Network+ N10-009

Question 1

what is the size of the addressing scheme used by ipv4?

a. 32 bits
b. 128 bits
c. 64 bits
d. 256 bits

Answer 1

a. ipv4 uses a 32 bit addressing scheme, which allows for 2^32 unique addresses. this is in contrast to ipv6, which uses a 128 bit addressing scheme

Question 2

multi-mode fiber is designed to operate at which of the following wavelengths?

a. 1300 nm and 1550 nm
b. 1310 nm and 1550 nm
c. 850 nm and 1300 nm
d. 850 nm and 1310 nm

Answer 2

c. multi-mode fiber is designed to operate at 850 nm and 1300 nm

Question 3

a network admin is configuring a subnet with the network address of 192.168.10.0/28. what is the range of usable host ip addresses for this subnet?

a. 192.168.10.0 to 192.168.10.15
b. 192.168.10.1 to 192.168.10.15
c. 192.168.10.1 to 192.168.10.14
d. 192.168.10.2 to 192.168.10.13

Answer 3

c. in a /28 subnet, there are 16 addresses in total. the first address (192.168.10.0) is the network address, and the last address (192.168.10.15) is the broadcast address. Therefore, the range of usable host ip addresses is from 192.168.10.1 to 192.168.10.14

Question 4

you are designing a network for a large conference event. you need to configure a special network segment for the event’s registration system, which requires internal comm between servers and devices without accessing the internet

a. 224.0.0.0 - 239.255.255.255
b. 198.51.100.0/24
c. 192.0.2.0/24
d. 10.0.0.0/8

Answer 4

d. the 10.0.0.0/8 ip address is part of the private ip address space, which is intended for use within private networks. this range is ideal for this scenario because it allows for internal comm between servers and devices without the risk of conflicting with public internet addresses or the attendees’ private networks, assuming proper network segmentation and addressing are implemented

Question 5

an org is using oci for its cloud services. the network admin has been asked to ensure that all instances within a specific subnet can only communicate with each other on port 22 and should not accept any other inbound traffic from outside the subnet. the admin decides to use oci’s networking features to accomplish this task. which of the following should the admin configure to meet this requirement?

a. assign a sec group to each instance within the subnet, with a rule that allows inbound traffic on port 22 from the subnet’s cidr range
b. implement a nsg in oci and apply it to the subnet, allowing only port 22 traffic
c. create a security list for the subnet that allows inbound traffic on port 22 from the subnet’s cidr range and denies all other inbound traffic
d. configure a stateful security group that drops all network traffic except from ssh traffic on port 22 for the entire subnet

Answer 5

c. in oci, security lists apply to an entire subnet and can be used to define rules that affect all instances within that subnet. by creating a security list that allows inbound ssh traffic on port 22 from the subnet’s own cidr range and denies all other inbound traffic, the admin can ensure that instances within the subnet can communicate with eachother using ssh while blocking all other inbound traffic from outside the subnet

Question 6

which network component connects a device to transmission media and allows the device to send and receive messages?

a. client
b. nic
c. protocol
d. server

Answer 6

B. a nic allows a device to send and receive messages over a transmission media

Question 7

a network admin is working on enhancing the privacy of devices on the comp network. the admin decides to implement a feature that uses psuedorandom numbers for the int id part of the ipv6 address. what feature is the net admin implementing?

a. hierarchical addressing
b. privacy extensions
c. eui-64 addressing
d. mac-derived addressing

Answer 7

b. by using psuedorandom numbers for the int id, the net admin is implementing privacy extensions for ipv6 addresses. this approach is used to enhance privacy and security by making it difficult to track devices based on their ipv6 addresses

Question 8

you are setting up a wifi network in your new coffee shop, which is located in a historic building with thick brick walls, you need to ensure that the wifi signal is strong enough and reliable throughout the shop, including an outdoor seating area. considering the buildings construction and the need for outdoor coverage, which of the following actions would best address your needs?

a. use bluetooth devices to extend the wifi range
b. install fluorescent lighting to improve signal strength
c. use a 2.4 ghz wifi router to better penetrate the thick brick walls
d. use a 5 ghz wifi router for its faster data rate

Answer 8

c. 2.4 ghz radios support better ranges that 5 ghz ones, especially in environments with solid objects like brick walls that can weaken or block signals

Question 9

what is the significance of the encapsulation dot1Q command in vlan routing?

a. it enables vlan tagging on a subinterface
b. it assigns an ip address to a vlan
c. it designates a switch port as a trunk port
d. it specifies the encryption method for vlan traffic

Answer 9

a. the encapsulation dot1q command is used in vlan routing to enable vlan tagging on a subinterface. this command specifies that the subinterface should use 802.1q vlan tagging to identify traffic belonging to a specific vlan

Question 10

what actions does the use of ups’s allow for during power anomalies in enterprise sites? (select two)

a. automatically repair damaged network cables
b. shut down the system gracefully
c. increase the processing power of servers
d. permanently replace the main power source
e. switch to a secondary power source

Answer 10

b & e. ups’s provide temp power during outages, allowing time to switch to a secondary power source like a generator. this ensures continuity of operations and prevents data loss. ups’s also allow for a graceful shutdown of systems in the event of a power failure. this helps in avoiding data corruption and loss by ensuring that all processes are properly closed before the system powers down

Question 11

a network admin is configuring a new network segment that will use eigrp as its routing protocol. the network consists of several routers connected in a mesh topology. the admin wants to ensure efficient use of bandwidth and quick convergence in case of a link failure. one of the routers, router a, is connected to a critical server that hosts time sensitive apps. what should the admin prioritize when configuring eigrp on router a to ensure the best performance for time sensitive apps?

a. increase the hop count metric
b. enable periodic updates of the entire routing information base
c. increase bandwidth metric on all links
d. decrease the delay metric on the link to the critical server

Answer 11

d. decreasing the delay metric on the link to the critical server ensures the eigrp prioritizes this path for time sensitive traffic, such as voice or video, which is crucial for the performance of the apps hosted on the server

Question 12

a tech company is upgrading its office network to accommodate the increasing number of iot devices and to improve the overall network efficiency. the it manager is considering whether to implement wifi 5 or wifi 6. the company’s network frequency experiences congestion due to a large number of devices transmitting small data packets. which wifi standard should the it manager choose?

a. wifi 5 because it supports up to 8 spatial streams
b. wifi 5 because it operates exclusively in the 5 ghz band
c. wifi 6 because it uses the 2.4 ghz band exclusively
d. wifi 6 because it introduces ofdma

Answer 12

d. wi-fi 6 is the better choice for the tech company’s needs because it introduces ofdma (orthogonal frequency division multiple access), which allows for more efficient data transmission, especially in congested networks with many devices transmitting small data packets. ofdma improves network efficiency by allowing multiple devices to transmit simultaneously, reducing latency and better supporting iot devices.

