Obj 1.X

Question 1

(This is a simulated Performance-Based Question. On the real exam, you may be given a chart with numerous ports and protocols and be asked to drag and drop them to match the ports with the protocols.) What ports do FTP and SFTP utilize?

20, 21
22, 23
21, 22
21, 23

Answer 1

The correct answer is 21, 22. FTP (File Transfer Protocol) uses port 21 for control commands, while SFTP (Secure File Transfer Protocol), which is based on SSH, uses port 22 for secure file transfers. This provides a secure channel for transferring files over the network.

The other choices are incorrect because they either mix incorrect port numbers or associate them with the wrong protocols. Port 20 is used by FTP for data transfer, not for control commands. Port 23 is associated with the Telnet protocol, which is used for remote command-line access but lacks encryption, unlike SFTP. Therefore, these do not match the correct port numbers for FTP and SFTP.

Question 2

What is the lowest layer (bottom layer) of a bare-metal virtualization environment?

Hypervisor
Guest operating system
Host operating system
Physical hardware

Answer 2

The correct answer is Physical hardware. In a bare-metal (Type 1) virtualization environment, the hypervisor runs directly on the physical hardware, making the hardware the lowest layer. The hypervisor then manages virtual machines and their resources.

The other choices are incorrect because they are higher in the virtualization stack. The hypervisor is one layer above the physical hardware, managing the virtual machines but not the lowest layer itself. The guest operating system runs on the virtual machines created by the hypervisor, making it a higher layer. The host operating system is not present in a bare-metal setup, as it refers to Type 2 virtualization, where the hypervisor runs on top of an existing operating system.

Question 3

You have been asked to install a media converter that connects a newly installed SMF to the existing Cat 6a infrastructure. Which type of media converter should you use?

Coaxial to fiber
Fiber to ethernet
Coaxial to ethernet
Fiber to coaxial

Answer 3

The correct answer is Fiber to Ethernet. A fiber to Ethernet media converter is designed to connect fiber optic cables, such as Single-Mode Fiber (SMF), to an Ethernet network, like your existing Cat 6a infrastructure. This type of converter will allow the two different media types to communicate effectively.

The other choices are incorrect because they refer to incompatible media types for this scenario. Coaxial to fiber is used to convert coaxial signals to fiber, which doesn’t apply here since you need to connect fiber to Ethernet. Coaxial to Ethernet is also irrelevant as it connects coaxial cables to Ethernet networks, not fiber. Lastly, Fiber to coaxial would convert fiber signals to coaxial, which again does not meet the requirement of connecting fiber to an Ethernet network.

Question 4

You are trying to select the BEST network topology for a new network based on the following requirements. The design must include redundancy using a minimum of two cables to create the network. The network should not be prone to congestion, therefore each device must wait for its turn to communicate on the network by passing around a token. Which of the following topologies would BEST meet the client’s requirements?

Star
Bus
Ring
Mesh

Answer 4

The correct answer is Ring. A ring topology can use a token-passing method for communication, which ensures that each device waits for its turn to communicate, reducing congestion. Additionally, a dual-ring configuration can provide redundancy, meeting the requirement of having at least two cables for network resilience.

The other choices are incorrect because they do not meet both the redundancy and token-passing requirements. A star topology relies on a central hub or switch, and while it provides some fault tolerance, it does not use token-passing. A bus topology also doesn’t use token-passing, and it lacks redundancy since all devices share the same communication line. A mesh topology offers high redundancy with multiple connections between devices, but it doesn’t inherently use token-passing, making it less relevant for this specific requirement.

Question 5

What is the network ID associated with the host located at 192.168.0.123/29?

192.168.0.112
192.168.0.120
192.168.0.64
192.168.0.96

Answer 5

The correct answer is 192.168.0.120. In a /29 subnet, the subnet mask is 255.255.255.248, which means each subnet contains 8 IP addresses (6 usable). To find the network ID, we need to look at the block of 8 IP addresses that contains 192.168.0.123. The subnet that includes this IP address starts at 192.168.0.120, making 192.168.0.120 the network ID.

The other options are incorrect because they represent different network IDs. 192.168.0.112 and 192.168.0.96 are network IDs for different subnets that do not include 192.168.0.123. 192.168.0.64 is another subnet entirely.

Question 6

Which of the following ports is used by LDAP by default?

3389
427
389
53

Answer 6

The correct answer is 389. LDAP (Lightweight Directory Access Protocol) uses port 389 by default for non-secure communications.

The other ports are incorrect. 3389 is used by RDP (Remote Desktop Protocol), 427 is used by SLP (Service Location Protocol), and 53 is used by DNS (Domain Name System). These ports are unrelated to LDAP.

Question 7

You just heard of a new ransomware attack that has been rapidly spreading across the internet that takes advantage of a vulnerability in the Windows SMB protocol. To protect your network until Microsoft releases a security update, you want to block the port for SMB at your firewall to prevent becoming a victim of this attack. Which of the following ports should you add to your blocklist?

514
143
445
123

Answer 7

The correct answer is 445. Port 445 is used by the Windows SMB (Server Message Block) protocol, which is the target of the ransomware attack you described. Blocking this port at your firewall will help protect your network from the attack by preventing SMB traffic.

The other ports are incorrect because they serve different purposes. Port 514 is typically used for syslog, port 143 is used for IMAP (Internet Message Access Protocol), and port 123 is used for NTP (Network Time Protocol). None of these ports relate to SMB or would help protect against an attack exploiting SMB vulnerabilities.

Question 8

You have just finished installing a new web application and need to connect it to your Microsoft SQL database server. Which port must be allowed to enable communications through your firewall between the web application and your database server?

