Obj 1.X Flashcards
(This is a simulated Performance-Based Question. On the real exam, you may be given a chart with numerous ports and protocols and be asked to drag and drop them to match the ports with the protocols.) What ports do FTP and SFTP utilize?
20, 21
22, 23
21, 22
21, 23
The correct answer is 21, 22. FTP (File Transfer Protocol) uses port 21 for control commands, while SFTP (Secure File Transfer Protocol), which is based on SSH, uses port 22 for secure file transfers. This provides a secure channel for transferring files over the network.
The other choices are incorrect because they either mix incorrect port numbers or associate them with the wrong protocols. Port 20 is used by FTP for data transfer, not for control commands. Port 23 is associated with the Telnet protocol, which is used for remote command-line access but lacks encryption, unlike SFTP. Therefore, these do not match the correct port numbers for FTP and SFTP.
What is the lowest layer (bottom layer) of a bare-metal virtualization environment?
Hypervisor
Guest operating system
Host operating system
Physical hardware
The correct answer is Physical hardware. In a bare-metal (Type 1) virtualization environment, the hypervisor runs directly on the physical hardware, making the hardware the lowest layer. The hypervisor then manages virtual machines and their resources.
The other choices are incorrect because they are higher in the virtualization stack. The hypervisor is one layer above the physical hardware, managing the virtual machines but not the lowest layer itself. The guest operating system runs on the virtual machines created by the hypervisor, making it a higher layer. The host operating system is not present in a bare-metal setup, as it refers to Type 2 virtualization, where the hypervisor runs on top of an existing operating system.
You have been asked to install a media converter that connects a newly installed SMF to the existing Cat 6a infrastructure. Which type of media converter should you use?
Coaxial to fiber
Fiber to ethernet
Coaxial to ethernet
Fiber to coaxial
The correct answer is Fiber to Ethernet. A fiber to Ethernet media converter is designed to connect fiber optic cables, such as Single-Mode Fiber (SMF), to an Ethernet network, like your existing Cat 6a infrastructure. This type of converter will allow the two different media types to communicate effectively.
The other choices are incorrect because they refer to incompatible media types for this scenario. Coaxial to fiber is used to convert coaxial signals to fiber, which doesn’t apply here since you need to connect fiber to Ethernet. Coaxial to Ethernet is also irrelevant as it connects coaxial cables to Ethernet networks, not fiber. Lastly, Fiber to coaxial would convert fiber signals to coaxial, which again does not meet the requirement of connecting fiber to an Ethernet network.
You are trying to select the BEST network topology for a new network based on the following requirements. The design must include redundancy using a minimum of two cables to create the network. The network should not be prone to congestion, therefore each device must wait for its turn to communicate on the network by passing around a token. Which of the following topologies would BEST meet the client’s requirements?
Star
Bus
Ring
Mesh
The correct answer is Ring. A ring topology can use a token-passing method for communication, which ensures that each device waits for its turn to communicate, reducing congestion. Additionally, a dual-ring configuration can provide redundancy, meeting the requirement of having at least two cables for network resilience.
The other choices are incorrect because they do not meet both the redundancy and token-passing requirements. A star topology relies on a central hub or switch, and while it provides some fault tolerance, it does not use token-passing. A bus topology also doesn’t use token-passing, and it lacks redundancy since all devices share the same communication line. A mesh topology offers high redundancy with multiple connections between devices, but it doesn’t inherently use token-passing, making it less relevant for this specific requirement.
What is the network ID associated with the host located at 192.168.0.123/29?
192.168.0.112
192.168.0.120
192.168.0.64
192.168.0.96
The correct answer is 192.168.0.120. In a /29 subnet, the subnet mask is 255.255.255.248, which means each subnet contains 8 IP addresses (6 usable). To find the network ID, we need to look at the block of 8 IP addresses that contains 192.168.0.123. The subnet that includes this IP address starts at 192.168.0.120, making 192.168.0.120 the network ID.
The other options are incorrect because they represent different network IDs. 192.168.0.112 and 192.168.0.96 are network IDs for different subnets that do not include 192.168.0.123. 192.168.0.64 is another subnet entirely.
Which of the following ports is used by LDAP by default?
3389
427
389
53
The correct answer is 389. LDAP (Lightweight Directory Access Protocol) uses port 389 by default for non-secure communications.
The other ports are incorrect. 3389 is used by RDP (Remote Desktop Protocol), 427 is used by SLP (Service Location Protocol), and 53 is used by DNS (Domain Name System). These ports are unrelated to LDAP.