Question 13

in vrrp, what is the term used to describe the router that currently forwards packets sent to the virtual ip address?

a. active router
b. backup router
c. standby router
d. master router

Answer 13

d. in vrrp, the “master” router is the one that is currently responsible for forwarding packets sent to the virtual ip address

Question 14

a network admin is trying to figure out which switch will be rooted in a stp setup. which of the following would determine the root?

a. lowest id
b. dps
c. bdpu
d. highest id

Answer 14

a. the switch with the lowest id, comprising a priority value and the mac address, will be selected as the root

Question 15

how can you identify transmitted optical signals when working with fiber optic patch cords?

a. by observing bright white spots through a smartphone camera
b. by measuring the weight of the fiber optic cable
c. by feeling the temp change on the surface of the cable
d. by listening for a distinct sound emitted by the fiber optic cable

Answer 15

a. while the human eye cannot directly see these light wavelengths, a smartphone camera can detect them, appearing as bright white spots on the camera’s display

Question 16

how does a network achieve steady state in the context of convergence?

a. by disconnecting routers that do not have updated routing information
b. when routers in the network share the same topology info
c. by manually configuring all routers to have the same routing table
d. through the use of a single dynamic routing protocol across the entire internet

Answer 16

b. a network achieves a steady state, in terms of convergence when all routers have updated their routing tables based on the latest network topology information and these tables remain stable without needing further updates

Question 17

during a network expansion, a company decides to implement eigrp across its entire network, which spans multiple locations without varying link speeds and delays. the network team is tasked with ensuring that the routing protocol can efficiently handle the diverse network infrastructure while maintaining fast convergence times and minimizing unnecessary traffic. what feature of eigrp should the network team leverage to meet these requirements?

a. implement a topology table to prevent routing loops and support rapid convergence
b. set a high number of maximum hops across the network
c. configure eigrp to use multicast addressing for routing updates
d. utilize static routing alongside eigrp for all inter-location links

Answer 17

a. the use of a topology table is a key feature of eigrp that allows it to prevent routing loops while supporting rapid convergence by maintaining a comprehensive view of the network beyond just the active routes.

Question 18

a new isp is setting up its network infrastructure. the isp’s primary goal is to ensure that data packets are routed using the most efficient paths to minimize latency and maximize throughput. the networking team is evaluating various routing protocols to deploy within their as that will best meet these requirements. given the isp’s focus on efficiency and performance, which routing protocol should they consider implementing?

a. eigrp
b. bgp
c. rip
d. ospf

Answer 18

d. ospf uses the shortest path first (spf) algorithm to calculate the shortest and most efficient path for routing packets within an autonomous system. this makes it well-suited for the isp’s goal of minimizing latency and maximizing throughput within their network.

Question 19

an enterprise is experiencing issues with its wireless network, including inconsistent configurations across access points and difficulty in tracking which clients are connected to which access points. the it department proposes the introduction of a wireless controller to address these issues. the proposed solution involves using the wireless controller to manage all access points as lightweight APs. what is the primary protocol that the wireless controller will use to communicate with the access points in this scenario?

a. https
b. snmp
c. lwapp
d. capwap

Answer 19

c. in a scenario where a wireless controller is introduced to manage access points as lightweight aps, the primary protocol used for communication between the wireless controller and the access points is likely to be the lwapp. lwapp facilitates the centralized management and configuration of access points by allowing them to download necessary settings such as ssid, channel, and security configurations from the wireless controller, addressing the enterprise’s issues with inconsistent configurations and client tracking

Question 20

during a network expansion, an administrator decides to implement a new vlan (vlan30) for guest users. the vlan is configured, but guests report that they can obtain an ip address but cannot access the Internet. the administrator confirms that the dhcp server is providing ip addresses in the correct range for vlan30. what is the most likely cause of the internet access issue?

a. the router is not configured with a subinterface for vlan30
b. the router’s acl is blocking traffic from vlan30
c. the switch ports are not correctly assigned to vlan30
d. the dhcp server is not providing a default gateway address.

Answer 20

a. if guests can obtain an ip address but cannot access the internet, the issue likely lies with routing. The router needs a subinterface for vlan30 to route traffic between vlan30 and other networks, including the internet.

Question 21

a network administrator is troubleshooting connectivity issues in a network. the administrator notices that a router has two routes to the same destination network 192.168.1.0/24 in its routing table: one learned via a static route with an ad of 1 and a metric of 0, and another learned via rip with an ad of 120 and a metric of 4. the administrator wants to ensure the router always prefers the route learned via rip unless it becomes unavailable. what action should the administrator take?

a. decrease the ad of the rip route to 0
b. increase the AD of the static route to a value higher than 120
c. decrease the metric of the rip route to 0
d. increase the metric of the static route to a value higher than 4.

Answer 21

b. by increasing the ad of the static route to a value higher than 120, the administrator makes the static route less preferred compared to the rip route. this ensures the router will prefer the rip route as long as it is available. ad is the correct attribute to adjust in this scenario because it determines the trustworthiness or preference of routes from different sources

Question 22

What is the primary benefit of using a redundancy protocol like the CARP in a high availability cluster?

a. it reduces the overall cost of the cluster
b. it enables failover to a passive node if one fails
c. it allows for unlimited scalability of the cluster
d. it increases the processing power of each node in the cluster

Answer 22

b. the redundancy ensures continuous service availability by automatically transitioning the virtual IP and workload to a standby node

Question 23

when troubleshooting name resolution issues, what is the significance of performing a successful connectivity test by IP address?

a. it proves that the issue is with the client’s web browser cache
b. it suggests that there is no issue with the network connectivity
c. it indicates that the DNS server is down
d. it confirms that the HOSTS file is correctly configured

Answer 23

b. it suggesters that there is no issue with the network connectivity. a successful connectivity test by IP address indicates that the network connection between the client and the server is functioning correctly

Question 24

when trying to access the website www.example.org, which DNS server type is contacted first to begin the process of resolving the website’s address?

a. authoritative DNS server
b. root DNS server
c. local DNS server
d. TLD DNS server

Answer 24

c. the first step in resolving a domain name to its IP address involves querying the local DNS server, typically provided by your ISP