1433
3306
1521
3389

Answer 8

The correct answer is 1433. Port 1433 is the default port used by Microsoft SQL Server for database communication. Allowing traffic through this port on your firewall will enable your web application to connect to the SQL Server.

The other ports are incorrect. 3306 is used by MySQL, 1521 is used by Oracle Database, and 3389 is used for Remote Desktop Protocol (RDP). These ports are not relevant for Microsoft SQL Server communication.

Question 9

Andy is a network technician who is preparing to configure a company’s network. He has installed a firewall to segment his network into an internal network, a DMZ or screen subnet, and an external network. No hosts on the internal network should be directly accessible by their IP address from the Internet, but they should be able to reach remote networks if they have been assigned an IP address within the network. Which of the following IP addressing solutions would work for this particular network configuration?

Private
APIPA
Teredo tunneling
Classless

Answer 9

The correct answer is Private. Using private IP addressing (defined in RFC 1918) allows hosts on the internal network to communicate internally and reach remote networks while ensuring that they are not directly accessible from the Internet. Private IP addresses are not routable on the public Internet, which aligns with the requirement that no hosts on the internal network should be accessible by their IP address from the Internet.

The other options are incorrect for the following reasons. APIPA (Automatic Private IP Addressing) is used for devices that cannot obtain an IP address from a DHCP server, assigning them an address in the 169.254.0.0/16 range, but it is not suitable for a structured network configuration. Teredo tunneling is a protocol for IPv6 connectivity over an IPv4 network and does not pertain to the use of IP addresses in a private network. Classless addressing refers to the use of CIDR (Classless Inter-Domain Routing) but does not specifically address the need for internal addressing that is not routable on the Internet.

Question 10

You are configuring a point-to-point link between two routers and have been assigned an IP of 77.81.12.14/30. What is the network ID associated with this IP assignment?

77.81.12.12
77.81.12.14
77.81.12.15
77.81.12.13

Answer 10

The correct answer is 77.81.12.12. To determine the network ID for the IP address 77.81.12.14/30, you need to identify the range of addresses within the subnet.

A /30 subnet mask means that there are 4 total IP addresses in this subnet (2^2 = 4). These addresses include:

• Network Address: 77.81.12.12
• Usable Host Address 1: 77.81.12.13
• Usable Host Address 2: 77.81.12.14
• Broadcast Address: 77.81.12.15

The network ID is the first address in the subnet, which in this case is 77.81.12.12. The other options represent either usable host addresses or the broadcast address, which are not valid for the network ID.

Question 11

Your supervisor has asked you to run a Cat 5e cable between two network switches in the server room. Which type of connector should be used with a Cat 5e cable?

DB-25
RJ-45
F-type
RJ-11

Answer 11

The correct answer is RJ-45. This connector is specifically designed for use with twisted pair cables like Cat 5e and is commonly used for Ethernet connections between network devices, such as switches and computers.

The other options are incorrect for the following reasons. DB-25 is a type of connector used for serial connections and is not suitable for networking applications. F-type connectors are typically used for coaxial cables, often in television and broadband applications, rather than twisted pair cables. RJ-11 connectors are used for telephone lines and are not appropriate for networking with Cat 5e cables. Therefore, RJ-45 is the correct connector to use with a Cat 5e cable.

Question 12

Which of the following remote access tools is a command-line terminal emulation program operating on port 23?

Telnet
VNC
RDP
SSH

Answer 12

The correct answer is Telnet. Telnet is a command-line terminal emulation program that operates over port 23. It allows users to connect to remote devices and manage them through a command-line interface. However, it transmits data in plain text, making it less secure compared to other remote access tools.

The other options are incorrect for the following reasons. VNC (Virtual Network Computing) operates on a different port (typically 5900) and provides graphical remote desktop access. RDP (Remote Desktop Protocol), used for accessing Windows desktops remotely, operates on port 3389. SSH (Secure Shell) is a secure alternative to Telnet, operating on port 22 and providing encrypted communication for secure remote access. Therefore, Telnet is the correct answer for a command-line terminal emulation program operating on port 23.

Question 13

Which of the following applies to data as it travels from Layer 1 to Layer 7 of the OSI model?

Tunneling
De-encapsulation
Tagging
Encapsulation

Answer 13

The correct answer is de-encapsulation. As data travels from Layer 1 (Physical Layer) to Layer 7 (Application Layer) of the OSI model, it undergoes de-encapsulation. This process involves removing the headers (and sometimes trailers) that were added as the data moved down the OSI model layers. Each layer adds its own header to the data, and as it ascends through the layers, these headers are stripped away, allowing the data to be interpreted correctly at each layer.

The other options are incorrect for the following reasons. Tunneling refers to encapsulating data for transmission through a network but does not specifically apply to the de-encapsulation process as data moves upward through the OSI layers. Tagging is generally associated with adding identifiers to frames, especially in networking protocols that use VLANs (Virtual Local Area Networks), and does not describe the overall process that occurs when data travels up the OSI model. Encapsulation, on the other hand, refers to the process of adding headers (and possibly trailers) as data descends the OSI layers, making it the opposite of de-encapsulation. Therefore, the correct term for data traveling from Layer 1 to Layer 7 is de-encapsulation.

Question 14

Which of the following is MOST likely to use an RJ-11 connector to connect a computer to an ISP using a POTS line?

Access point
DOCSIS modem
Analog modem
Multilayer switch

Answer 14

The correct answer is Analog modem. An analog modem uses an RJ-11 connector to connect a computer to an Internet Service Provider (ISP) over a Plain Old Telephone Service (POTS) line. This type of modem converts digital signals from a computer into analog signals for transmission over traditional phone lines.