You just heard of a new ransomware attack that has been rapidly spreading across the internet that takes advantage of a vulnerability in the Windows SMB protocol. To protect your network until Microsoft releases a security update, you want to block the port for SMB at your firewall to prevent becoming a victim of this attack. Which of the following ports should you add to your blocklist?
514
143
445
123
The correct answer is 445. Port 445 is used by the Windows SMB (Server Message Block) protocol, which is the target of the ransomware attack you described. Blocking this port at your firewall will help protect your network from the attack by preventing SMB traffic.
The other ports are incorrect because they serve different purposes. Port 514 is typically used for syslog, port 143 is used for IMAP (Internet Message Access Protocol), and port 123 is used for NTP (Network Time Protocol). None of these ports relate to SMB or would help protect against an attack exploiting SMB vulnerabilities.
You have just finished installing a new web application and need to connect it to your Microsoft SQL database server. Which port must be allowed to enable communications through your firewall between the web application and your database server?
1433
3306
1521
3389
The correct answer is 1433. Port 1433 is the default port used by Microsoft SQL Server for database communication. Allowing traffic through this port on your firewall will enable your web application to connect to the SQL Server.
The other ports are incorrect. 3306 is used by MySQL, 1521 is used by Oracle Database, and 3389 is used for Remote Desktop Protocol (RDP). These ports are not relevant for Microsoft SQL Server communication.
Andy is a network technician who is preparing to configure a company’s network. He has installed a firewall to segment his network into an internal network, a DMZ or screen subnet, and an external network. No hosts on the internal network should be directly accessible by their IP address from the Internet, but they should be able to reach remote networks if they have been assigned an IP address within the network. Which of the following IP addressing solutions would work for this particular network configuration?
Private
APIPA
Teredo tunneling
Classless
The correct answer is Private. Using private IP addressing (defined in RFC 1918) allows hosts on the internal network to communicate internally and reach remote networks while ensuring that they are not directly accessible from the Internet. Private IP addresses are not routable on the public Internet, which aligns with the requirement that no hosts on the internal network should be accessible by their IP address from the Internet.
The other options are incorrect for the following reasons. APIPA (Automatic Private IP Addressing) is used for devices that cannot obtain an IP address from a DHCP server, assigning them an address in the 169.254.0.0/16 range, but it is not suitable for a structured network configuration. Teredo tunneling is a protocol for IPv6 connectivity over an IPv4 network and does not pertain to the use of IP addresses in a private network. Classless addressing refers to the use of CIDR (Classless Inter-Domain Routing) but does not specifically address the need for internal addressing that is not routable on the Internet.
You are configuring a point-to-point link between two routers and have been assigned an IP of 77.81.12.14/30. What is the network ID associated with this IP assignment?
77.81.12.12
77.81.12.14
77.81.12.15
77.81.12.13
The correct answer is 77.81.12.12. To determine the network ID for the IP address 77.81.12.14/30, you need to identify the range of addresses within the subnet.
A /30 subnet mask means that there are 4 total IP addresses in this subnet (2^2 = 4). These addresses include:
- Network Address: 77.81.12.12
- Usable Host Address 1: 77.81.12.13
- Usable Host Address 2: 77.81.12.14
- Broadcast Address: 77.81.12.15
The network ID is the first address in the subnet, which in this case is 77.81.12.12. The other options represent either usable host addresses or the broadcast address, which are not valid for the network ID.
Your supervisor has asked you to run a Cat 5e cable between two network switches in the server room. Which type of connector should be used with a Cat 5e cable?
DB-25
RJ-45
F-type
RJ-11
The correct answer is RJ-45. This connector is specifically designed for use with twisted pair cables like Cat 5e and is commonly used for Ethernet connections between network devices, such as switches and computers.
The other options are incorrect for the following reasons. DB-25 is a type of connector used for serial connections and is not suitable for networking applications. F-type connectors are typically used for coaxial cables, often in television and broadband applications, rather than twisted pair cables. RJ-11 connectors are used for telephone lines and are not appropriate for networking with Cat 5e cables. Therefore, RJ-45 is the correct connector to use with a Cat 5e cable.
Which of the following remote access tools is a command-line terminal emulation program operating on port 23?
Telnet
VNC
RDP
SSH
The correct answer is Telnet. Telnet is a command-line terminal emulation program that operates over port 23. It allows users to connect to remote devices and manage them through a command-line interface. However, it transmits data in plain text, making it less secure compared to other remote access tools.
