Obj 2.X Flashcards
Which of the following technologies combines the functionality of a firewall, malware scanner, and other security appliances into one device?
IPS
IDS
UTM
Syslog
The correct answer is UTM (Unified Threat Management). UTM devices combine multiple security functions, including firewall, malware scanning, intrusion detection, and prevention into one system. This makes it a versatile solution for managing various security threats through a single interface.
The other choices are incorrect because they serve different purposes. An IPS (Intrusion Prevention System) detects and blocks potential threats but does not include a full suite of security functions like a UTM. An IDS (Intrusion Detection System) monitors network traffic for suspicious activity but does not take action to stop threats or include other features like malware scanning. Syslog is a protocol for logging system messages and events but has no direct security features like firewalls or malware detection.
Which type of wireless technology are OFDM, QAM, and QPSK examples of?
Spectrum
Modulation
RF interference
Frequency
The correct answer is Modulation. OFDM (Orthogonal Frequency-Division Multiplexing), QAM (Quadrature Amplitude Modulation), and QPSK (Quadrature Phase Shift Keying) are examples of modulation techniques used to encode data onto a carrier signal for transmission. Modulation allows the wireless signal to carry information over the airwaves.
The other choices are incorrect because they refer to different concepts. Spectrum refers to the range of frequencies used for wireless communication but not how the signal is modulated. RF interference is unwanted noise that disrupts wireless signals but isn’t related to the process of modulating a signal. Frequency refers to the specific part of the radio spectrum being used, but it doesn’t describe how the data is encoded onto the signal.
Your company wants to create highly available datacenters. Which of the following will allow the company to continue maintaining an Internet presence at all sites if the WAN connection at their own site goes down?
OSPF
BGP
VRRP
Load balancer
The correct answer is BGP (Border Gateway Protocol). BGP is designed for routing between different networks, such as across the internet. It allows organizations to maintain connectivity even if one of their WAN links goes down by routing traffic through alternative paths to maintain internet presence at multiple data centers. This ensures high availability across different sites.
The other options are incorrect because they are either not suited for routing traffic across multiple data centers or don’t address WAN connection redundancy. OSPF is used for routing within a single organization’s internal network, but it isn’t designed for managing internet routing across WANs. VRRP (Virtual Router Redundancy Protocol) provides redundancy for a default gateway within a network but does not manage external internet routing. A load balancer distributes traffic across servers for redundancy and scalability within a data center, but it doesn’t maintain internet connectivity if a WAN link fails.
Dion Training is trying to connect two geographically dispersed offices using a VPN connection. You have been asked to configure their networks to allow VPN traffic into the network. Which device should you configure FIRST?
Firewall
Router
Modem
Switch
The correct answer is Firewall. The firewall should be configured first to allow VPN traffic into the network. Firewalls are responsible for monitoring and controlling incoming and outgoing network traffic based on predetermined security rules. Configuring the firewall to permit the specific VPN protocols (such as IPSec or SSL) ensures that the VPN connection can be established securely.
The other choices are incorrect because they don’t address the initial need to allow VPN traffic. Router configuration is important for directing the VPN traffic, but if the firewall isn’t set up to allow that traffic, the connection will fail. Modem is not the primary device for handling VPN configurations; it provides internet connectivity. A switch is used for connecting devices within a local area network and does not manage traffic at the level needed for VPN connections.
Which type of network device operates at layer 1 of the OSI model and requires connected devices to operate at half-duplex using CSMA/CD?
Switch
Hub
Router
Bridge
The correct answer is Hub. A hub operates at Layer 1 of the OSI model (the Physical layer) and simply forwards electrical signals to all connected devices without any intelligence for managing traffic. Because hubs cannot distinguish between multiple data streams, they require devices to operate in half-duplex mode and use CSMA/CD (Carrier Sense Multiple Access with Collision Detection) to manage collisions that occur when multiple devices attempt to send data at the same time.
The other options are incorrect because they operate at higher layers of the OSI model and do not require half-duplex communication. A switch operates at Layer 2 (Data Link layer) and can manage traffic using MAC addresses, allowing full-duplex communication. A router operates at Layer 3 (Network layer) and directs traffic between different networks. A bridge also operates at Layer 2 and is used to divide network segments but supports full-duplex communication.
Which type of wireless network utilizes the 2.4 GHz frequency band and reaches speeds of up to 54 Mbps?
802.11a
802.11b
802.11ac
802.11n
802.11g
802.11ax
The correct answer is 802.11g. The 802.11g wireless standard operates in the 2.4 GHz frequency band and can achieve speeds of up to 54 Mbps. It was designed to be backward compatible with 802.11b and is widely used in many home and office networks.
The other options are incorrect because they operate on different frequency bands or have different speed capabilities. 802.11a operates on the 5 GHz band and has a maximum speed of 54 Mbps but is not compatible with 802.11b or g. 802.11ac operates in the 5 GHz band and supports much higher speeds, while 802.11n can operate on both the 2.4 GHz and 5 GHz bands and has higher potential speeds than 54 Mbps. 802.11ax (also known as Wi-Fi 6) improves upon 802.11ac with higher speeds and efficiency but also operates in the 2.4 GHz and 5 GHz bands.