Question 25

in an effort to enhance network security and performance, a company decides to deploy a system that can analyze traffic flows in real-time, generating alerts for unusual patterns that might indicate security threats or performance issues. the system should be able to aggregate flows from multiple sources and provide detailed reports. what components are necessary for the company to implement this system?

a. netflow exporter and DHCP server
b. DNS server and SNMP manager
c. SNMP agent and netflow exporter
d. netflow collector and analyzer

Answer 25

d. the collector aggregates flows from multiple exporters, while the analyzer interprets the information, gathering alerts and detailed reports

Question 26

what role does a grandmaster clock play in a PTP domain?

a. it servers as the primary network router
b. it acts as the primary backup time source
c. it syncs directly with satellite clocks
d. it is the authoritative time source

Answer 26

d. in a PTP domain, the grandmaster clock is the authoritative time source to which other clocks in the domain sync, ensuring high precision across the network

Question 27

what is the significance of updating the serial number in DNS zone records?

a. it indicates the port number for DNS queries
b. it it used to identify cache-only servers
c. it helps in the replication and sync process
d. it specifies the TTL value for the zone

Answer 27

c. when a change is made to a DNS zone file on a primary server, the serial number must be incremented

Question 28

which org is responsible for managing generic top-level domains?

a. IEEE
b. ICANN
c. IEFT
d. ISO

Answer 28

b. ICANN is responsible for managing generic TLDs, overseeing the allocation and management of these domains

Question 29

in a client-to-site VPN config, which method allows the client to access the internet directly using its ISP-managed IP config, routers, and DNS servers?

a. full tunnel
b. direct tunnel
c. split tunnel
d. secure tunnel

Answer 29

c. in a split tunnel VPN configuration, the client’s connection is divided into two separate tunnels. one tunnel connects to the corporate network for accessing internal resources, while the other tunnel allows direct access to the Internet using the client’s ISP-managed IP configuration, routers, and DNS servers. this setup enables users to access public internet resources directly, without routing this traffic through the corporate network, thus preserving bandwidth and potentially improving performance for non-corporate internet browsing

Question 30

during a network performance analysis, you notice that a particular client server session is terminated abruptly. you observe that after a period of normal data exchange, the client suddenly a RST packet to the server. which of the following could be the reason for that?

a. the client is attempting to restart a 3-way handshake
b. the client wants to initiate the TCP connection teardown process in an orderly manner
c. the client has detected an error condition and wants to abruptly terminate the session
d. the client is confirming the successful receipt of a FIN packet from the server

Answer 30

c. a RST packet is used to abruptly terminate a connection, often due to an error condition or a security policy violation

Question 30

during a routine monitoring, a network engineer notices that two devices a experiencing connectivity issue. suspecting an address conflict, the engineer decides to investigate the autoconfig process of these devices?

a. neighbor solicitation (ns)
b. router advertisement (ra)
c. router solicitation (rs)
d. neighbor advertisement (na)

Answer 30

d. NS messages are used by devices to ensure the uniqueness ofd their autoconfigured addresses on the local network

Question 31

your company has recently implemented a new email security that includes the use of SPF and DKIM to combat spam and mail spoofing. as the DNS admin, you are tasked with updating the DNS records to comply with this new policy. which type of DNS records will you need to update or create to support the implementation of SPF and DKIM?

a. SRV record
b. MX record
c. A
d. TXT

Answer 31

d. a TXT record is used to store free form text information in DNS and is the appropriate choice for implementing SPF and DKIM

Question 32

which protocol is mentioned as being used by some suites for more detailed information about network interfaces?

a. SNMP
b. FTP
c. HTTP
d. SMTP

Answer 32

a. SNMP is used by some network management suites to query for detailed information about network interfaces, aiding in comprehensive network monitoring

Question 33

a net admin is configuring a DHCP server for a small office. the office network requires that all client devices use a specific DNS server for name resolution and a particular domain name for network identification. Additionally, the admin wants to ensure that client devices can comm with external networks through a designated gateway. which of the following satisfies these requirements? (Select 3)

a. DNS servers
b. lease time
c. t2 timer
d. default gateway
e. t1 timer
f. NTP servers
g. DNS suffix

Answer 33

a, c & g. default gateways specifies the router’s IP address for accessing external networks.
DNS servers specify the DNS servers for name resolution.
DNS suffixes specifies the domain name for network identification.

Question 34

you are part of a team conducting environmental research in a remote Artic location. the team needs reliable internet access to transmit large files back to their university for analysis. due to remote location, traditional internet services are not an option. which satellite internet setup should your team consider to ensure high data transfer rates?

a. any satellite service, as data transfer rates are uniform across all satellite internet services
b. satellite internet is unsuitable for transmitting large data files due to bandwidth limitations
c. low earth orbit satellite internet access with phased array antennas
d. high geostationary orbit satellite internet access with a very small aperture terminal

Answer 34

c. LEO satellites can provide better bandwidth (around 70-100 Mbps at the time of writing) and lower latency, which are crucial for transmitting large data files efficiently. the phased array antennas minimize the need for mechanical realignment, making them well-suited for remote and challenging environments like the arctic.

Question 35

A network administrator is configuring a subnet with the network address of 192.168.10.0/28. What is the range of usable host IP addresses for this subnet?

a. 192.168.10.0 to 192.168.10.15
b. 192.168.10.1 to 192.168.10.15
c. 192.168.10.1 to 192.168.10.14
d. 192.168.10.2 to 192.168.10.13

Answer 35

c. In a /28 subnet, there are 16 addresses in total. The first address (192.168.10.0) is the network address, and the last address (192.168.10.15) is the broadcast address. Therefore, the range of usable host IP addresses is from 192.168.10.1 to 192.168.10.14.

Question 36

A small office/home office (SOHO) network is configured to use the private IP address range of 192.168.1.0/24. If you are setting up a SOHO router for this network, which of the following IP addresses would be the MOST appropriate for the router?

a. 192.168.1.1
b. 192.168.2.1
c. 192.168.1.255
d. 203.0.113.1

Answer 36

a. 192.168.1.1 is the correct answer. This IP address is within the specified private IP address range of 192.168.1.0/24 and is commonly used as the default gateway address for devices on the network. It is a suitable choice for the router’s IP address, allowing it to manage traffic between the local network and the Internet.

