all focused on connecting her cellphone but would still not be considered safe without a VPN being utilized. A local mobile hotspot should be used to provide internet connectivity to the laptop (if she uses this instead of the hotel and coffee shop WiFi). Still, for best security, it should also use a VPN when using this connection.
A technician added memory to a router, but the router refuses to recognize the new memory module. The router is then powered down, and the technician relocates all of the memory to different modules. On startup, the router does not boot and displays memory errors. Which of the following is the MOST likely cause of this issue?
A.CMOS (Complementary Metal-Oxide Semiconductor)
B.ESD (Electrostatic Discharge)
C.Driver update
D.VTP (VLAN [Virtual Local Area Network] Trunk Protocol)
B.ESD (Electrostatic Discharge)
C.Driver update
OBJ-5.5: The most likely cause is that the memory chips are faulty because they have suffered from electrostatic discharge (ESD) during the chips’ installation and movement. This question references a concept covered in-depth in your A+ curriculum but is considered fair game on the Network+ exam. It is also covered under the objectives for hardware failure on the Network+ exam and the objective for safety procedures.
Which of the following type of sites would be used if your organization plans to switch to teleworking and remote operations in the event of a disaster?
A.Cloud site
B.Hot site
C.Warm site
D.Cold site
A.Cloud site
OBJ-3.3: A cloud site is a virtual recovery site that allows you to create a recovery version of your organization’s enterprise network in the cloud. Cloud sites are useful when your disaster recovery plan includes migrating to a telework or remote operations environment. A hot site is a real-time replication of an existing network environment. All data generated and stored at the primary site is immediately replicated and backed up at the disaster recovery site. A warm site is a type of facility an organization uses to recover its technology infrastructure when its primary data center goes down. A warm site features an equipped data center but no customer data. A cold site is a backup facility with little or no hardware equipment installed. A cold site is essentially an office space with basic utilities such as power, cooling system, air conditioning, and communication equipment, etc.
You are troubleshooting a network connectivity issue on a student’s workstation at Dion Training. The wireless access point for the DionTraining network is set to not broadcast its network identifier. The student enters DIONTRAINING as the network name, then attempts to connect to this “Open” wireless access point. The student’s classmates have all been able to connect successfully to the network, but this workstation fails to successfully connect. Which of the following issues is indicated by this failure to connect?
A.Incorrect passphrase
B.Encryption protocol mismatch
C.Insufficient wireless coverage
D.Wrong SSID (Secure Set IDentifier)
D.Wrong SSID (Secure Set IDentifier)
OBJ-5.4: The service set identifier (SSID) is a natural language name used to identify a wireless network. If a network is manually configured and the incorrect SSID is entered, the device will be unable to connect to the network. In this scenario, the network name (SSID) is DionTraining, but the student entered DIONTRAINING instead. SSIDs are case sensitive, so DionTraining and DIONTRAINING would be considered two different networks. This indicates the wrong SSID was entered. Encryption protocols are used to protect WEP, WPA, and WPA2 wireless networks. WEP wireless networks utilize the RC4 encryption protocol. WPA wireless networks utilize the TKIP encryption protocol. WPA2 wireless networks utilize the AES encryption protocol, but they also can support the TKIP encryption protocol, as well. The network in this scenario was an “Open” network, which indicates it does not require an encryption protocol. If the wrong encryption protocol is used, the wireless client and the wireless access point will be unable to communicate. The passphrase in a wireless network serves as the password or network security key. If the incorrect passphrase was entered, you will receive an error such as “Network security key mismatch” and the wireless device will be unable to communicate with the wireless access point. The received signal strength indication (RSSI) is an estimated measure of the power level that a radio frequency client device is receiving from a wireless access point. If the RSSI is -90dB to -100dB, this indicates an extremely weak connection and insufficient wireless coverage in which the area the device is operating.
During what period should all scheduled work on production network equipment be conducted?
A.Downtime
B.Business hours
C.Maintenance window
D.Development life cycle
C.Maintenance window
OBJ-3.2: By using a maintenance window, all downtime is limited and the organization can prepare in advance for the scheduled work to be carried out. You should schedule maintenance windows outside of normal business hours since they will usually result in downtime.