The other options are incorrect for the following reasons. VNC (Virtual Network Computing) operates on a different port (typically 5900) and provides graphical remote desktop access. RDP (Remote Desktop Protocol), used for accessing Windows desktops remotely, operates on port 3389. SSH (Secure Shell) is a secure alternative to Telnet, operating on port 22 and providing encrypted communication for secure remote access. Therefore, Telnet is the correct answer for a command-line terminal emulation program operating on port 23.
Which of the following applies to data as it travels from Layer 1 to Layer 7 of the OSI model?
Tunneling
De-encapsulation
Tagging
Encapsulation
The correct answer is de-encapsulation. As data travels from Layer 1 (Physical Layer) to Layer 7 (Application Layer) of the OSI model, it undergoes de-encapsulation. This process involves removing the headers (and sometimes trailers) that were added as the data moved down the OSI model layers. Each layer adds its own header to the data, and as it ascends through the layers, these headers are stripped away, allowing the data to be interpreted correctly at each layer.
The other options are incorrect for the following reasons. Tunneling refers to encapsulating data for transmission through a network but does not specifically apply to the de-encapsulation process as data moves upward through the OSI layers. Tagging is generally associated with adding identifiers to frames, especially in networking protocols that use VLANs (Virtual Local Area Networks), and does not describe the overall process that occurs when data travels up the OSI model. Encapsulation, on the other hand, refers to the process of adding headers (and possibly trailers) as data descends the OSI layers, making it the opposite of de-encapsulation. Therefore, the correct term for data traveling from Layer 1 to Layer 7 is de-encapsulation.
Which of the following is MOST likely to use an RJ-11 connector to connect a computer to an ISP using a POTS line?
Access point
DOCSIS modem
Analog modem
Multilayer switch
The correct answer is Analog modem. An analog modem uses an RJ-11 connector to connect a computer to an Internet Service Provider (ISP) over a Plain Old Telephone Service (POTS) line. This type of modem converts digital signals from a computer into analog signals for transmission over traditional phone lines.
The other options are less likely to use an RJ-11 connector. An Access point typically connects to a wired network using an Ethernet connection (RJ-45). A DOCSIS modem is designed for cable internet and usually connects via coaxial cable, not RJ-11. A Multilayer switch primarily handles Ethernet connections and also uses RJ-45 connectors. Therefore, the analog modem is the most appropriate answer for connecting to an ISP using a POTS line.
What is the flag used to terminate a connection between two hosts when the sender believes something has gone wrong with the TCP connection between them?
SYN
ACK
RST
FIN
The correct answer is RST.
In TCP (Transmission Control Protocol), the RST (Reset) flag is used to terminate a connection when one host detects an error or believes that the connection has gone awry. This flag indicates that the sender wants to abruptly end the connection without going through the normal termination process.
Here’s a brief overview of the other flags mentioned:
- SYN: Used to initiate a connection between two hosts.
- ACK: Acknowledgment flag, used to acknowledge receipt of packets.
- FIN: Used to indicate that the sender has finished sending data and wants to close the connection gracefully.
So, when something goes wrong with a TCP connection, the sender uses the RST flag to terminate it immediately.
Which of the following ports does SIP use?
80/443
5060/5061
389/636
139/445
SIP, or Session Initiation Protocol, uses 5060/5061.
Port 5060 is typically used for unencrypted SIP traffic, while port 5061 is used for encrypted SIP traffic using TLS. SIP is a protocol used to initiate, maintain, and terminate real-time communication sessions such as voice and video calls over IP networks.
For the exam, remember that SIP uses these specific ports for VoIP communications and that port 5061 is used when encryption via TLS is applied.
network administrator needs to allow employees to upload files to a remote server securely. What port must be allowed through the firewall?
22
161
25
21
The correct port to allow for secure file uploads to a remote server is port 22.
Port 22 is used by Secure File Transfer Protocol (SFTP), which allows files to be transferred securely over a network using SSH encryption. This ensures that the files are protected during transmission. For the exam, remember that SFTP and SSH both use port 22 for secure communications.
Ports 21 and 25 are used for FTP and SMTP, respectively, but these do not provide secure file transfer. Port 161 is used for SNMP, which is unrelated to file transfers.
You typed IPCONFIG at the command prompt and find out your IP is 192.168.1.24. You then go to Google.com and search for “what is my IP,” and it returns a value of 35.25.52.11. How do you explain why your computer has two different IP addresses?