Question 37

David needs to execute a script named update.sh on a remote server update.example.com without starting an interactive shell session. His username on the server is david. Which command should he use?

a. ssh -x david@update.example.com “update.sh”
b. scp update.sh david@update.example.com:/tmp/ && ssh david@update.example.com “bash /tmp/update.sh”
c. ssh david@update.example.com “bash update.sh”
d. ssh david@update.example.com “execute update.sh”

Answer 37

c. he correct command is ssh david@update.example.com “bash update.sh”. This command correctly uses SSH to execute the update.sh script on the remote server by specifying the command to run in quotes. It does not start an interactive shell session but directly executes the specified script.

Question 37

An IT administrator wants to perform a comprehensive security audit on their network. The administrator needs to identify both TCP and UDP services running across all devices. Which approach should the IT administrator take to achieve a thorough scan using Nmap?

a. Perform a UDP scan (-sU) only.
b. Perform a TCP SYN scan (-sS) only.
c. Use the -A switch to automatically scan both TCP and UDP ports.
d. Perform separate TCP connect scans (-sT) and UDP scans (-sU).

Answer 37

d. For a comprehensive audit that covers both TCP and UDP services, performing separate scans for each protocol is the most thorough approach. This allows the admin to tailor the scan options for each protocol type, ensuring a detailed and comprehensive audit.

Question 38

A university campus is upgrading its network to enhance connectivity between its library and the computer science department, which are 500 meters apart. The upgrade aims to facilitate intensive data exchange for research purposes, including large datasets and high-definition video streaming. Given the distance and the high bandwidth requirements, which type of cable should the university use?

a. Multimode Fiber (MMF)
b. Satellite Link
c. Single Mode Fiber (SMF)
d. Cat 6 UTP Cable

Answer 38

a. Multimode Fiber (MMF) is the most suitable option for this scenario. It is designed for medium distances and high data rates, making it ideal for connecting buildings within a campus. MMF’s larger core size allows for the use of less expensive optics compared to SMF, and it can easily support the bandwidth requirements for large datasets and high-definition video streaming over a distance of 500 meters.

Question 39

A university’s IT department is transitioning its campus network to IPv6 to accommodate the growing number of devices and to future-proof its infrastructure. However, they still need to ensure access to several critical IPv4-only online resources for research and administration.

The IT department decides to implement NAT64 as part of their transition strategy.

What is a key benefit of this decision for the university?

a. NAT64 allows the university’s IPv6-only devices to communicate with IPv4-only resources by translating IPv6 addresses into IPv4 addresses.
b. NAT64 will convert the entire campus network to IPv4-only to simplify access to IPv4 resources.
c. NAT64 will encapsulate all IPv6 traffic into IPv4 packets, ensuring compatibility with IPv4-only networks.
d. NAT64 will require all devices on the network to operate in a dual stack mode to access IPv4-only resources.

Answer 39

a. The correct answer is that NAT64 allows the university’s IPv6-only devices to communicate with IPv4-only resources by translating IPv6 addresses into IPv4 addresses. NAT64 facilitates communication between IPv6-only devices and IPv4-only resources by translating IPv6 addresses into IPv4 addresses. This allows the university to move forward with its IPv6 transition while still maintaining access to essential IPv4-only online resources.

Question 40

A company is setting up its internal network and needs to configure its DNS servers. They want to ensure that internal domain name resolution is efficient and secure for their internal clients. Which of the following configurations should they implement for their DNS servers?

a. Allow recursive queries from the Internet on all DNS servers.
b. Configure all DNS servers to allow both recursive queries and maintain zone records.
c. Set up a dedicated DNS server for recursive queries and another for maintaining zone records.
d. Disable recursive queries on all DNS servers to enhance security.

Answer 40

c. Setting up a dedicated DNS server for recursive queries and another for maintaining zone records is the correct answer and a best practice for internal network configurations. This approach separates the roles, enhancing security by limiting the exposure of the authoritative DNS server to direct internet queries and ensuring efficient resolution within the network.

Question 41

An organization tasks a network engineer with purchasing an access/gateway that extends the local network access over an intermediate public network so a remote computer can join the local network. What access/gateway will the engineer acquire?

a. Hub and Spoke VPN
b. Remote Access VPN
c. Site-to-Site VPN
d. VPN headend

Answer 41

b. A remote access VPN refers to extending local network access over an intermediate public network so that a remote computer can join the local network.

Question 42

Kate, a network administrator, has been tasked with staying within the company budget. She has a large network and doesn’t want to spend more than she needs to on purchasing and registering multiple public IP addresses for each of the hosts on her network. Which of the following methods could help her provide internet access but also keep costs low and limit the number of registered IP addresses her organization needs to purchase?

a. Use Layer 2 switches.
b. Use Network Address
c. Use Layer 3 switches.
d. Use PoE devices.

Answer 42

b. Using NAT will allow the hosts on Kate’s network to be private and to utilize just one registered public IP address

Question 43

You are setting up a wireless network in your small office using an older router that supports IEEE 802.11b. You notice that the Wi-Fi signal is interfering with other wireless devices in the office. To minimize interference, you decide to configure the router to use one of the recommended non-overlapping channels. Which channel should you choose?

a. Channel 13
b. Channel 9
c. Channel 6
d. Channel 3

Answer 43

c. To minimize interference in the 2.4 GHz band, it is recommended to use one of the non-overlapping channels: 1, 6, or 11. Channel 6 is the correct choice among the options provided, as it is one of the three non-overlapping channels that can help reduce co-channel interference with other devices.

Question 44

A university is setting up a new wireless network for its library, which will serve students, faculty, and guests. The estimated maximum simultaneous connections at any given time are expected to be around 150. The university also wants to ensure that there is capacity for at least 50% growth over the next five years and to accommodate network infrastructure devices. What is the minimum number of hosts each subnet must support?

a. 1024
b. 128
c. 256
d. 512

Answer 44

d. The current need is for approximately 150 connections. Accounting for 50% growth, the future need is 150 + (150 * 0.5) = 225 connections. Adding some capacity for network infrastructure devices, let’s round up to 230. The next highest power of 2 that can accommodate this number is 512, making it the minimum number of hosts each subnet must support to ensure future growth and infrastructure needs are met.

Question 45

You have a small network at home that is connected to the Internet. On your home network, you have a server with the IP address of 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a web server and allow internet hosts to contact the server to browse a personal website. What should you use to allow access to this configuration?

a. DNS CNAME record
b. Dynamic NAT
c. Static NAT
d. Multicast
e. DNS A record

Answer 45

c. Static NAT maps an internal IP address to a static port assignment. Static NAT is typically used to take a server on the private network (such as a web server) and make it available on the Internet. External hosts contact the internal server using the public IP address and the static port. Using a static mapping allows external hosts to contact internal hosts.