A network technician needs to install a server to authenticate remote users before accessing corporate network resources when working from home. Which kind of server should the network technician implement?
A.VLAN (Virtual Local Area Network)
B.DNSSEC (Domain Name System Security Extensions)
C.RAS (Remote Access Server)
D.PPP (Point-to-Point Protocol)
C.RAS (Remote Access Server)
OBJ-4.4: A remote access server (RAS) or remote desktop gateway is a type of server that provides a suite of services to connect users to a network or the Internet remotely. The Domain Name System Security Extensions (DNSSEC) is a suite of extension specifications by the Internet Engineering Task Force for securing data exchanged in the Domain Name System in Internet Protocol networks. Point-to-Point Protocol (PPP) is a TCP/IP protocol that is used to connect one computer system to another. Computers use PPP to communicate over the telephone network or the Internet. A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2).
Jason is conducting a security audit of Dion Training’s VPN concentrator. As he reviews the connection logs, he notices a teleworking employee is connected to the company’s VPN with an unexpected source IP address that is located in California. Jason knows that none of the employees work from California, though. What might the employee be using that is causing their IP address to be located in California?
A.Voice Gateway
B.WLAN controller (Wireless Local Area Network)
C.Proxy server
D.ICS/SCADA SCADA/ICS (Supervisory Control and Data Acquisition / Industrial Control Systems)
C.Proxy server
OBJ-2.1: A proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. For example, if the employee is located in Florida but is connected to a proxy server in California, all of their network traffic will go from Florida to California, and then to the final destination. In this example, the final destination was the VPN concentrator for Dion Training, so the California IP address is entered into the VPN concentrator’s logs. ICS (industrial control systems) and SCADA (supervisory control and data acquisition systems) are devices and network systems that are used to monitor and manage the manufacturing or industrial process assets of an organization. A wireless LAN controller is used in combination with the Lightweight Access Point Protocol to manage light-weight access points in large quantities by the network administrator or network operations center. The voice gateway is used to connect the enterprise VoIP network with the telecommunications provider, using a number of different connectivity methods, such as PSTN, ISDN, and SIP. ICS/SCADA, WLAN controllers, and voice gateways would not change the IP address of the requesting client as it attempts to connect to the company’s VPN.
Your company just moved into a beautiful new building. The building has been built with large glass windows covering most of the walls and ceiling to provide natural light throughout the offices. You have noticed that your cell phone gets poor cellular connectivity when inside the building. What is the MOST likely cause of the poor cellular reception within the building?
A.Frequency mismatch
B.Reflection
C.Channel overlap
D.Absorption
B.Reflection
OBJ-5.4: A cellular signal is comprised of radio waves, just like 802.11 wireless networks. Just like light, radio waves can bounce off of certain surfaces and materials. Metal and glass are considered highly reflective materials which can cause poor cellular service and connectivity within office buildings that use intricately designed glass walls and ceilings. If a large amount of reflection occurs, signals can be weakened and cause interference at the receiver’s device. In addition to reflection, some of the radio waves can also pass through the glass and refract into different directions of travel. Both reflection and refraction can decrease the signal strength between the transmitter and the receiver. Absorption occurs when the radio waves attempt to pass through dense material, such as a concrete wall. The scenario was focused on the building’s construction and did not mention anything in terms of the frequency or channels used by the cellular devices, therefore it is unlikely to be a frequency mismatch or channel overlap causing the signal strength issues in this scenario.
Which of the following describes a design where traffic is shared between multiple network servers to provide greater throughput and reliability?
A.VLAN tagging (Virtual Local Area Network)
B.Multiplexing
C.MPLS trunking (Multi-Protocol Label Switching)
D.Load balancing
D.Load balancing
OBJ-3.3: Load balancing is a technique used to spread work across multiple computers, network links, or other devices. Multiprotocol Label Switching is a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses, thus avoiding complex lookups in a routing table and speeding traffic flows. VLAN tagging is used to keep traffic from different networks separate when traversing shared links and devices within a network topology. Multiplexing is the technology that is able to combine multiple communication signals together in order for them to traverse an otherwise single signal communication medium simultaneously.
