Networking Flashcards
You have implemented a hardware firewall on a small office network. You need to ensure that all HTTP packets are automatically sent to the web server. What should you do?
A)Enable NAT.
B)Enable port triggering.
C)Enable QoS.
D)Enable port forwarding.
D)Enable port forwarding.
You should enable port forwarding. Port forwarding allows you to enable a specific port in the firewall and direct traffic that comes from outside your network to a specific IP address. For example, in this scenario, you would open port 80 on the firewall and configure port forwarding to forward all incoming traffic to the web server.
You should not enable port triggering. Port triggering allows you to open an incoming connection to one computer based on an outgoing connection.
You should not enable Network Address Translation (NAT). NAT causes your entire network to appear as a single entity on the Internet. Static NAT uses a 1-to-1 mapping between addresses on each side of a NAT device. In dynamic NAT (DNAT), the mapping of IP addresses can change. In both cases, only the IP addresses in the packets are changed. The NAT device must keep track of the IP mappings as they are assigned.
You should not enable Quality of Service (QoS). QoS allows you to limit the bandwidth available for data based on the protocol used, the IP address, or other parameters. It is usually configured on routers.
Another router feature you must understand for the A+ exams is Wi-Fi Protected Setup (WPS). This feature was intended to make secure wireless connections easier to configure. WPS is usually configured using a button on the router, a password, or a code. However, WPS is not secure enough because hackers can guess this code with a little effort.
For the A+ exam, you also need to understand Universal Plug-and-Play (UPnP) and demilitarized zones (DMZs). UPnP devices automatically configure themselves to work with other devices when they are plugged in or connected to the network. A DMZ, also referred to as a screened subnet, adds another level of security for LANs by using a firewall to isolate certain devices from the rest of the network. The resources on the DMZ are protected by the firewall and can be accessed over the Internet.
Wireless users who are using a 5 GHz wireless access point are experiencing issues when conferencing through Skype for Business. You need to improve their connectivity. What wireless settings should you configure?
A)QoS
B)Encryption
C)Channels
D)Admin password
A)QoS
You should configure the Quality of Service (QoS) settings, which allows you to prioritize different types of traffic. QoS essentially allocates bandwidth based on a priority number assigned to the type of traffic. In this instance, Skype traffic would be given a higher priority over other types of traffic, such as general Internet browsing. QoS is typically configured on the router or wireless access point.
Configuring encryption would provide enhanced security, but would not resolve the Skype for Business issue. Most wireless access points are configured with Wired Equivalent Privacy (WEP) by default. Wi-Fi Protected Access (WPA) and WPA version 2 (WPA2) provide better security than WEP, which is effectively useless.
Configuring channels would not solve the issue. The users are in the 5 GHz network, and only 2.4 GHz wireless uses channels. Whenever configuring wireless channels, you must always take into account any applicable rules and regulations. Depending on your location by state or by country, different rules and regulations will apply, and you need to be aware of them to avoid any fines or legal trouble. For instance, some governments may regulate the maximum power output allowed on networks or the specific channels you are allowed to use.
Changing the admin password would provide you with enhanced security and control. By itself, it would do nothing to resolve the user issue.
Match the frequency and speed characteristics on the left to the wireless specification on the right. Move the correct items from the left column to the column on the right to match the characteristics with the correct specification.
Frequency/Speed
2.4/5/6 GHz, up to 9.6 Gbps
5 GHz, up to 1.3 Gbps
2.4 GHz, up to 54 Mbps
5 GHz, up to 54 Mbps
2.4 GHz, up to 11 Mbps
2.4/5 GHz, up to 600 Mbps
The characteristics match with the 802.11 specifications as follows:
802.11a – 5 GHz, up to 54 Mbps
802.11b – 2.4 GHz, up to 11 Mbps
802.11g – 2.4 GHz, up to 54 Mbps
802.11n – 2.4 or 5 GHz, up to 600 Mbps
802.11ac – 5 GHz, up to 1.3 Gbps
802.11ax – 2.4 GHz, 5 GHz, or 6 GHz, up to 9.6 Gbps
802.11g devices are backwards compatible with 802.11b devices.
Which of the following would most likely be used to control a legacy system?