The other options are less likely to use an RJ-11 connector. An Access point typically connects to a wired network using an Ethernet connection (RJ-45). A DOCSIS modem is designed for cable internet and usually connects via coaxial cable, not RJ-11. A Multilayer switch primarily handles Ethernet connections and also uses RJ-45 connectors. Therefore, the analog modem is the most appropriate answer for connecting to an ISP using a POTS line.

Question 15

What is the flag used to terminate a connection between two hosts when the sender believes something has gone wrong with the TCP connection between them?

SYN
ACK
RST
FIN

Answer 15

The correct answer is RST.

In TCP (Transmission Control Protocol), the RST (Reset) flag is used to terminate a connection when one host detects an error or believes that the connection has gone awry. This flag indicates that the sender wants to abruptly end the connection without going through the normal termination process.

Here’s a brief overview of the other flags mentioned:

• SYN: Used to initiate a connection between two hosts.
• ACK: Acknowledgment flag, used to acknowledge receipt of packets.
• FIN: Used to indicate that the sender has finished sending data and wants to close the connection gracefully.

So, when something goes wrong with a TCP connection, the sender uses the RST flag to terminate it immediately.

Question 16

Which of the following ports does SIP use?

80/443
5060/5061
389/636
139/445

Answer 16

SIP, or Session Initiation Protocol, uses 5060/5061.

Port 5060 is typically used for unencrypted SIP traffic, while port 5061 is used for encrypted SIP traffic using TLS. SIP is a protocol used to initiate, maintain, and terminate real-time communication sessions such as voice and video calls over IP networks.

For the exam, remember that SIP uses these specific ports for VoIP communications and that port 5061 is used when encryption via TLS is applied.

Question 17

network administrator needs to allow employees to upload files to a remote server securely. What port must be allowed through the firewall?

22
161
25
21

Answer 17

The correct port to allow for secure file uploads to a remote server is port 22.

Port 22 is used by Secure File Transfer Protocol (SFTP), which allows files to be transferred securely over a network using SSH encryption. This ensures that the files are protected during transmission. For the exam, remember that SFTP and SSH both use port 22 for secure communications.

Ports 21 and 25 are used for FTP and SMTP, respectively, but these do not provide secure file transfer. Port 161 is used for SNMP, which is unrelated to file transfers.

Question 18

You typed IPCONFIG at the command prompt and find out your IP is 192.168.1.24. You then go to Google.com and search for “what is my IP,” and it returns a value of 35.25.52.11. How do you explain why your computer has two different IP addresses?

This is caused because of the way routers handle IP addresses
This is caused by how a switch handles IP addresses
This is caused because your gateway is conducting NAT or PAT
This is caused by the way traffic is routed over the internet

Answer 18

The correct explanation is that this is caused by the gateway conducting NAT or PAT.

When your computer shows an internal IP address like 192.168.1.24, it is part of a private IP address range used within your local network. This IP is assigned by your router, which is the gateway to the internet. When you access the internet, your router uses Network Address Translation (NAT) to convert your private IP address to a public IP address (like 35.25.52.11) for communication outside the local network. This process allows multiple devices on a local network to share a single public IP address for external communications.

For the exam, it’s important to understand the role of NAT in facilitating internet access for devices with private IP addresses.

Question 19

Which of the following is a connectionless protocol?

ICMP
SSH
SSL
TCP

Answer 19

The correct answer is ICMP.

ICMP (Internet Control Message Protocol) is a connectionless protocol used primarily for diagnostic and control purposes within a network. It operates above the IP layer and is commonly utilized for error reporting and operational queries, such as pinging another device to check its reachability. Unlike connection-oriented protocols such as SSH (Secure Shell), SSL (Secure Sockets Layer), and TCP (Transmission Control Protocol), ICMP does not establish a dedicated end-to-end connection before transmitting data.

For the exam, remember that connectionless protocols like ICMP do not require a connection setup, allowing for faster communication, but they do not guarantee delivery, order, or error correction.

Question 20

Mark is setting up a DHCP server on a segment of the corporate LAN. Which of the following options is NOT required in the DHCP scope to allow hosts on that LAN segment to be assigned a dynamic IP address and still be able to access the Internet and internal company servers?

Default gateway
DNS servers
Subnet mask
Reservations

Answer 20

The correct answer is Reservations.

In a DHCP scope, while the default gateway, DNS servers, and subnet mask are necessary to ensure that hosts can communicate effectively within the network and access external resources, reservations are not required for all hosts. Reservations are used to assign a specific IP address to a particular device based on its MAC address, but they are not necessary for the standard dynamic assignment of IP addresses. Therefore, you can set up a DHCP server without having any reservations in the scope while still allowing hosts to receive dynamic IP addresses and access the Internet and internal servers.

For the exam, it’s important to understand the role of each component in a DHCP configuration and recognize that reservations are optional.

Question 21

Which of the following layers is NOT used in a three-tiered data center network architecture?

Core layer
Control layer
Distribution/aggregation layer
Access/edge layer

Answer 21

The correct answer is the Control layer. A three-tiered data center network architecture typically consists of the Core layer, Distribution/Aggregation layer, and Access/Edge layer. The Control layer is not part of this architecture.

The other options are incorrect. The Core layer is responsible for high-speed data transfer between different parts of the network. The Distribution/Aggregation layer handles routing and policy enforcement. The Access/Edge layer provides connectivity to end devices such as servers and workstations.