You have been asked to connect a new computer to a 100BaseTX network switch on switchport 3. Which type of cable should you utilize?
A.Rollover
B.Straight-through
C.Crossover
D.Coaxial
B.Straight-through
OBJ-1.3: Straight-through cables are used to connect a computer to a hub or switch. A crossover cable would be used if you needed to connect a computer to a computer in a peer-to-peer network, or if you needed to connect two switches together that didn’t support MDIX. Rollover or console cables are used to connect a computer to a console port on a router in order to configure the device. A coaxial cable is usually used to connect a cable modem.
Which of the following should be considered when troubleshooting the coverage and signal strength of an 802.11n wireless local area network?
A.Temperature
B.Humidity
C.Malware
D.Building materials in the area
D.Building materials in the area
OBJ-5.4: Some building materials are denser than others. The denser the object, the more signal absorption will occur. For an optimal signal, a line of sight of 50 feet or less is recommended. An 802.11n network can reach a maximum of 150 feet indoors and 300 feet outdoors with a clear line of sight. Temperature and humidity do play a small role in the amount of absorption of a radio frequency signal, but nowhere near as important as the building materials used in the area. For example, if you are deploying a wireless network within an office that contains interior concrete walls, you will need additional power and repeaters to fully cover the same space as a single wireless access point operating in an open floorplan office building.
Thomas has a server that streams media to the local network, and the device is currently visible on the network. All of the workstations on the LAN can ping the device, and all the firewalls are currently turned off. The goal is for the streaming media server to allow different workstations to watch the stream if they choose to subscribe to it. The streaming device appears to be functioning properly, but the media won’t stream when requested. Which of the following TCP/IP (Transmission Control Protocol/Internet Protocol) technologies is MOST likely not implemented properly?
A.Multicast
B.Unicast
C.Anycast
D.Broadcast
A.Multicast
OBJ-1.4: Multicast is a TCP/IP technology that sends out the packets to the requested devices when streaming to multiple workstations from a single streaming media server. As opposed to broadcast (one-to-all), which sends out packets to all devices, multicast (one-to-many-of-many/many-to-many-of-many) only sends packets to the clients that specifically requested to be a part of the distribution and not just every client on the network. Multicast requires the proper implementation and configuration to route the traffic to the right devices on the LAN so that streaming can properly function. Multicast works with IPv4 or IPv6. Unicast communication only has one sender and one receiver. Unicast works with IPv4 or IPv6. Broadcast communication has one sender, but it sends the traffic to every device on the network. Broadcast only works with IPv4. Anycast communications are sent to the nearest receiver in a group of receivers with the same IP. Anycast only works with IPv6.
Which of the following types of telecommunication links is used to provide high-speed internet service to anywhere on the planet by using ground stations and space-based assets?
A.Leased line
B.Satellite
C.DSL (Digital Subscriber Line)
D.Cable
B.Satellite
OBJ-1.2: A satellite connection is a wireless connection spread across multiple satellite dishes located both on earth and in space that provides remote areas with valuable access to core networks. A digital subscriber line (DSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connection to the Internet. Data Over Cable Service Interface Specification (DOCSIS) is used to connect a client’s local area network to a high-bandwidth internet service provider over an existing coaxial cable TV system. A leased line is a private telecommunications circuit between two or more locations provided according to a commercial contract, normally over a fiber-optic connection.
Your company’s corporate headquarters provided your branch office a portion of their Class C subnet to use at a new office location. You must allocate the minimum number of addresses using CIDR (Classless Inter-Domain Routing or supernetting) notation in order to accommodate each department’s needs. What is the correct CIDR notation for the Marketing department’s subnet which requires 11 devices?
A./27
B./26
C./29
D./30
E./28
F./25
E./28
OBJ-1.4: Since the Marketing department needs 11 devices plus a network ID and broadcast IP, it will require 13 IP addresses. The smallest subnet that can fit 13 IPs is a /28 (16 IPs). A /28 will borrow 4 host bits and assign those to the network portion of the subnet mask. This would create a subnet with 2^4 available host IP addresses, or 16 total IP addresses. Of the 16 IP addresses, there are 14 available for clients to use, one for the network ID, and one for the broadcast address.