A)DNS
B)TCP/IP
C)SCADA
D)AAA
E)DHCP
C)SCADA
Supervisory Control and Data Acquisition (SCADA) is a system of software and hardware elements that allows organizations to control automated processes locally or at remote locations; to monitor, gather, and process data; to directly interact with devices like sensors or valves; and to record events into a log file. SCADA systems must frequently control legacy hardware or run alongside obsolete, out-of-support operating systems due to the highly specialized nature of the process being controlled.
SCADA belongs to the larger category of industrial control systems (ICS), which is a combination of electrical and mechanical components that act together to monitor, control, and safely execute an industrial process. ICS began as highly specialized, proprietary hardware and software that ran in physically secured locations without network connections. As IT evolved, legacy ICS systems had new IT capabilities layered on top to provide remote monitoring or “smart” automation. Because ICS components have extremely long lifecycles (decades instead of years), they were rarely designed to meet modern cyber security concerns. SCADA and ICS systems are frequent targets of cyber attacks.
Legacy systems are systems that are maintained to support a single device, application, or computer. Embedded systems are computer systems with dedicated functions within a larger system. The system is embedded as part of a complete device, often including hardware and mechanical parts. Microcontrollers are an example of an embedded system.
TCP/IP, DHCP, and DNS would not specifically control a legacy system. These are networking protocols, and many legacy systems are kept isolated from network connections to prevent intrusion.
Authentication, Authorization, and Accounting (AAA) is a framework of access control implemented to ensure that connecting users are valid users, they have access only to the services they need, and their actions can be tracked to ensure that their behavior is appropriate. Authentication may come in one of many forms, including username/password, biometrics, and tokens. AAA is implemented by various types of servers. Remote Authentication Dial-in User Service (RADIUS) is an example of an authentication service, as is Kerberos and Remote Access Service (RAS).
Which of these wireless networking protocols would most likely be employed in an anti-theft alarm system in a retail store?
A)RFID
B)Zigbee
C)NFC
D)Z-Wave
A)RFID
Radio Frequency Identification (RFID) would most likely be employed in an anti-theft alarm system in a retail store. RFID uses a small chip attached to or embedded in an item and radio waves to monitor the location of the chip and therefore the device. Common applications for RFID include tracking the movement of products through a warehouse, retail theft prevention, and tracking runners during marathon races with RFID chips embedded in their bibs.
Near Field Communications (NFC) allows communication between two devices that are very close together. NFC uses the 13.56 MHz radio frequency and is not dependent on Wi-Fi networks or cellular networks, such as 4G. It is often used on smartphones for contactless payments, such as waving your phone over a sensor to pay for a purchase at checkout. An NFC or tap pay device allows the payment information to be transmitted to a computer.
Zigbee is based on the IEEE 802.15.4 standard. It typically is used in large-scale medical, industrial, and scientific applications. Zigbee operates in the same 2.4 GHz frequency band as Wi-Fi. It creates a mesh network in a similar fashion to Z-Wave, but has a capacity of 64,000 devices.
Z-Wave is a technology that creates a wireless mesh network with up to 232 nodes. It is often used small scale in smart home automation, and operates in the 800–900 MHz frequency range. While there is a primary controller or hub, each device on the network communicates with the next closest device, much in the same the way that routers communicate with each other in a high-performance mesh network.
For what purpose have IP addresses in the 192.168.0.0 through 192.168.255.255 range been reserved?
A)Multicasting
B)Private networks
C)Military installations only
D)Government organizations other than the military
B)Private networks
There are three blocks of IP addresses that have been reserved by the Internet Assigned Numbers Authority (IANA) for private networks. These addresses can be used for IP addressing on a private network that does not need to be connected to the Internet. The three blocks of addresses are listed as follows:
10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255
A computer using a private IP address cannot directly communicate with the Internet. The only way Internet communication can occur with a computer that uses an IP address in the private network range is through a proxy server. An Automatic Private IP Addressing (APIPA) address is an automatic IP address that is assigned when computers that are configured for DHCP cannot contact a DHCP server. Addresses in this range are 169.254.0.1 to 169.254.255.254. They can also be referred to as link-local addresses. In IPv6, they are ONLY referred to as a link-local addresses and start with the fe80::/10 prefix.