Question 46

A small office is planning to install several IP cameras for security purposes. The IT manager wants to ensure a clean setup without running separate power lines for each camera. The office network includes a switch that supports the IEEE 802.3at (PoE+) standard. Which of the following is the most appropriate solution for powering the IP cameras?

a. Replace the existing switch with one that supports the IEEE 802.11ac standard.
b. Install separate AC adapters for each IP camera.
c. Use a power injector for each IP camera.
d. Use standard Ethernet cables to connect the IP cameras to the PoE+ switch.

Answer 46

d. The IEEE 802.3at (PoE+) standard supports up to 30 W of power, which is sufficient for most IP cameras. By using a PoE+ switch and standard Ethernet cables, the office can power the cameras over the same cables used for data transmission, ensuring a clean setup without the need for separate power lines.

Question 47

You are configuring a network for a small office. One of the requirements is to ensure that the network printer is always accessible to all computers on the network without any delay caused by ARP traffic. To achieve this, you decide to add a static ARP entry on each computer to associate the printer’s IP address with its MAC address. Which command would you use on each Windows computer to add this static ARP entry for the printer with an IP address of 192.168.1.50 and a MAC address of 00:AA:BB:CC:DD:EE?

a. ip neigh add 192.168.1.50 lladdr 00:AA:BB:CC:DD:EE nud permanent
b. arp -a
c. arp -d 192.168.1.50
d. arp -s 192.168.1.50 00-AA-BB-CC-DD-EE

Answer 47

d. The arp -s 192.168.1.50 00-AA-BB-CC-DD-EE command is the correct answer. The arp -s command is used to add a static ARP entry to the ARP cache. This command is followed by the IP address of the device (in this case, the printer) and its MAC address. For Windows, the MAC address should be entered with hyphens separating each pair of hexadecimal characters. This ensures that the computers can immediately resolve the printer’s IP address to its MAC address without generating ARP traffic, making the printer quickly accessible.

Question 48

A network administrator is tasked with troubleshooting intermittent network issues that have been reported by users in their organization. The administrator decides to use a packet sniffer to capture network traffic for analysis.

Given the need to capture all traffic, including potentially corrupt or malformed frames, which connection method should the network administrator use to ensure comprehensive data capture?

a. Use SPAN/port mirroring on a network switch.
b. Install a Passive TAP between the network segments.
c. Configure an Active TAP with signal regeneration.
d. Directly connect the sniffer to the internet router.

Answer 48

d. The correct answer is to install a Passive Test Access Point (TAP) between the network segments. A Passive TAP is the best choice because it physically copies all the traffic, including corrupt or malformed frames, without affecting the original data flow. This ensures a comprehensive capture of all network traffic, which is crucial for troubleshooting the intermittent issues reported.

Question 49

A network administrator notices that the data transfer rates between devices in a 100BASE-TX Fast Ethernet network are not reaching the expected 100 Mbps. The network uses switches, and all devices support Fast Ethernet. What could the network administrator enable to improve the data transfer rates to the expected 100 Mbps?

a. Replace all Cat 5 cables with fiber optic cables
b. Replace switches with hubs
c. Full-duplex mode on all devices
d. Auto-negotiation on all devices

Answer 49

c. Enabling full-duplex mode on all devices allows for simultaneous transmission and reception of data, effectively allowing each node to use the full 100 Mbps bandwidth of the cable link to the switch port. This can improve data transfer rates to the expected 100 Mbps.

Question 49

A security analyst discovers that several company devices are communicating with known malicious external IP addresses. Upon further investigation, it is found that these devices are sending out large volumes of unsolicited traffic to various targets. Which of the following has MOST likely compromised these devices?

a. Phishing Attack
b. On-path Attack
c. Ransomware
d. Botnet

Answer 49

d. The correct answer is a botnet. A botnet is a network of compromised devices, known as bots, that are controlled by a threat actor. These devices can be commanded to perform various malicious activities, including sending out large volumes of unsolicited traffic as part of DDoS attacks. The scenario describes devices communicating with known malicious IP addresses and sending out large volumes of traffic, which aligns with the behavior of devices compromised by a botnet.

Question 50

A user reports that their workstation cannot connect to the Internet, but they can access internal network resources. You verify that other users in the same office have internet access. The user’s workstation has recently been moved to a new desk. What is the most likely cause of the problem?

a. The DNS settings on the workstation are incorrect.
b. The workstation’s network adapter has failed.
c. The workstation’s firewall settings are blocking internet access.
d. The workstation is not properly connected to the network switch.

Answer 50

d. The correct answer is that the workstation is not properly connected to the network switch. Given that the workstation was recently moved, the first thing to check is the physical connection between the workstation and the network, specifically its connection to the network switch. A loose or disconnected cable could easily cause the described issue.

Question 51

A system administrator is setting up a new Linux server for their company. The administrator needs to ensure that all user passwords are stored securely and that the authentication process is robust. The system administrator decides to configure the system so that when users log in, their passwords are checked against a hash stored in a specific file. Which file should the system administrator configure to store the hashed passwords for user authentication?

a. /etc/passwd
b. /etc/shadow
c. /home/user
d. /usr/local/bin

Answer 51

b. In Linux systems, the /etc/shadow file is used to store hashed passwords securely. Unlike /etc/passwd, which is readable by all users and contains user account information, /etc/shadow is accessible only to the root user or processes requiring authentication information, thus providing an additional layer of security for sensitive password data.

Question 52

A local library has recently expanded its digital services, leading to an increase in patrons using their own devices to access digital books, research databases, and the Internet. The library’s Wi-Fi network, which was initially designed to support a moderate number of connections, is now experiencing overcapacity issues during peak hours. Patrons report slow internet speeds and difficulty connecting to the Wi-Fi network. The library’s IT department has been asked to propose a solution that improves network performance while keeping costs manageable. Which of the following proposals should the IT department prioritize?

a. Upgrade all existing APs to the latest Wi-Fi standard to increase their capacity.
b. Increase the internet service speed to the library.
c. Install additional APs in areas with the highest patron density during peak hours.
d. Implement a network usage policy that restricts video streaming and large downloads during peak hours.

Answer 52

c. The correct answer is to install additional APs in areas with the highest patron density during peak hours. Installing additional APs in areas with the highest patron density directly addresses the root cause of the overcapacity issue by increasing the network’s ability to handle more simultaneous connections, especially during peak hours. This solution helps distribute the network load more evenly across multiple APs, improving connectivity and internet speeds for patrons. It’s a targeted approach that focuses on areas of greatest need, making it a cost-effective way to enhance network performance.