Question 22

You are currently troubleshooting a network connection error. When you ping the default gateway, you receive no reply. You checked the default gateway, and it is functioning properly, but the gateway cannot connect to any of the workstations on the network. Which of the following layers could be causing this issue?

Session
Physical
Transport
Presentation

Answer 22

The issue described, where the default gateway cannot connect to any of the workstations on the network despite the gateway functioning properly, is most likely related to the Physical layer. The Physical layer (Layer 1) of the OSI model encompasses the actual hardware and transmission medium, such as cables, switches, and network interfaces. If there is a problem at this layer, such as faulty cables, bad ports, or issues with network interfaces, it can prevent the devices from communicating effectively.

The Session layer (Layer 5) manages sessions between applications, while the Transport layer (Layer 4) ensures data is sent and received accurately, and the Presentation layer (Layer 6) handles data formatting and encryption. If the ping to the default gateway fails, it indicates a fundamental connectivity issue that is most likely rooted in the Physical layer rather than higher layers in the OSI model.

Question 23

You have just finished installing a new web application and need to connect it to your SQLnet database server. Which port must be allowed to enable communications through your firewall between the web application and your database server?

3306
1521
3389
1433

Answer 23

To enable communications between your web application and the SQLnet database server, you need to allow port 1521 through your firewall. Port 1521 is the default port used by Oracle databases for SQLnet connections.

The other options are incorrect because port 3306 is used for MySQL databases, port 3389 is for Remote Desktop Protocol (RDP), and port 1433 is typically used for Microsoft SQL Server. Since you’re specifically connecting to an SQLnet database, port 1521 is the correct choice.

Question 24

Which of the following layers within software-defined networking focuses on resource requests or information about the network?

Management plane
Infrastructure layer
Application layer
Control layer

Answer 24

1. The correct answer is the Application layer.
2. The application layer focuses on the communication resource requests or information about the network. The control layer uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to. The infrastructure layer contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements. The management plane is used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations.

Question 25

What is the broadcast address associated with the host located at 201.58.12.245/28?

201.58.12.255
201.58.12.241
201.58.12.254
201.58.12.240

Answer 25

The correct answer is 201.58.12.255.

To calculate the broadcast address for the IP address 201.58.12.245 with a subnet mask of /28, you first need to determine the network range:

1. The subnet mask for /28 is 255.255.255.240, which means that the subnet includes 16 addresses (2^4 = 16).
2. The address range starts at the lowest address in the subnet and ends at the highest address. For /28, each subnet includes addresses from x.x.x.240 to x.x.x.255.
3. In this case, the network address is 201.58.12.240, and the broadcast address is the last address in the subnet, which is 201.58.12.255.

So, the broadcast address associated with 201.58.12.245/28 is 201.58.12.255.

Question 26

Which of the following technologies deliver multiple voice calls over a copper wire if you have an ISDN or T-1 connection?

Time-division multiplexing
CSMA/CD
Analog circuit switching
Time-division spread spectrum

Answer 26

The correct answer is Time-division multiplexing (TDM).

Time-division multiplexing is a technology that allows multiple voice calls to be transmitted over a single copper wire, such as an ISDN or T-1 connection. TDM works by dividing the available bandwidth into time slots, allocating specific time periods for each voice call to transmit its data. This enables several calls to share the same physical medium without interference, making efficient use of the available bandwidth.

The other options are incorrect for the following reasons:

• CSMA/CD (Carrier Sense Multiple Access with Collision Detection) is a network protocol for managing access to a shared medium in Ethernet networks, not specifically for delivering voice calls over copper wires.
• Analog circuit switching establishes a dedicated circuit for each call, but it is not the method used for ISDN or T-1 connections.
• Time-division spread spectrum is a technique primarily used in wireless communications to spread signals across multiple frequencies but is not applicable in the context of delivering multiple voice calls over a copper wire.

Question 27

Which of the following communication types are used in IPv6 to send a packet to the nearest interface that shares a common address in a routing table?

Unicast
Multicast
Anycast
Broadcast

Answer 27

The correct answer is Anycast.

Anycast is a communication type in IPv6 used to send packets to the nearest interface that shares a common address in a routing table. It allows multiple devices to share the same address, and the network will route the packet to the closest device based on the routing metrics, which helps optimize performance and reduce latency.

The other options are incorrect for the following reasons:

• Unicast involves sending a packet from one sender to one specific receiver. It does not involve multiple devices sharing an address.
• Multicast sends packets to a group of interested receivers that subscribe to a particular multicast address, but it does not specify the nearest receiver.
• Broadcast is not used in IPv6 as it is in IPv4. IPv6 replaces broadcast communication with multicast and anycast, so broadcast communication is not applicable in this context.

Question 28

Your network relies on the use of ATM cells. At which layer of the OSI model do ATM cells operate?

Network
Session
Transport
Data link

Answer 28

The correct answer is Data link.

ATM (Asynchronous Transfer Mode) cells operate at the Data Link layer (Layer 2) of the OSI model. This layer is responsible for the framing and transfer of data between devices on the same network, providing reliable communication over the physical medium. ATM uses fixed-size cells for data transmission, which enables efficient switching and multiplexing of different types of traffic.

The other options are incorrect for the following reasons:

• Network layer (Layer 3) is responsible for logical addressing and routing packets between different networks. While ATM can carry network layer protocols, it operates at the layer below.
• Session layer (Layer 5) manages sessions or connections between applications. This layer is not involved in the handling of ATM cells.
• Transport layer (Layer 4) provides end-to-end communication services for applications, ensuring complete data transfer. Like the session layer, it does not directly deal with ATM cell management.

Question 29

You suspect that your server has been the victim of a web-based attack. Which of the following ports would most likely be seen in the logs to indicate the attack’s target?