Which of these devices is primarily associated with wireless networks?
A)Access points
B)Switches
C)Repeaters
D)Patch panels
E)Ethernet over Power
A)Access points
Access points (or more appropriately, wireless access points) create wireless local area networks (WLANs). They provide connectivity to the network for devices with wireless functionality (often called Wi-Fi). Access points have a Service Set Identifier (SSID), which is often equated to the name of the network, and various levels of security. The portion of the network that is wireless is the connection between the access point and the end device; the access point itself is often wired into the physical network
A repeater takes a weak signal, amplifies it, and transmits the amplified signal. In wired networks, repeaters can be used to extend the segment distance beyond the100-meter limit of twisted-pair cables, or to extend a wireless signal beyond the normal range of the wireless access point.
A patch panel provides connectivity between devices on a local area network. A desktop computer, server, or printer (as examples) will be connected to the patch panel via a network cable, often called a patch cable. The patch panel will have connections in turn to one or more switches.
Ethernet over Power uses the existing electrical wiring in a house to transmit the network signal. A special adapter plugs into your existing electrical outlet. The adapter will have one or more Ethernet ports. To deploy Ethernet over Power, you would need at least two adapters. The advantage to Ethernet over Power is that you would obtain wired network speeds (up to 1 gigabit, as of this writing) without the need to run Ethernet cables. The disadvantage is that the adapters can cost $50 each.
Switches are a network device that receive and forward traffic on a local area network. Switches can be both managed and unmanaged. Managed switches are built to be controlled from a Unix-style command-line interface. Unmanaged switches are the simplest active network component that do not need to be configured, making them very flexible.
You are setting up a network segment in the Research and Development department. Due to the sensitive and proprietary nature of the work in this department, you want to ensure that only computers belonging to that department can access that network segment. Which option would you use?
A)QoS
B)DMZ
C)MAC filtering
D)NAT
C)MAC filtering
You should use MAC filtering. MAC filtering allows you to specifically configure which computers are allowed on the network, and to specify which computers are denied access to the network. You would include the MAC addresses of departmental computers on an Allow list (referred to as whitelisting). Likewise, you would include MAC addresses of computers that should not be given access on the Block list (referred to blacklisting). Some devices may only allow you to configure an allow or deny list, but not both. Whitelisting/blacklisting is a function of MAC filtering.
A demilitarized zone (DMZ) places a firewall between your private network (LAN) and the public network (the Internet) or between two networks. Devices such as web servers and mail servers are often put inside a DMZ, which is also referred to as a screened subnet.
Network Address Translation (NAT) allows traffic from a private network to reach the Internet and return. For example, assume a computer on the internal private LAN has an IP address of 192.168.1.140, and the default gateway has an IP address of 71.38.117.45. When traffic from 192.168.1.140 is sent, the gateway assigns it a port number in the ephemeral range, say 45798. The gateway router then uses its own IP address and the assigned port (71.38.117.45:45798) to route traffic to the Internet.
Quality of Service (QoS) assigns priorities to different types of network traffic. This allows the network to allocate more bandwidth to traffic with higher priority, and less bandwidth to traffic that you have designated as having a lesser importance. QoS does not affect which device is allowed to access a network.
Which of the following is a valid Automatic Private IP Addressing (APIPA) address?
A)172.16.4.36
B)10.1.1.131
C)192.168.16.45
D)169.254.2.120
D)169.254.2.120
The 169.254.2.120 address is a valid APIPA address. By default, Windows XP and Windows 7 client computers are configured to use an APIPA address if the DHCP server does down. The addresses in the APIPA range are 169.254.0.0 through 169.254.255.255. These addresses are not routable and are therefore only usable on the local subnet.
The other addresses are all part of the three private IP address ranges, as listed here:
10.0.0.0 through 10.255.255.255
172.16.0.0 through 172.31.255.255
192.168.0.0 through 192.168.255.255
To prevent the use of APIPA addresses, you should change the default settings on the Alternate Configuration tab of the Internet Protocol Version 4 Properties dialog box. On this tab, you can specifically configure a static IP address that the computer should use if the DHCP server is unavailable.