You are working at the demarcation point between your network and the telecommunication service provider’s network. Which of the following devices serves as the demarcation point between the two networks?
A.mGRE (Multipoint GRE [Generic Routing Encapsulation])
B.FCoE (Fibre Channel over Ethernet)
C.vNIC (Virtual NIC [Network Interface Controller])
D.Smartjack (intelligent network interface device)
D.Smartjack
OBJ-1.2: A smartjack is an intelligent network interface device (NID) that serves as the demarcation point between the telecommunication service provider’s local loop and the customer’s premise wiring. A smartjack provides more than just a termination for the connection of the wiring, but also may provide signal conversion, converting codes, and protocols to the type needed by the customer’s equipment, as well as diagnostic capabilities. Multipoint GRE (mGRE) is a protocol that can be used to enable one node to communicate with many nodes by encapsulating layer 3 protocols to create tunnels over another network. The mGRE protocol is often used in Dynamic Multipoint VPN (DMVPN) connections. Fibre Channel over Ethernet (FCoE) is a computer network technology that encapsulates Fibre Channel frames over Ethernet networks. FCoE is commonly used in storage area networks internally to an organization’s enterprise network. A virtual network interface (vNIC) is an abstract virtualized representation of a computer network interface that may or may not correspond directly to a network interface controller.
A wireless technician wants to configure a wireless network to identify itself to visitors by including the word “Guest” in the name. This wireless network needs to provide coverage to the entire building and requires 3 wireless access points to accomplish this coverage level. What would allow users to identify the wireless network by its displayed name as a single network?
A.ESSID broadcast (Extended Service Set IDentifier)
B.ARP broadcast (Address Resolution Protocol)
C.DHCP broadcast (Dynamic Host Configuration Protocol)
D.BSSID broadcast (Basic Service Set IDentifier)
A.ESSID broadcast (Extended Service Set IDentifier)
OBJ-2.4: With an ESSID (Extended Service Set), a wireless network can utilize multiple wireless access points to broadcast a single network name for access by the clients. A BSSID (Basic Service Set) can only utilize a single access point in each wireless network. An ARP broadcast sends a request packet to all the machines on the LAN and asks if any of the machines know they are using that particular IP address. A DHCP broadcast is used by a client to discover a DHCP server and negotiate a DHCP address. Both ARP and DHCP broadcasts occur once a client is connected to a wireless network and do not provide a network name like ESSID and BSSID do.
What anti-malware solution is installed as a dedicated on-premise appliance to scan all incoming traffic and prevent malware from being installed on any of your clients without requiring the installation of any software on your clients?
A.Cloud-based anti-malware
B.Signature-based anti-malware
C.Host-based anti-malware
D.Network-based anti-malware
D.Network-based anti-malware
OBJ-2.1: The network-based anti-malware can help prevent malware attacks by scanning all incoming data to prevent malware from being installed and infecting a computer. Network-based anti-malware solutions can be installed as a rack-mounted, in-line network appliance in your company’s on-premise datacenter to protect every client and server on the network without having to install software on each of the clients. Network-based anti-malware solutions often come as part of a unified threat management (UTM) appliance. Cloud antivirus is a programmatic solution that offloads antivirus workloads to a cloud-based server, rather than bogging down a user’s computer with a complete antivirus suite. Cloud-based solutions do not use on-premise appliances as part of their installation. Host-based anti-malware relies upon the installation of an agent to detect threats such as viruses, spam, and rootkits to protect the client it is installed upon. Host-based malware often uses signatures to detect and remove malicious code. Signature-based anti-malware is a generic category of malware that may be implemented through host-based, network-based, or cloud-based anti-malware solutions. Anti-malware either operates using signature-based detection, behavioral-based detection, or heuristic-based detection.