3389
443
21
389

Answer 29

1. The correct answer is 443. Port 443 is used for HTTPS traffic, which is the protocol for secure web-based communication. If your server has been targeted by a web-based attack, it is most likely that attackers were attempting to exploit vulnerabilities related to HTTPS.
2. 3389 is incorrect because it is used for Remote Desktop Protocol (RDP), which is not directly related to web-based attacks. 21 is used for FTP (File Transfer Protocol), which is for file transfers and not web-based traffic. 389 is used for LDAP (Lightweight Directory Access Protocol), which handles directory services, not web attacks related to websites or HTTP/HTTPS traffic.

Question 30

What port number does POP3 utilize?

110
993
143
995

Answer 30

1. The correct answer is 110. POP3, or Post Office Protocol 3, uses port 110 by default for receiving emails in a basic, unencrypted format.
2. 993 is used by IMAP over SSL/TLS (IMAPS), not by POP3. 143 is the default port for unencrypted IMAP, which allows users to manage email on the server rather than downloading it. 995 is used by POP3 over SSL/TLS (POP3S) for encrypted email retrieval, whereas unencrypted POP3 uses port 110.

Question 31

You are configuring a point-to-point link and want to ensure it is configured for the most efficient use of your limited pool of available public IP addresses. Which of the following subnet masks would be BEST to use in this scenario?

/28
/30
/24
/29

Answer 31

1. The correct answer is /30. A subnet mask of /30 is ideal for point-to-point links because it provides only two usable IP addresses, which is all that’s needed for a direct link between two devices. This configuration is highly efficient when conserving IP addresses, as it minimizes wasted addresses.
2. /28 and /29 both offer more usable IP addresses (14 and 6, respectively) than are needed for a point-to-point connection, which would result in unnecessary IP waste. /24 provides 254 usable IP addresses, which is far more than required for a simple link, making it an inefficient choice for conserving a limited IP address pool.

Question 32

What port number does LDAPS utilize?

3389
636
389
1433

Answer 32

1. The correct answer is 636. LDAPS, or LDAP over SSL/TLS, utilizes port 636 to provide a secure connection for LDAP communications by encrypting the data.
2. 3389 is used for Remote Desktop Protocol (RDP), which allows remote access to Windows systems. 389 is the standard, non-encrypted LDAP port, so it doesn’t provide secure LDAP over SSL/TLS. 1433 is the default port for Microsoft SQL Server, which is unrelated to LDAP services.

Question 33

A network technician needs to connect two switches. The technician needs a link between them that is capable of handling 10 Gbps of throughput. Which of the following media would BEST meet this requirement?

Cat 5e cable
FIber Optic Cable
Cat 3 cable
Coax cable

Answer 33

1. The correct answer is Fiber optic cable. Fiber optic cabling supports high bandwidth, making it ideal for 10 Gbps throughput over longer distances between network devices, such as switches.
2. Cat 5e cable is rated for speeds up to 1 Gbps and would not reliably support 10 Gbps. Cat 3 cable is limited to low-speed applications and cannot support even 1 Gbps. Coax cable is also not capable of handling 10 Gbps for this type of networking need.

Question 34

Which of the following WAN technologies would MOST likely be used to connect several remote branches that have no fiber, microwave, or satellite connections available?

WiMAX
Starlink
OC-3
POTS

Answer 34

1. The correct answer is POTS. Plain Old Telephone Service (POTS) is widely available in remote areas, making it a viable option for basic WAN connectivity when fiber, microwave, or satellite links aren’t available. It can support dial-up or DSL connections for low-bandwidth data transfer.
2. WiMAX requires specific infrastructure and may not be available in all remote locations. Starlink is a satellite-based solution, which is ruled out in this scenario. OC-3 is a high-speed fiber optic service that requires fiber infrastructure, which isn’t available here.

Question 35

Your company’s corporate headquarters provided your branch office a portion of their Class C subnet to use at a new office location. You must allocate the minimum number of addresses using CIDR notation in order to accommodate each department’s needs. What is the correct CIDR notation for the Human Resources (HR) department’s subnet, which requires 25 devices?

/28
/29
/26
/25
/27
/30

Answer 35

1. The correct answer is /27. A subnet mask of /27 provides 32 IP addresses (30 usable after accounting for network and broadcast addresses), which is the minimum number that can support 25 devices.
2. /28 only provides 16 IP addresses, which isn’t enough. /29 and /30 offer even fewer IPs, so they also can’t accommodate 25 devices. /26 and /25 both provide more IPs than needed (64 and 128, respectively), making /27 the most efficient choice.

Question 36

What is an example of a signaling protocol used to initiate, maintain, and terminate a real-time VoIP session?

VRRP
TFTP
SIP
RDP

Answer 36

1. The correct answer is SIP (Session Initiation Protocol). SIP is widely used in Voice over IP (VoIP) communications to initiate, manage, and terminate real-time sessions, including audio and video calls.
2. VRRP (Virtual Router Redundancy Protocol) is used for router redundancy, not for managing VoIP sessions. TFTP (Trivial File Transfer Protocol) transfers files over a network and doesn’t handle real-time communication. RDP (Remote Desktop Protocol) allows remote access to another computer but isn’t used for VoIP signaling.

Question 37

What is the broadcast address associated with the host located at 172.16.200.130/26?