A user needs to connect to a wireless network. Which information must be provided to connect?
A)Wired Equivalent Privacy (WEP)
B)Service set identifier (SSID)
C)Access point (AP)
D)Wi-Fi Protected Access (WPA)
B)Service set identifier (SSID)
You must provide the service set identifier (SSID) to a wireless device to enable it to connect to a wireless network. The SSID in a wireless network is the name of the network to which a wireless device connects. Only one SSID can be associated with an access point. When a wireless device sends data packets over a wireless network, each data packet contains a 32-character identifier that is used to identify the wireless network. The 32-character identifier is the SSID of the wireless network. Wireless networks are differentiated by SSID. By default, the SSID is broadcast. To provide better security, you should configure the wireless access point not to broadcast the SSID.
The AP information does not need to be provided to a wireless device to enable the device to connect to a wireless network. An AP acts as a hub between the wireless devices and the local area network (LAN), which is typically a wired network. In most cases, a wireless device automatically detects and connects to an AP, and subsequently, to the wired network.
The Wired Equivalent Privacy (WEP) information does not need to be provided to a wireless device for connecting to a wireless network. WEP is a protocol used for encrypting the data packets being transmitted over the wireless network. WEP would need to be configured if a connection is being made to a secured WEP wireless network. If the wrong WEP key is entered, the network connection will fail.
The WPA information does not need to be provided to a wireless device to enable the device to connect to a wireless network. The WPA protocol offers enhanced data encryption and user authentication. A number of weaknesses in WEP, such as user authentication, were addressed by WPA. WPA would need to be configured if a connection is being made to a secured WPA wireless network.
When connecting multiple devices over a wireless network or a cellular data network, it is important to ensure that devices can connect to the network and use services. It is equally important to be able to disable the network to prevent unwanted parties from connecting, or to prevent charges for an over usage of data in the case of cellular data.
Your company has decided to implement a wireless network. The wireless network users must be able to connect to resources on your internal network, including file, print, and DHCP services. Which options should you implement? (Choose all that apply.)
A)Static IP addresses
B)Ad hoc mode
C)Infrastructure mode
D)APIPA
E)A wireless access point
C)Infrastructure mode
E)A wireless access point
Infrastructure mode allows wireless computers to connect to a LAN, a WAN, or the Internet. This means that infrastructure mode wireless computers can access all computers on the LAN, WAN, and Internet. Infrastructure mode is much more expensive to implement than ad hoc mode because you must configure wireless access points. While infrastructure mode is harder to set up and configure, its management is much easier than with ad hoc mode. To view the strength of the wireless network, open the properties dialog box for the wireless network interface card (NIC).
Ad hoc mode allows wireless computers to be configured much faster than infrastructure mode. Ad hoc mode wireless computers all participate in the same network. This means that the ad hoc wireless computers can access each other but cannot access network resources on a LAN, WAN, or the Internet. Ad hoc mode is much cheaper than infrastructure mode to implement. In addition, it is easy to set up and configure, and it can provide better performance than infrastructure mode. However, it is difficult to manage an ad hoc mode wireless network.
Static IP addresses should not be implemented because the corporate network contains a DHCP server. Static addressing refers to the manual configuration of each computer.
APIPA should not be used for the same reason. In addition, APIPA is used only if a DHCP server is not found. When implementing a wireless network that includes a wireless access point, you can often enable or disable DHCP. If you enable DHCP, devices on the network will be assigned an IP address. If you disable DHCP, the devices will need to have statically configured IP addresses.
When you implement an access point, you can configure several settings. MAC filtering will allow or deny connections based on the MAC address of the connecting device. Disabling the SSID broadcast will ensure that the SSID is not broadcasting, thereby making it a bit more difficult to connect to the wireless network. The encryption method will ensure that the password for the wireless network is protected. WPA2 is more secure than WPA, which is more secure than WEP.
What piece of equipment would help transmit an Ethernet signal to the far end of a hotel that is 400 meters (m) long?
A)Repeaters
B)Patch panel
C)Cloud-based network controller
D)Ethernet patch cable
A)Repeaters
A repeater takes a weak signal, amplifies it, and transmits the amplified signal. In wired networks, repeaters can be used to extend the segment distance beyond the100-m limitation of twisted-pair cable, or to extend a wireless signal beyond the normal range of the wireless access point.