Question 52

Your company plans to deploy a new web application that will be accessible to the public. The IT department suggests using a screened subnet for enhanced security. The application requires a public-facing web server and a database server that should not be directly accessible from the Internet. Which of the following configurations would BEST suit the company’s needs?

a. Deploy two firewalls, placing both the web server and the database server between them in the perimeter network.
b. Deploy a single firewall, placing both the web server and the database server directly in the internal network.
c. Deploy a single firewall with a triple homed configuration, placing the web server in the perimeter network and the database server in the internal network.
d. Deploy two firewalls, placing the web server in the perimeter network and the database server in the internal network, with no direct internet access to the database server.

Answer 52

d. The correct answer is to deploy two firewalls, placing the web server in the perimeter network and the database server in the internal network, with no direct internet access to the database server. This configuration uses the principle of a screened subnet with two firewalls to enhance security. The web server is placed in the perimeter network (DMZ), where it can be accessed by the public, but it is separated from the internal network where the database server resides. This setup ensures that even if the web server is compromised, the attacker would still face another layer of security before accessing the database server, thereby providing enhanced protection for sensitive data.

Question 53

You are configuring a wireless network with two wireless access points. Both access points connect to the same wired network. You want wireless users to be able to connect to either access point and have the ability to roam between them. How should you configure the access points?

a. Different SSID but same channel
b. Same SSID and same channel
c. Different SSID and different channel
d. Same SSID but different channel

Answer 53

d. When you configure multiple access points as part of the same extended service set (ESS), configure both access points with the same service set identifier (SSID). The SSID is like a network name and groups wireless devices together into the same logical network. All devices, including wireless clients, use the same SSID.

Question 54

A medium-sized enterprise has recently upgraded its network infrastructure to support increased traffic and to introduce redundancy for higher reliability. The network design includes multiple routers and redundant paths to ensure continuous connectivity even if a link fails. However, after the upgrade, the network team has observed intermittent connectivity issues where certain data packets do not reach their intended destinations, especially immediately following a link failure or during network configuration changes. This issue resolves itself after a short period but causes temporary disruptions to network services. Based on this description, what is the most likely cause of the intermittent connectivity issues observed in the enterprise network?

a. Count to infinity
b. Split horizon
c. A black hole
d. Route poisoning

Answer 54

c. The correct answer is a black hole. A black hole in networking occurs when data packets are dropped because there is no valid route to the destination, often due to a recent change in the network topology that has not yet been fully propagated or converged upon by all routers. In the scenario described, the intermittent connectivity issues following a link failure or during network configuration changes are indicative of a black hole situation. This happens because the routing tables of some routers have not yet updated to reflect the new network topology, leading to packets being sent on a path that no longer exists or cannot reach the destination, thus being dropped without notification back to the source.

Question 55

During a routine network analysis, you notice an unusually high amount of traffic coming from a single host. Suspecting a misconfigured application or a potential security threat, you decide to investigate further using Wireshark. You aim to understand the nature of the traffic and identify the protocols involved. Which steps should you take in Wireshark to achieve this?

a. Use the “Edit” menu to change the colorization of packets to visually identify suspicious activity.
b. Immediately apply a display filter for known malicious protocols to see if they are present.
c. Use the “Statistics” menu to access the “Protocol Hierarchy” statistics to see the distribution of protocols used by the host.
d. Export the packet capture and send it to a security analyst for further investigation.

Answer 55

c. The correct answer is to use the “Statistics” menu to access the “Protocol Hierarchy” statistics to see the distribution of protocols used by the host. Using the “Protocol Hierarchy” statistics under the “Statistics” menu in Wireshark allows you to quickly see a breakdown of all protocols used by the host in question. This can help identify any unusual or unexpected protocols that may indicate a misconfiguration or a security threat.

Question 55

A medium-sized e-commerce company has experienced a significant service disruption due to a denial-of-service (DoS) attack, resulting in substantial financial losses. In response, the company decides to conduct a business impact analysis (BIA). What is the primary purpose of this BIA?

a. To quantify the losses from the DoS attack
b. To determine which products were most affected by the attack
c. To identify which employees failed to prevent the attack
d. To redesign the company’s website to be more resilient to DoS attacks

Answer 55

a. The primary purpose of conducting a business impact analysis (BIA) in this scenario is to assess what losses occurred due to the DoS attack and to evaluate the likelihood and potential impact of future attacks. This information is crucial for making informed decisions about implementing security controls to mitigate such risks.

Question 56

Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA) both utilize which of the following encryption ciphers?

a. RC4
b. Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
c. Advanced Encryption Standard (AES)
d. Temporal Key Integrity Protocol (TKIP)

Answer 56

a. WEP’s encryption system (based on the RC4 encryption cipher) is flawed. Version 1 of WPA still uses the RC4 cipher, but it adds a mechanism called the Temporal Key Integrity Protocol (TKIP) to make it stronger. AES replaced RC4.

Question 57

On the multi-floor office, the staff is deploying multiple switches and there must be multiple broadcast domains. The Layer 2 switch with a single broadcast domain requires more bandwidth as more hosts are connecting to it. How can these switches be set up to accommodate the network architecture?

a. Configure multiple VLANs.
b. Setup port mirroring.
c. Setup Spanning Tree Protocol.
d. Setup each port as a trunk port.

Answer 57

a. VLAN can reduce broadcast traffic when a network has expanded beyond a certain number of hosts or users. From a security point of view, each VLAN can represent a separate zone.

Question 58

An IT engineer works with desktop installation technicians who deploy new computers to users. The installation technicians report that users in one area of the building do not achieve network speeds above 100 Mbps. After evaluating the cabling choices, the IT engineer determines that the problem area uses which type of cabling?

a. Cat 5
b. Cat 5e
c. Cat 3
d. Cat 6

Answer 58

a. The American National Standards Institute (ANSI) and the Telecommunications Industry Association (TIA)/Electronic Industries Alliance (EIA) have created categories and standards for twisted pair cabling. Cat 5 cabling supports a maximum speed of 100 Mbps.

Question 59

After a site survey, the network technician finds that the single wireless 2.4 gigahertz (GHz) access point (AP) in a large office floor space does not have a strong enough signal, and is contending a significant amount of background noise and interference. What will these findings most likely limit on the AP’s wireless signal?

a. They will cause an absorption of the signal.
b. They will limit the signal’s range.
c. They will cause an overlap in channels.
d. They will cause connections to go over capacity.