You have been contracted by Dion Training to conduct a penetration test against its Learning Management System (LMS). The LMS is a web application that is hosted in the organization’s DMZ (DeMilitarized Zone). Which of the following appliance allow lists should the organization add your source IP (Internet Protocol)in before the engagement begins?
A.DLP (Network Data Loss Prevention)
B.HIDS (Host-based Intrusion Detection System)
C.WAF (Web Application Firewall)
D.NIDS (Network-based Intrusion Detection System)
A home user ran a bandwidth speed test from their laptop and receive the following results: Ping: 53ms Download speed: 33.3 Mbps Upload speed: 10.2 Mbps Which of the following is the best interpretation of these results?
A.The laptop took 53ms to complete the bandwidth speed test
B.The laptop downloaded 33.3 MB of data and uploaded 102. Mb of data
C.The website downloaded data at 33.3 Mbps and uploaded data at 10.2 Mbps
D.The laptop received data at 33.3 Mbps and sent data at 10.2 Mbps
D.The laptop received data at 33.3 Mbps and sent data at 10.2 Mbps
OBJ-5.3: This connection appears to be an asymmetric connection, like a cable modem or aDSL, since the download and upload speeds do not match. According to the bandwidth speed test results, the laptop received data at 33.3 Mbps when receiving the test file and uploaded the test file back to the server at a speed of 10.2 Mbps. The laptop had a latency of 53ms during the test, which is indicated by the ping test conducted as part of the bandwidth speed test. During a bandwidth speed test, the laptop will first conduct a ping test to the server to measure the latency of the connection. Next, the laptop will download a sample file from the server and then upload that same file back to the server. During the download and upload, the server measures the time it took to accurately calculate the throughput of the connection between the laptop and the server.
A network technician is responsible for the basic security of the network. Management has asked if there is a way to improve the level of access users have to the company file server. Right now, any employee can upload and download files with basic system authentication (username and password). What should he configure to increase security?
A.Single sign-on authentication
B.Kerberos authentication
C.Federated authentication
D.Multi-factor authentication
D.Multi-factor authentication
OBJ-4.1: This security approach provides a defense layer that makes it difficult for unauthorized users to break into a system. It provides multiple factors that a user must know to obtain access. For instance, if one factor is successfully broken, there will be few others that the individual attempting to enter the system must overcome. Multi-factor authentication is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism: knowledge, possession, inherence, location, or actions.
Which protocol is used to establish a secure and encrypted VPN (Virtual Private Network) tunnel that can be initiated through a web browser?
A.SSL (Secure Sockets Layer)
B.PPP (Point-to-Point Protocol)
C.PPTP (Point-to-Point Tunneling Protocol)
D.IPsec (Internet Protocol Security)
A.SSL (Secure Sockets Layer)
OBJ-4.4: An SSL VPN is a type of virtual private network that uses the Secure Sockets Layer protocol in a standard web browser to provide secure, remote-access VPN capability. In modern browsers and servers, it is more common to use TLS (transport layer security) which is the successor to SSL. Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network and is used heavily in virtual private networks, but not with web browser initiated ones. The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks. Point-to-Point Protocol (PPP) is a TCP/IP protocol that is used to connect one computer system to another.
A cybersecurity analyst wants to install a network appliance to conduct packet capturing of the network traffic between the router and the firewall on the network. The device should not be installed in-line with the network, so it must receive a copy of all traffic flowing to or from the firewall. Which of the following tools is required to meet these requirements?
A.Fusion splicer
B.Network tap
C.Tone generator
D.Fiber light meter
B.Network tap
OBJ-5.2: A network tap is used to create a physical connection to the network that sends a copy of every packet received to a monitoring device for capture and analysis. A fusion splicer is used to create long fiber optic cable lengths by splicing multiple cables together or to repair a break in a fiber optic cable. A fiber light meter, also known as an optical power meter, is used to measure the power in an optical signal over a fiber optic cable. A fiber light meter could be used to test if the cable is broken, but it would not be able to determine where the break in the fiber cable is located. A tone generator is used with a toner probe to accurately identify the location of a cable pair or conductor within a wiring bundle, cross-connection point, or at the remote end. A tone generator is used with copper cables, not fiber optic cables.