An Ethernet patch cable is not the correct answer. Patch cables have a maximum length per segment of 100 meters.
A cloud-based network controller allows you to manage wireless access points (WAP) through a cloud service. Traditionally, an organization would manage WAPs through an on-site controller, as opposed to managing each one individually. With a cloud-based network controller, the WAPs can managed from anywhere over an Internet browser.
A patch panel provides connectivity between devices on a local area network. A desktop computer, server, or printer (as examples) will be connected to the patch panel via a network cable, often called a patch cable. The patch panel will have connections in turn to one or more switches or routers.
Switches are a network device that receive and forward traffic on a local area network. Switches can be both managed and unmanaged. Managed switches are built to be controlled from a Unix-style command-line interface. Unmanaged switches are the simplest active network component that do not need to be configured, making them very flexible.
You administer computers on a Microsoft Windows TCP/IP network. On the network, you want to use a domain name-to-Internet Protocol (IP) address name resolution system that provides a central database on a server to resolve domain names to IP addresses. Which options should you implement on your network?
A)The HOSTS file
B)The LMHOSTS file
C)The Domain Name System (DNS)
D)The Windows Internet Name Service (WINS)
C)The Domain Name System (DNS)
Of the choices presented, you should use Domain Name System (DNS) for domain name-to-IP address resolution on the network that you administer. DNS provides a centralized database of domain name-to-IP address resolutions on a server or servers that other computers on a network can use for name resolution. On a TCP/IP network that uses DNS, only the database files on the DNS servers must be updated to reflect changes that are made to domain name-to-IP address resolutions.
When computers cannot communicate on a network, the ability to ping other computers by address but not by name is an indication of a DNS problem. Client computers can be configured with static DNS server entries or can be configured to obtain the DNS server information from the DHCP server. The client-side DNS could be configured incorrectly if a DNS search results in an error. The client-side DNS settings include the primary and secondary DNS servers.
Domain names can also be resolved to IP addresses by using a HOSTS file. On a network that uses a HOSTS file, that file must exist on each computer on the network to enable domain name-to-IP address resolution. When changes are made that affect domain name-to-IP address resolution, then each HOSTS file must be manually updated. LMHOSTS files and Windows Internet Name Service (WINS) are used to resolve NetBIOS names to IP addresses on Microsoft Windows networks, such as Windows NT 4.0 networks.
Which operating frequency band is used by Bluetooth technology?
A)2.4 GHz to 2.485 GHz
B)13.56 MHz
C)860 MHz to 930 MHz
D)125 KHz to 134 KHz
A)2.4 GHz to 2.485 GHz
Bluetooth technology operates at a frequency band of 2.4 GHz to 2.485 GHz. Bluetooth allows you to establish a wireless connection between devices such as laptops, printers, mobile phones, wireless mice and keyboards, Internet of Things (IoT) devices, and other devices that support Bluetooth technology. Bluetooth devices are of five types: Class 1, Class 2, Class 3, Class 4, and Class 5.
Bluetooth Class 1 has a maximum transmission distance of 100 meters (328 feet) and a maximum transmission speed of 1 Mbps.
Bluetooth Class 2 has a maximum transmission distance of 10 meters (33 feet) and a maximum transmission speed of 3 Mbps.
Bluetooth Class 3 has a maximum transmission distance of 1 meter (3 feet) and a maximum transmission speed of 24 Mbps.
Bluetooth Class 4 has a maximum transmission distance of 0.5 meters (1.5 feet) and a maximum transmission speed of 1 Mbps.
Bluetooth Class 5 has a maximum transmission distance of 10 meters (33 feet) and a maximum transmission speed of 2 Mbps.
Keep in mind that Bluetooth can theoretically transmit farther than these stated distances. However, that increased distance comes at a significantly decreased speed. For the exam, you will need to know the speeds and distances listed here.