Answer 59

b. A low-powered access point (AP) and background interference, such as other wireless signals in the same frequency band, will greatly reduce the distance, or reach, of the AP to other clients.

Question 60

A user is having trouble downloading a file from a file server. A network technician checks the connection and that ping commands are receiving replies. The technician can also browse to the file server using the Windows Explorer. What should the technician begin to troubleshoot and why? (Select all that apply.)

a. If the file application is misconfigured
b. The Payload
c. The application layer
d. Any TCP flags

Answer 60

a & c. The application layer is where the technician should begin to troubleshoot because the lower levels are verified to be working.

The file transfer service is a widely used service at the Application layer. The file was not downloadable, despite the technician navigating to the file using Windows Explorer. The file server application may not be configured properly for download.

Question 61

What type of Domain Name System (DNS) record holds information such as 2001:4860:4860:8888?

a. MX
b. A
c. SRV
d. AAAA

Answer 61

d. An AAAA record performs the same function as an A record, but for resolving a host name to an IPv6 address.

Question 62

A network administrator is trying to set up IP assignments to be automatic for all broadcast domains. How can the administrator enable this for routers?

a. IP helper
b. Stratum
c. DHCP relay
d. Dynamic assignment

Answer 62

c. A DHCP relay agent can be configured to provide forwarding of DHCP traffic between subnets. Routers that can provide this type of forwarding are described as RFC 1542 compliant.

Question 63

A systems architect is setting up traffic between an SDN controller and infrastructure devices through automation by scripts that call functions. What direction of traffic is this considered to be?

a. East
b. West
c. North
d. South

Answer 63

d. The SDN controller and infrastructure device traffic are the “southbound” API calls. The principal innovation of SDN is to insert a control layer between the application layer and the infrastructure layer.

Question 64

A network administrator wants to authenticate server machines using Transport Layer Security (TLS). What can the administrator implement on the servers to validate the server’s identity and establish a secure transmission channel?

a. Single Sign-On (SSO)
b. Certificates
c. Kerberos
d. Local authentication

Answer 64

b. Digital certificates authenticate server machines when using Transport Layer Security (TLS). An administrator installs the certificates on a web or email server to validate its identity and establish a secure transmission channel.

Question 65

A network engineer has prepared a new switch for installation. What did the engineer configure on the new switch?

a. MIBs
b. Link state
c. Baselines
d. Netflow data

Answer 65

c. A performance baseline establishes the resource utilization metrics at a point in time, such as when the system is installed. Baselines provide a comparison to measure system responsiveness later.

Question 66

What is the role of a native VLAN?

a. It is used to carry traffic from multiple VLANs over a single link.
b. It handles untagged traffic on a trunk port.
c. It is designated for the fastest data transfer speeds.
d. It is the VLAN that all ports belong to by default.

Answer 66

b. The native VLAN is designated to manage untagged traffic that arrives on trunk ports, ensuring that this traffic is correctly processed and forwarded. This is crucial for compatibility with older devices that do not support VLAN tagging.

Question 67

A network engineer is tasked with configuring a new network segment for the marketing department. The department requires its own VLAN (VLAN50) to segregate its traffic from the rest of the company. The network consists of a Layer 3 switch and multiple Layer 2 switches. The engineer decides to use an SVI for VLAN routing. Which of the following commands should the engineer use to configure the SVI for VLAN50 on the Layer 3 switch?

a. interface VLAN50 ip address 192.168.50.1 255.255.255.0
b. vlan 50
c. switchport mode access vlan 50
d. interface G0/1.50 encapsulation dot1Q 50

Answer 67

a. To configure an SVI for VLAN50, the command interface VLAN50 ip address 192.168.50.1 255.255.255.0 is used. This command creates the SVI and assigns it an IP address, allowing it to act as the default gateway for devices in VLAN50.

Question 68

A network specialist wants to use a widely accepted dial-in user service that allows access over switches, wireless networks, and virtual private networks. What dial-in user service would meet the needs of the specialist and organization?

a. TACACS+
b. RADIUS
c. EAP
d. CVE

Answer 68

b. Remote Authentication Dial-in User Service (RADIUS) is widely used for client device access over switches, wireless networks, and VPNs.

Question 69

A network administrator is designing a set of Internet Protocol (IP) addresses for a Class C network in order to lease it out to clients when booting. A set of printers will require the same IP address upon renewing the lease. Which of the following network components will support this design? (Select two.)

a. IP reservation
b. DHCPv6
c. Virtual IP
d. DHCP

Answer 69

a & d. Dynamic Host Configuration Protocol (DHCP) provides an automatic method for allocating an IPv4 address, subnet mask, and default gateway.

IP reservation, or MAC reservation, is a mapping of the MAC address to a specific IP address within the DHCP server’s pool. The same IP address will be given to the registered MAC address of the requesting client.

Question 70

An attacker creates a rogue access point (AP) with the same Service Set Identifier (SSID) as a legitimate one, and then uses a Denial of Service (DoS) technique to overcome the legitimate AP.

Users are forced to disconnect from the network and reassociate with the attacker’s AP. What is the goal of the attacker when setting up this kind of evil twin attack? (Select two.)

a. To steal user network credentials
b. To deauthenticate client connections
c. To snoop on connections with web servers
d. To create an encryption protocol mismatch

Answer 70

a & c. An evil twin attack is when a threat actor stands up another access point (AP) that spoofs the legitimate AP. When users try to manually reconnect, the fake AP will be able to harvest users’ authentication information.

This evil twin may also act as a rogue AP if connected to legitimate local area network (LAN). This AP can then snoop on incoming connections to other servers and websites on the LAN.

Question 71

A network engineer monitors the network and follows information packets as they move through the network from hosts to endpoints. What is the engineer observing?

a. Traps
b. Traffic logs
c. Speed/duplex
d. Send/Receive Traffic

Answer 71

d. Sending and receiving traffic involves the movement of information within a system.

Question 72

A user is having trouble connecting to the company’s WiFi network. The user has verified that the password is correct and the network is available. What is the MOST likely issue with the device not connecting?

a. Encryption protocol mismatch
b. Captive portal
c. TLS settings
d. AAA server

Answer 72

a. An encryption protocol mismatch will cause the connection to fail, even if the correct credentials are supplied. Check OS drivers or verify authentication types/protocols on the device.