172.16.200.158
172.16.200.190
172.16.200.159
172.16.200.191

Answer 37

1. The correct answer is 172.16.200.191. With a subnet mask of /26, each subnet has 64 IP addresses, including the network and broadcast addresses. For the subnet containing 172.16.200.130, the valid IP range is from 172.16.200.128 to 172.16.200.191, making 172.16.200.191 the broadcast address.
2. 172.16.200.158 and 172.16.200.159 are within the subnet’s range but are not the broadcast address. 172.16.200.190 is also within the subnet’s range, but the broadcast address is the last address, which is 172.16.200.191.

Question 38

A network administrator has set up a firewall and set up only three allow rules so that traffic can be sent over ports 21, 110, and 25. Next, they added a final rule of “deny any any” to the end of the ACL to minimize the attack surface and better secure the network. Unfortunately, now the administrator is receiving complaints from users that they cannot access any web pages using their URLs, such as DionTraining.com. Which of the following should the administrator do to correct this issue?

Add a rule to the ACL to allow traffic on ports 143 and 22
Add a rule to the ACL to allow traffic on ports 139 and 445
Add a rule to the ACL to allow traffic on ports 110 and 389
Add a rule to the ACL to allow traffic on ports 80 and 53

Answer 38

1. The correct answer is Add a rule to the ACL to allow traffic on ports 80 and 53. Port 80 is required for HTTP traffic, which is essential for web browsing, while port 53 is used for DNS queries to resolve URLs to IP addresses. Without these, users can’t access web pages by URL.
2. Ports 143 and 22 are for IMAP email and SSH, respectively, which are unrelated to general web browsing. Ports 139 and 445 are used for file-sharing protocols (NetBIOS and SMB) and are not required for web access. Ports 110 and 389 are for POP3 email and LDAP directory access, neither of which addresses web browsing issues.

Question 39

You have been asked to troubleshoot a router which uses label-switching and label-edge routers to forward traffic. Which of the following types of protocols should you be familiar with to troubleshoot this device?

MPLS
BGP
OSPF
EIGRP

Answer 39

1. The correct answer is MPLS. Multiprotocol Label Switching (MPLS) is a protocol that uses label-switching to direct packets across networks. Label-edge routers (LERs) and label-switching routers (LSRs) are core components of MPLS, making it essential to understand MPLS to troubleshoot this type of network setup.
2. BGP, OSPF, and EIGRP are all routing protocols but don’t use label-switching as part of their forwarding mechanism. BGP is used for routing between autonomous systems, while OSPF and EIGRP are primarily used for internal routing within a network, relying on IP addresses rather than labels for packet forwarding.

Question 40

Which of the following layers within software-defined networking focuses on providing network administrators the ability to oversee network operations, monitor traffic conditions, and display the status of the network?

Application layer
Control layer
Management plane
Infrastructure layer

Answer 40

1. The correct answer is Management plane. The management plane in software-defined networking (SDN) is responsible for providing network administrators with the tools to oversee network operations, monitor traffic conditions, and display the status of the network. It enables management functionalities such as monitoring performance, configuring devices, and ensuring the network operates as intended.
2. The Application layer focuses on providing network applications and services but does not directly deal with monitoring or overseeing network operations. The Control layer manages the data plane and makes forwarding decisions, while the Infrastructure layer refers to the physical devices and network elements involved in transporting data.

Question 41

A company is having a new T1 line installed. Which of the following does this connection MOST likely terminate?

Krone block
IDF
Demarcation point
Patch panel

Answer 41

1. The correct answer is Demarcation point. A T1 line typically terminates at the demarcation point, which is the physical point where the service provider’s network ends and the customer’s internal network begins. This is where the responsibility for maintaining the line shifts from the provider to the customer.
2. A Krone block is a type of punch-down block used for connecting telecommunication cables, but it is not specifically a termination point for a T1 line. An IDF (Intermediate Distribution Frame) is a wiring closet or room that connects various network devices, but it does not serve as the initial termination point for external lines. A patch panel is used for organizing and managing cable connections but also does not serve as the termination point for a T1 line.

Question 42

Which of the following utilizes a well-written set of carefully developed and tested scripts to orchestrate runbooks and generate consistent server builds across an enterprise?

Infrastructure as Code (IaC)
Software as a Service (SaaS)
Infrastructure as a Service (IaaS)
Software-Defined Networking (SDN)

Answer 42

1. The correct answer is Infrastructure as Code (IaC). IaC involves using code and scripts to automate the provisioning and management of IT infrastructure, allowing for consistent and repeatable server builds across an enterprise. This approach ensures that environments can be quickly replicated and maintained through well-defined scripts.
2. Software as a Service (SaaS) refers to software that is hosted in the cloud and accessed via the internet, but it does not focus on infrastructure provisioning or orchestration. Infrastructure as a Service (IaaS) provides virtualized computing resources over the internet but does not inherently include the orchestration scripts for server builds. Software-Defined Networking (SDN) is an architectural approach that allows for the management of networks through software-based approaches but is unrelated to server provisioning and build orchestration.

Question 43

You are configuring a point-to-point link and want to ensure it is configured for the most efficient use of your limited pool of available public IP addresses. Which of the following subnet masks would be BEST to use in this scenario?

/29
/28
/24
/30

Answer 43

/30

The most efficient subnet mask for a point-to-point link is actually a /31 subnet, which only provides 2 addresses. This will only work if both routers use a newer routing protocol like OSPF, IS-IS, EIGRP, or RIPv2 (or above). The most widely accepted and used method is to use a /30 subnet consisting of 4 IP addresses. The first is the network IP, the last is the broadcast, and the other 2 IPs can be assigned to the routers on either end of the point-to-point network. For the exam, if you see the option of /30 or /31, remember, they can be used for point-to-point networks.

Question 44

Which of the following ports should be allowed to enable access to certain VoIP applications?