The 125 KHz to 134 KHz operating frequency band is used by low frequency (LF). LF is typically used as a frequency range for radio frequency identification (RFID). LF has a read range of up to .5 meters and is used in animal tracking, access control, or vehicle immobilizers. The 13.56 MHz operating frequency band is used by high frequency (HF). HF is typically used as a frequency range for RFID. HF has a read range of up to 1 meter and is used in item tracking or smart cards. The 860 MHz to 930 MHz operating frequency band is used by ultrahigh frequency (UHF). UHF is also used as a frequency range for RFID. UHF has a read range of up to 3 meters and is used in automated toll collection or parking lot access.
Which IP address is used by a Class A private network?
A)172.16.0.0
B)127.0.0.1
C)10.0.0.0
D)192.168.0.0
C)10.0.0.0
The 10.0.0.0 address is a Class A IP address for private networks. Private network IP addresses cannot be used on the Internet. The 172.16.0.0 address is a Class B IP address for private networks. The 192.168.0.0 address is a Class C IP address for private networks.
The 127.0.0.1 address is not reserved for private networks. This IP address is the software loopback address.
What is the maximum data transmission speed for Bluetooth technology?
A)100 Mbps
B)54 Mbps
C)11 Mbps
D)3 Mbps
D)3 Mbps
The maximum data transmission speed for Bluetooth is 3 Mbps. Bluetooth is used for short-range wireless connections. For example, Bluetooth will be used to connect wireless devices, such as the keyboard and mouse, to the computer.
p. 394 A+ Complete Study Guide
Jeffrey wants to purchase some software for his department from Dreamsuites.com. After researching company policies, you inform him that he can only make the purchase if it is from a secure site. Which port and protocol qualify as secure?
A)Port 80 HTTP
B)Port 110 POP3
C)Port 23 Telnet
D)Port 443 HTTPS
D)Port 443 HTTPS
Port 443, also known as Hypertext Transfer Protocol Secure (HTTPS), is used for secure web browsing. Data that is communicated through this port is less likely to be hacked or intercepted due to the way it establishes connections. You will almost always find this port active on web servers and e-commerce sites due to its high-level security feature that does not keep any window open and hides private data. HTTPS uses the Secure Socket Layer (SSL) protocol and asks for authentication between the client and server.
p. 344 A+ Complete Study Guide
Hypertext Transfer Protocol (HTTP) uses port 80 for regular web browsing and is not secure.
Telnet uses port 23 and is not secure. Its primary use is to communicate back and forth between clients and servers to remotely manage the server.
Post Office Protocol version 3 (POPv3) is used by email clients to retrieve mail through the TCP/IP connection. It operates over port 110. Apple Filing Protocol (AFP), formerly Apple Talk, is used exclusively in Apple and Mac computers to communicate through TCP/IP and operates over port 427 or 528. Common Internet File System (CIFS), which uses Server Message Block (SMB), operates at the Application layer of the OSI model and shares resources, such as files, printers, and various networking nodes, on a network. CIFS/SMB uses UDP ports 137 and 138 and TCP ports 139 and 445.
Transmission Control Protocol (TCP) is one of the main protocols used by internet-based applications. TCP provides reliable and properly ordered data flows that is also capable of checking data delivery for any errors that may have occurred.
You administer a TCP/IP network. You want to enable the hosts on your network to be automatically configured with IP configurations such as an IP address, subnet mask, and default gateway address. The IP configurations should be leased to the clients for a limited period. Which protocol should you use to accomplish this task?
A)BOOTP
B)SMTP
C)DHCP
D)HTTP
E)IPP
C)DHCP
You should use Dynamic Host Configuration Protocol (DHCP) to automatically configure the hosts on your network with IP configurations. DHCP was designed to automatically configure frequently moved, fully boot-capable computers, such as laptop computers, with IP configurations. You can use DHCP to configure such IP settings as IP address, subnet mask, and default gateway address. Typically, DHCP information is leased to a client for a limited period. DHCP clients usually release DHCP information when they are shut down. When a DHCP client retrieves IP configurations from a DHCP server, the DHCP client does not necessarily have the same IP configurations that it was configured with on previous occasions.
p. 341 A+ Complete Study Guide
BOOTstrap Protocol (BOOTP) is a host configuration protocol that was designed before DHCP. BOOTP was designed to configure diskless workstations with IP configurations. BOOTP does not lease IP configuration as DHCP does. Instead, a BOOTP server permanently assigns IP configurations to a BOOTP client. When a BOOTP client is started, the BOOTP server always assigns the same IP configurations to the BOOTP client.