This is caused because of the way routers handle IP addresses
This is caused by how a switch handles IP addresses
This is caused because your gateway is conducting NAT or PAT
This is caused by the way traffic is routed over the internet
The correct explanation is that this is caused by the gateway conducting NAT or PAT.
When your computer shows an internal IP address like 192.168.1.24, it is part of a private IP address range used within your local network. This IP is assigned by your router, which is the gateway to the internet. When you access the internet, your router uses Network Address Translation (NAT) to convert your private IP address to a public IP address (like 35.25.52.11) for communication outside the local network. This process allows multiple devices on a local network to share a single public IP address for external communications.
For the exam, it’s important to understand the role of NAT in facilitating internet access for devices with private IP addresses.
Which of the following is a connectionless protocol?
ICMP
SSH
SSL
TCP
The correct answer is ICMP.
ICMP (Internet Control Message Protocol) is a connectionless protocol used primarily for diagnostic and control purposes within a network. It operates above the IP layer and is commonly utilized for error reporting and operational queries, such as pinging another device to check its reachability. Unlike connection-oriented protocols such as SSH (Secure Shell), SSL (Secure Sockets Layer), and TCP (Transmission Control Protocol), ICMP does not establish a dedicated end-to-end connection before transmitting data.
For the exam, remember that connectionless protocols like ICMP do not require a connection setup, allowing for faster communication, but they do not guarantee delivery, order, or error correction.
Mark is setting up a DHCP server on a segment of the corporate LAN. Which of the following options is NOT required in the DHCP scope to allow hosts on that LAN segment to be assigned a dynamic IP address and still be able to access the Internet and internal company servers?
Default gateway
DNS servers
Subnet mask
Reservations
The correct answer is Reservations.
In a DHCP scope, while the default gateway, DNS servers, and subnet mask are necessary to ensure that hosts can communicate effectively within the network and access external resources, reservations are not required for all hosts. Reservations are used to assign a specific IP address to a particular device based on its MAC address, but they are not necessary for the standard dynamic assignment of IP addresses. Therefore, you can set up a DHCP server without having any reservations in the scope while still allowing hosts to receive dynamic IP addresses and access the Internet and internal servers.
For the exam, it’s important to understand the role of each component in a DHCP configuration and recognize that reservations are optional.
Which of the following layers is NOT used in a three-tiered data center network architecture?
Core layer
Control layer
Distribution/aggregation layer
Access/edge layer
The correct answer is the Control layer. A three-tiered data center network architecture typically consists of the Core layer, Distribution/Aggregation layer, and Access/Edge layer. The Control layer is not part of this architecture.
The other options are incorrect. The Core layer is responsible for high-speed data transfer between different parts of the network. The Distribution/Aggregation layer handles routing and policy enforcement. The Access/Edge layer provides connectivity to end devices such as servers and workstations.
You are currently troubleshooting a network connection error. When you ping the default gateway, you receive no reply. You checked the default gateway, and it is functioning properly, but the gateway cannot connect to any of the workstations on the network. Which of the following layers could be causing this issue?
Session
Physical
Transport
Presentation
The issue described, where the default gateway cannot connect to any of the workstations on the network despite the gateway functioning properly, is most likely related to the Physical layer. The Physical layer (Layer 1) of the OSI model encompasses the actual hardware and transmission medium, such as cables, switches, and network interfaces. If there is a problem at this layer, such as faulty cables, bad ports, or issues with network interfaces, it can prevent the devices from communicating effectively.
The Session layer (Layer 5) manages sessions between applications, while the Transport layer (Layer 4) ensures data is sent and received accurately, and the Presentation layer (Layer 6) handles data formatting and encryption. If the ping to the default gateway fails, it indicates a fundamental connectivity issue that is most likely rooted in the Physical layer rather than higher layers in the OSI model.
You have just finished installing a new web application and need to connect it to your SQLnet database server. Which port must be allowed to enable communications through your firewall between the web application and your database server?
3306
1521
3389
1433
To enable communications between your web application and the SQLnet database server, you need to allow port 1521 through your firewall. Port 1521 is the default port used by Oracle databases for SQLnet connections.
The other options are incorrect because port 3306 is used for MySQL databases, port 3389 is for Remote Desktop Protocol (RDP), and port 1433 is typically used for Microsoft SQL Server. Since you’re specifically connecting to an SQLnet database, port 1521 is the correct choice.