139
3306
5060
110

Answer 44

5060

Session Initiation Protocol (SIP) uses ports 5060 and 5061, and is a signaling protocol for initiating, maintaining, and terminating real-time sessions that include voice, video, and messaging applications. Post Office Protocol version 3 (POP3) uses port 110 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Server Message Block (SMB) uses ports 139 and 445, and is a network file sharing protocol that runs on top of the NetBIOS architecture in Windows environments. MySQL uses ports 3306 and is an open-source relational database management system that is fully compatible with the structured query language (SQL).

Question 45

Which of the following ethernet standards is used with a single-mode fiber optic cable?

10GBase-SR
10GBase-LR
40GBase-T
1000Base-T

Answer 45

The correct answer is 10GBase-LR. This Ethernet standard is designed specifically for single-mode fiber optic cables and supports long-distance transmission, up to approximately 10 kilometers. It is commonly used in setups that require reliable, high-speed connections over long distances, such as between buildings or across campuses.

The other options are incorrect because 10GBase-SR is used with multimode fiber, typically over shorter distances. Both 40GBase-T and 1000Base-T are standards for twisted-pair copper cables, not fiber optic cables, and are therefore unsuitable for single-mode fiber connections.

Question 46

When using a Type 1 hypervisor virtualized environment, which of the following hardware types is necessary to connect the VMs to the corporate network?

VPN
VNC
VDI
Virtual NIC

Answer 46

The correct answer is Virtual NIC. In a Type 1 hypervisor environment, each virtual machine (VM) uses a virtual network interface card (NIC) to connect to the physical network through the hypervisor. This virtual NIC enables VMs to interact with the network and communicate with other devices as if they were physical machines.

The other options are incorrect because VPN is a secure communication protocol, not a hardware component, and VNC is a remote desktop technology rather than a networking component. VDI refers to virtual desktop infrastructure, a way to deliver virtual desktops to users, but it does not serve as network hardware connecting VMs to a corporate network.

Question 47

A small real estate office has about 15 workstations and would like to use DHCP to assign classful IP addresses to each workstation. The subnet only has one octet for the host portion of each device. Which of the following IP addresses could be assigned as the default gateway?

192.168.0.1
172.16.0.1
10.0.0.1
169.254.0.1

Answer 47

The correct answer is 192.168.0.1. This address falls within the private IP range designated by the Class C address space, where the default subnet mask (255.255.255.0) provides one octet for host addresses. With one octet available for hosts, the subnet can support up to 254 devices, which is sufficient for a small office with 15 workstations.

The other options are incorrect for a Class C subnet because 172.16.0.1 is a Class B private address, where two octets are used for hosts. Similarly, 10.0.0.1 is a Class A private address, which also uses three octets for hosts by default. 169.254.0.1 is an Automatic Private IP Addressing (APIPA) address, automatically assigned when DHCP is unavailable, and should not be used as a default gateway.

Question 48

Which type of network geography is used to connect various circuits between remote locations?

WAN
PAN
LAN
WLAN

Answer 48

The correct answer is WAN. A Wide Area Network (WAN) is used to connect networks and circuits over large geographical distances, such as between multiple office locations or cities, allowing remote sites to communicate as if they were on a single, unified network.

The other options are incorrect because a PAN (Personal Area Network) covers a very limited range, typically around a person or their personal devices. A LAN (Local Area Network) is limited to a small geographic area like a single building or campus. A WLAN (Wireless Local Area Network) is simply a wireless version of a LAN, used to connect devices within a limited area wirelessly.

Question 49

What port number does POP3 over SSL utilize?

993
110
143
995

Answer 49

The correct answer is 995. POP3 over SSL, also known as POP3S, uses port 995 to provide encrypted email retrieval between clients and servers, adding a layer of security to the standard POP3 protocol.

The other options are incorrect because port 993 is used for IMAP over SSL (IMAPS), port 110 is the default port for standard, unencrypted POP3, and port 143 is used for standard IMAP without SSL encryption.

Question 50

Which communication technology would MOST likely be used to increase bandwidth over an existing fiber-optic network by combining multiple signals at different wavelengths?

FCoE
LACP
ADSL
DWDM

Answer 50

DWDM is correct. Dense Wavelength Division Multiplexing (DWDM) is a technology used in fiber-optic networks to increase bandwidth by combining multiple data signals on different wavelengths, allowing many channels of data to travel simultaneously on the same fiber. This method efficiently maximizes the capacity of existing fiber infrastructure without laying additional cables.

FCoE (Fibre Channel over Ethernet) enables storage traffic over Ethernet networks but does not increase bandwidth on fiber-optic links. LACP (Link Aggregation Control Protocol) combines multiple Ethernet links for redundancy and bandwidth but applies to Ethernet networks, not wavelength-based multiplexing on fiber. ADSL (Asymmetric Digital Subscriber Line) is a technology for transmitting data over copper telephone lines and does not apply to fiber-optic systems.

Question 51

According to the OSI model, at which of the following layers is data encapsulated into bits?

Layer 4
Layer 3
Layer 1
Layer 2

Answer 51

Layer 1 is correct. In the OSI model, data is encapsulated into bits at Layer 1, the Physical layer, where it is translated into the electrical, optical, or radio signals required for transmission across the network. This layer is responsible for the physical connection between devices, transmitting raw bitstreams over a physical medium.

Layer 4, the Transport layer, segments and reassembles data for end-to-end communication but does not encapsulate it into bits. Layer 3, the Network layer, handles data encapsulation into packets for routing across networks, while Layer 2, the Data Link layer, encapsulates data into frames for local network transmission, not into bits.