Hypertext Transfer Protocol (HTTP) is used to transfer web pages on a TCP/IP network.
Simple Mail Transfer Protocol (SMTP) is used to transfer email messages on a TCP/IP network.
Internet Printing Protocol (IPP) is used to enable network printing through a TCP/IP network such as the Internet.
Transmission Control Protocol (TCP) is one of the main protocols that are used by internet-based applications. TCP provides reliable and properly ordered data flows that is also capable of checking data delivery for any errors that may have occurred.
HTTP, SMTP, and IPP are not used to automatically configure hosts on a TCP/IP network with IP settings.
You administer computers on a Microsoft Windows TCP/IP network. On the network, you want to use a domain name-to-Internet Protocol (IP) address name resolution system that provides a central database on a server to resolve domain names to IP addresses. Which options should you implement on your network?
A)The LMHOSTS file
B)The Domain Name System (DNS)
C)The Windows Internet Name Service (WINS)
D)The HOSTS file
B)The Domain Name System (DNS)
Of the choices presented, you should use Domain Name System (DNS) for domain name-to-IP address resolution on the network that you administer. DNS provides a centralized database of domain name-to-IP address resolutions on a server or servers that other computers on a network can use for name resolution. On a TCP/IP network that uses DNS, only the database files on the DNS servers must be updated to reflect changes that are made to domain name-to-IP address resolutions.
p.360 A+ Complete Study Guide
When computers cannot communicate on a network, the ability to ping other computers by address but not by name is an indication of a DNS problem. Client computers can be configured with static DNS server entries or can be configured to obtain the DNS server information from the DHCP server. The client-side DNS could be configured incorrectly if a DNS search results in an error. The client-side DNS settings include the primary and secondary DNS servers.
Domain names can also be resolved to IP addresses by using a HOSTS file. On a network that uses a HOSTS file, that file must exist on each computer on the network to enable domain name-to-IP address resolution. When changes are made that affect domain name-to-IP address resolution, then each HOSTS file must be manually updated. LMHOSTS files and Windows Internet Name Service (WINS) are used to resolve NetBIOS names to IP addresses on Microsoft Windows networks, such as Windows NT 4.0 networks.
Match the protocol from the left with the default port it uses on the right. Move the correct items from the left column to the column on the right to match the protocol with the correct default port.
HTTPS
RDP
IMAP
FTP
POP3
Port 21
Port 110
Port 143
Port 443
Port 3389
The protocols given use these default ports:
Port 21 – FTP
Port 110 – POP3
Port 143 – IMAP
Port 443 – HTTPS
Port 3389 – RDP
FTP also uses port 20, but it was not listed in this scenario.
Your company has both a wired and a wireless network. You have been asked to increase the security of the wireless network. Which of the following options should you implement?
A)SSID broadcast
B)Rogue access points
C)War driving
D)MAC filtering
D)MAC filtering
Media Access Control (MAC) filtering is a way to increase security in a wireless network. With this filtering, the MAC address of each network interface card (NIC) that attempts to connect to the network is checked. Only MAC addresses that are specifically allowed to connect are granted connection. When configuring MAC filtering, you should set up an access control list (ACL). MAC filtering is configured on the wireless access point or wireless router.
A service set identifier (SSID) broadcast actually decreases security in a wireless network. If the SSID is broadcast, any wireless NICs in the proximity can locate the network. If you disable SSID broadcast, you increase the security of your network, and users will have to type in the SSID to connect to the network.
War driving is a technique used to discover wireless networks. Once intruders locate your wireless network, they attempt to hack into your system.
Rogue access points are wireless access points that have been connected to your network without authorization. This decreases the security of your network.
Radio frequency interference (RFI) can cause wireless network problems. It can come from cordless phones, microwaves, and other equipment. For example, if your wireless network is frequently dropping connections, you could have a cordless phone interfering with the wireless access point.