Question 73

What is the primary purpose of a jump box in a network?

a. To serve as a single administration server
b. To act as the primary data storage
c. To function as the main user interface
d. To increase the network’s bandwidth

Answer 73

a. A jump box serves as a single administration server, or jump host/server, added to the secure zone to simplify and secure administrative access to servers and appliances exposed to the Internet. It centralizes administrative tasks, reducing complexity and enhancing security by limiting access points.

Question 74

A user is connected to a remote desktop using the protocol WebSockets. What technology solution is the user using?

a. Clientless VPN
b. Authentication and authorization considerations
c. Site-to-site VPN
d. Remote desktop connection

Answer 74

a. Clientless VPN also referred to as HTML5 VPN, uses a WebSockets protocol, enabling bidirectional messages between the server and client without requiring the overhead of separate HTTP requests.

Question 75

A network architect is looking for topologies where each node is wired to its neighbor in a closed loop. Which of the following topologies should they use when connecting and replacing a DSL modem with a layer 2 switch?

a. Star
b. Ring
c. Mesh
d. Bus

Answer 75

b. A mesh topology is commonly used in WANs. In theory, a mesh network requires that each device has a point-to-point link with every other device on the network (fully connected).

Question 76

A security team is reviewing the authentication controls on the corporate network. Which of the following is an important reason for the team to implement role-based access and least privilege? (Select two.)

a. To give rights to users implicitly.
b. To establish checks and balances against insider threats.
c. To grant users sufficient rights to perform a job.
d. To apply microsegmentation to systems.

Answer 76

a & c.Least privilege means that a user is granted sufficient rights to perform his or her job and no more. This mitigates risk if the account should be compromised and fall under the control of a threat actor.

Role-based access define organizational roles and subjects are allocated to those roles. Users gain rights implicitly (through being assigned to a role) rather than explicitly (being assigned the right directly).

Question 77

A service provider is negotiating a Service Level Agreement (SLA) with a client involving the repair of broken server nodes when failure occurs. The service provider mentions a prior contract that included about 20 billable hours a month, which involved the repair of about five servers a month. What is the MTTR (Mean Time To Repair) for this scenario?

a. 20 hours / 5 repairs = 4 hours
b. 5 repairs * 20 hours = 100 hours
c. 20 hours - 5 repairs = 15 hours
d. 20 hours + 5 repairs = 25 hours

Answer 77

a. Mean Time to Repair (MTTR) is the average time taken for a device or component to be repaired, replaced, or otherwise recovered from a failure. MTTR is calculated by dividing the total number of hours by the total number of repairs.

Question 77

A technician is looking at signals on the 2.4 GHz spectrum using OFDM. The technician is looking at which of the following standards?

a. 802.11n
b. 802.11b
c. 802.11g
d. 802.11a

Answer 77

c. Like 802.11b, 802.11g uses the 2.4 GHz band, but uses DSSS (Direct Sequence Spread Spectrum) and the Orthogonal Frequency Division Multiplex (OFDM) signal format.

Question 78

What is the standard width for network appliances and server hardware designed for rack-mounting?

a. 19 inches / 48.26 cm
b. 30 inches / 76.2 cm
c. 24 inches / 60.96 cm
d. 10 inches / 25.4 cm

Answer 78

a. Network appliances and server hardware designed for rack-mounting adhere to the EIA standard width of 19 inches / 48.26 cm. This standardization allows for compatibility and efficient use of space within the racks.

Question 79

A helpdesk technician is looking at a network where only one node can be active on a copper broadband connection at a time. What type of topology does this describe?

a. Ring
b. Bus
c. Mesh
d. Star

Answer 79

b. A physical bus topology with more than two nodes is a shared access topology, meaning that all nodes share the bandwidth of the media.

Question 80

A new network device handles local printing traffic by analyzing media access control (MAC) addresses.

a. Switch
b. Router
c. Bridge
d. Hub

Answer 80

a. A switch is a layer 2 device. Switches can handle traffic based on a node’s physical address, which is also known as a Media Access Control (MAC) address.

Question 81

A network administrator must install a new building floor with wireless access points (APs) to provide a wireless network to employees’ mobile devices. The AP security settings will be hardened and use an Extensible Authentication Protocol (EAP) to allow users to authenticate with their user accounts to access the network securely. What is the minimum wireless protection required to install these APs properly?

a. WPA-Personal
b. WPA2-Enterprise
c. WPA2-Personal
d. WPA-Enterprise

Answer 81

b. WPA2-Enterprise allows clients to pass on employees’ user credentials to gain access to the AP. WPA2, in general, uses Wi-Fi encryption with Advanced Encryption Standard (AES) and Cipher Block Chaining Message Authentication Code Protocol (CCMP).

Question 82

A multi-tenant third-party cloud service that is available via the Internet can be described as which of the following cloud delivery models?

a. Community
b. Private
c. Hybrid
d. Public

Answer 82

A public, or multi-tenant model, is hosted by a third-party and shared with other subscribers. This is commonly known by consumers as cloud computing.

Question 83

An online company is seeing a quick customer growth in the utilization of custom online services. The company has forecasted a 300% increase of customer usage during the summer and currently cannot support this. Which of the following cloud solutions should the company consider when providing ongoing services to its customers? (Select two.)

a. Private model
b. SaaS
c. Hybrid model
d. IaaS

Answer 83

c & d. Infrastructure as a Service (IaaS) is a means of provisioning IT resources such as servers, load balancers, and storage area network (SAN) components quickly. Company virtual machines can easily be moved to the cloud infrastructure during the peak season.

A hybrid cloud model provides the ability for the company to elastically move service from private to cloud infrastructure, and vice versa. This makes on-demand services cost effective.

Question 84

A network administrator is deciding which session control protocol they should use for their environment. Which of the following would they use?

a. EGP
b. RIP
c. SIP
d. RTP

Answer 84

c. The Session Initiation Protocol (SIP) is one of the most widely used session control protocols. SIP endpoints are the end-user devices (also known as user agents), such as IP-enabled handsets or client and server web conference software.

Question 85

A network consultant is installing Ethernet to a hub in the control room. When Ethernet is wired with a hub, there needs to be a means of distinguishing the interface on an end system with the interface on an intermediate system. What is the name of the end system interface?

a. MDI
b. Neighbor Discovery Protocol
c. Port Security
d. Port Tagging

Answer 85

a. The end system interface is known as a medium-dependent interface (MDI); the interface on the hub is called an MDI crossover (MDI-X). This means that the transmit (Tx) wires on the host connect to receive (Rx) wires on the hub.