Question 52

Dion Training wants to create a DNS record to specify a host and port to use for a new instant messaging service. Which type of DNS record should be created?

PTR
TXT
SOA
SRV

Answer 52

An SRV record is the correct choice. SRV (Service) records in DNS are specifically designed to define the location of servers and services within a domain, including the hostname and port number for services like instant messaging, VoIP, and other applications. This record type provides the flexibility to designate both the service’s host and its port, making it ideal for directing clients to the appropriate service endpoints.

A PTR (Pointer) record is used for reverse DNS lookups to map an IP address back to a hostname, which doesn’t suit the requirement here. TXT records contain descriptive text information and can be used for purposes like SPF and DKIM records but are not used to specify host and port details. An SOA (Start of Authority) record provides information about the DNS zone itself, such as the primary DNS server and zone version, but does not direct clients to specific services.

Question 53

Which of the following types of telecommunication links is used to provide high-speed internet service over a system of coaxial or HFC cables?

DSL
Cable
Leased line
Satellite

Answer 53

Cable is the correct answer. Cable internet service utilizes coaxial cables or Hybrid Fiber-Coaxial (HFC) networks to deliver high-speed internet to homes and businesses. This technology leverages the existing infrastructure used for cable television, allowing for significant bandwidth capabilities and fast data transmission.

DSL (Digital Subscriber Line) uses telephone lines to provide internet access, typically offering lower speeds compared to cable. Leased lines are dedicated telecommunication lines that provide a constant connection between two locations but are not specific to high-speed internet; they can be quite costly. Satellite internet relies on satellite communication and is typically slower and affected by latency issues, making it less desirable for high-speed internet services compared to cable.

Question 54

What ports do HTTPS and RDP utilize?

443, 445
443, 161
443, 3389
443, 25

Answer 54

The correct answer is 443, 3389. HTTPS (Hypertext Transfer Protocol Secure) operates over port 443, providing a secure connection for web traffic. RDP (Remote Desktop Protocol) uses port 3389, allowing users to connect remotely to a computer or server.

Ports 445 and 161 are incorrect; port 445 is used for SMB (Server Message Block) traffic, which facilitates file sharing and printer services, while port 161 is used for SNMP (Simple Network Management Protocol) for network management purposes. Port 25 is the standard port for SMTP (Simple Mail Transfer Protocol), used for sending email, but it does not pertain to either HTTPS or RDP.

Question 55

What is the correct color scheme for Pin 1 to Pin 8 for a T-568A connector?

white/orange, orange, white/green, blue, white/blue, green, white/brown, brown
blue, white/blue, orange, white/brown, brown, white/green, green, orange/white
white/green, green, white/orange, orange, blue, white/blue, white/brown, brown
white/green, green, white/orange, blue, white/blue, orange, white/brown, brown

Answer 55

The correct answer is white/green, green, white/orange, blue, white/blue, orange, white/brown, brown

Remember, a straight-through cable will have T-568B on both ends. If you are asked to make a cross-over cable, you need a T-568A on one side and a T-568B on the other side.

T-568B switch Green & Orange. 1-3, 2-6

Question 56

What port number does IMAP utilize?

995
110
993
143

Answer 56

The correct answer is 143. IMAP (Internet Message Access Protocol) typically uses port 143 for standard communication. While port 993 is used for IMAP over SSL (IMAPS), the primary port for IMAP itself is 143.

The other options are incorrect because port 995 is used for POP3 over SSL (POP3S), and port 110 is used for standard POP3, which is a different email protocol. Thus, port 143 is the correct choice for IMAP.

Question 57

Which of the following BEST describes how a DHCP reservation works?

By assigning options to the computers on the network by priority
By leasing a set of reserved IP addresses according to their category
By matching a MAC address to an IP address within the DHCP scope
By letting the network switches assign IP addresses from a reserved pool

Answer 57

The correct answer is “By matching a MAC address to an IP address within the DHCP scope.”

A DHCP reservation allows a specific IP address to be permanently assigned to a particular device based on its MAC address. This ensures that the device always receives the same IP address every time it connects to the network, which is essential for devices that require a consistent IP for applications like printers or servers.

The other options are incorrect because DHCP reservations do not work by prioritizing options or leasing IP addresses based on categories. Additionally, network switches do not assign IP addresses; this is the responsibility of the DHCP server. Instead, reservations are specifically tied to MAC addresses to maintain consistency in IP assignment.

Question 58

What port number does HTTPS utilize?

80
123
443
143

Answer 58

The correct answer is 443. HTTPS, or Hypertext Transfer Protocol Secure, uses port 443 for secure communication over a computer network. It is the secure version of HTTP, and it encrypts data transmitted between the client and server to ensure confidentiality and integrity.

The other options are incorrect because port 80 is used for standard HTTP traffic, port 123 is typically associated with the Network Time Protocol (NTP), and port 143 is used for Internet Message Access Protocol (IMAP) without encryption. Thus, only port 443 is designated for HTTPS traffic.

Question 59

Which of the following layers within software-defined networking consists of the physical networking devices, such as switches and routers?

Control layer
Management plane
Application layer
Infrastructure layer

Answer 59

The correct answer is Infrastructure layer. In software-defined networking (SDN), the Infrastructure layer consists of the physical networking devices like switches, routers, and other hardware that handle data traffic. This layer is also referred to as the “data plane” and is responsible for forwarding packets based on the rules set by the SDN controller.

The Control layer is where the SDN controller resides, managing traffic flow and device configuration. The Management plane oversees network-wide policies and communication between the controller and other network components. The Application layer consists of SDN applications that define policies and communicate requirements to the controller.