You are setting up an 802.11a wireless network in a small office environment that includes three wireless access points. The wireless access points are at least 15 meters apart and are configured for automatic channel setting. Each time you turn the wireless access points on, they choose the same channel. You need to ensure that the access points choose separate channels to prevent interference, using the least amount of administrative effort. What should you do?
A)Start each wireless access point at a separate time.
B)Reduce the signal strength on each access point.
C)Increase the distance between the wireless access points to at least 20 meters.
D)Manually configure each of the access points to use channels 1, 6, and 11, respectively.
A)Start each wireless access point at a separate time.
You should start each wireless access point at a separate time. This will allow each access point to select a channel. Then, when the next access point is booted, it will detect the other access points’ channels and use another channel besides the ones detected. 802.11a wireless access points have eight available nonoverlapping channels: 36, 40, 44, 48, 52, 56, 60, and 64. 802.11a products need to be configured for automatic channel selection. Therefore, you cannot manually configure the channel. With the automatic channel selection feature, 802.11a wireless access points can detect other access points and configure their channel accordingly. This is the reason that it is important to start 802.11a wireless access points at a separate time. The suggested range for 802.11a wireless access points is 30 meters in an open space and 10 meters in an office environment.
You should not increase the distance between the wireless access points to at least 20 meters. For 802.11a wireless access points, the suggested distance in an office environment is 10 meters.
You should not manually configure each of the access points to use channels 1, 6, and 11, respectively. These are the nonoverlapping channels used by 802.11b and 802.11g devices. You should alternate between these three channels when using 802.11b or 802.11g wireless access points. The suggested range for 802.11b and 802.11g wireless access points is 120 meters in an open space and 30 meters in an office environment.
You should not reduce the signal strength on each access point. This would require more administrative effort than is necessary to fix your problem. In addition, reducing the signal strength could cause problems for some wireless clients that are now outside the new range. It is much simpler to turn the wireless access points on at different times. The nonoverlapping channels for the other 2.4 GHz wireless deployments are as follows:
802.11b – channels 1, 6, 11, and 14 in the United States
802.11g/n – channels 1, 6, and 11 in the United States
What is the operating range for Class 2 Bluetooth devices at the maximum transmission speed?
A)200 meters or 656 feet
B)10 meters or 33 feet
C)100 meters or 328 feet
D)1 meter or 3 feet
B)10 meters or 33 feet
The operating range for Class 2 Bluetooth devices is up to 10 meters or 33 feet at the maximum transmission speed. Bluetooth allows you to establish a wireless connection between devices such as laptops, printers, mobile phones, wireless mice and keyboards, Internet of Things (IoT) devices, and other devices that support Bluetooth technology.
There are four more classes for Bluetooth devices: Class 1, Class 3, Class 4, and Class 5. Class 1 Bluetooth devices have an operating range of up to 100 meters or 300 feet. Class 3 Bluetooth devices have an operating range of up to 1 meter or 3 feet. Class 4 Bluetooth devices have an operating range of up to 0.5 meters or 1.5 feet. Class 5 Bluetooth devices have an operating range of up to 10 meters or 33 feet.
Which well-known UDP port does DNS use?
A)161
B)80
C)53
D)110
C)53
Ports allow more than one service or application to communicate at the same time between computers. The Domain Name System (DNS) service uses port 53 to communicate information between name servers. DNS uses both TCP port 53 and UDP port 53. Administrators can assign additional ports for communication on an intranet and through the Internet. There are a total of 65,536 ports from which to choose. Of these, only 1,024 ports are considered well known and, therefore, reserved for a particular service.
Port 80 is used by Hypertext Transfer Protocol (HTTP) for browsing the World Wide Web.
Port 110 is used by Post Office Protocol Version 3 (POP3) for email.
Port 161 is used by Simple Network Management Protocol (SNMP) for network diagnostics.
For the A+ exam, you need to know the following common ports:
20, 21 – FTP
22 – SSH
23 – Telnet
25 – SMTP
53 – DNS
80 – HTTP
110 – POP3
143 – IMAP
443 – HTTPS
3389 – RDP
137-139 – NetBIOS
445 – SMB/CIFS
427 – SLP
548 – AFP
67/68 – DHCP
389 – LDAP
161/162 – SNMP