Which type of wireless network utilizes the 5 GHz frequency band and reaches speeds of up to 54 Mbps?
802.11ac
802.11n
802.11g
802.11b
802.11a
802.11ax
The correct answer is 802.11a. The 802.11a wireless standard operates in the 5 GHz frequency band and can reach speeds of up to 54 Mbps. It was one of the first standards to utilize the 5 GHz band, providing higher speeds and less interference compared to 2.4 GHz bands.
The other options are incorrect for the following reasons. 802.11ac operates on the 5 GHz band as well, but it supports much higher speeds than 54 Mbps. 802.11n can operate on both the 2.4 GHz and 5 GHz bands, and it can exceed 54 Mbps in terms of speed. 802.11g operates in the 2.4 GHz band, and 802.11b also operates in the 2.4 GHz band, both of which do not meet the criteria for the 5 GHz frequency. 802.11ax (Wi-Fi 6) operates on both 2.4 GHz and 5 GHz bands but also offers significantly higher speeds than 54 Mbps.
Elizabeth was replacing a client’s security device that protects their screened subnet. The client has an application that allows external users to access the application remotely. After replacing the devices, the external users cannot connect remotely to the application anymore. Which of the following devices was MOST likely misconfigured and is now causing a problem?
DNS
DHCP
Content filter
Firewall
The correct answer is Firewall. Since the external users cannot connect to the application after the replacement of the security device, it’s likely that the new firewall has misconfigured rules or settings that are preventing access to the application. Firewalls control incoming and outgoing traffic based on pre-established rules, and any changes in configuration can lead to connectivity issues for remote users.
The other options are less likely to be the cause of the problem. DNS issues would typically manifest as a failure to resolve the application’s domain name, not as a direct connection failure once the domain is resolved. DHCP provides IP addresses to devices on the network, and unless there was a failure in assigning addresses, it wouldn’t directly affect the connectivity for external users accessing the application. A Content filter may block certain types of content or websites, but it wouldn’t typically prevent access to an application unless specifically configured to do so. In this scenario, the firewall is the most plausible source of the connectivity issue.
A client has asked you to provide their local office with the BEST solution for a wireless network based on their requirements. The client has stated that their users will need a wireless network that provides a maximum of 54 Mbps of bandwidth and operates in the 2.4GHz frequency band. Which of the following wireless network types should you install to meet their needs?
802.11ac
802.11b
802.11a
802.11g
The correct answer is 802.11g. This wireless standard operates in the 2.4 GHz frequency band and supports speeds of up to 54 Mbps, which aligns perfectly with the client’s requirements.
The other options are incorrect for the following reasons. 802.11ac operates primarily in the 5 GHz band and provides significantly higher speeds, which are not needed in this scenario. 802.11b also operates in the 2.4 GHz band, but it has a maximum speed of 11 Mbps, which does not meet the client’s bandwidth requirement. 802.11a operates in the 5 GHz band and supports speeds of up to 54 Mbps, but it does not fulfill the requirement of operating in the 2.4 GHz band. Thus, 802.11g is the most suitable choice for this wireless network installation.
Which type of wireless network utilizes the 5 GHz frequency band and reaches speeds of up to 3.5 Gbps?
802.11g
802.11b
802.11a
802.11n
802.11ax
802.11ac
The correct answer is 802.11ac. This wireless standard operates in the 5 GHz frequency band and can achieve speeds of up to 3.5 Gbps under optimal conditions, making it suitable for high-bandwidth applications.
The other options are incorrect for the following reasons. 802.11g operates in the 2.4 GHz band and reaches speeds up to 54 Mbps. 802.11b also operates in the 2.4 GHz band, with a maximum speed of 11 Mbps. 802.11a operates in the 5 GHz band but has a maximum speed of 54 Mbps, which is significantly lower than 802.11ac. 802.11n can operate in both the 2.4 GHz and 5 GHz bands, with speeds up to 600 Mbps, but it does not reach the higher speeds offered by 802.11ac. Therefore, 802.11ac is the correct choice for a wireless network that utilizes the 5 GHz frequency band and achieves speeds up to 3.5 Gbps.
Your company is experiencing slow network speeds of about 54Mbps on their wireless network. You have been asked to perform an assessment of the existing wireless network and recommend a solution. You have recommended that the company upgrade to an 802.11n or 802.11ac wireless infrastructure to obtain higher network speeds. Which of the following technologies allows an 802.11n or 802.11ac network to achieve a speed greater than 54 Mbps?
MIMO
WPA2
LWAPP
PoE
The correct answer is MIMO. Multiple Input Multiple Output (MIMO) technology allows 802.11n and 802.11ac networks to achieve significantly higher speeds than the older standards like 802.11g, which is capped at 54 Mbps. MIMO achieves this by using multiple antennas at both the transmitter and receiver ends, enabling simultaneous data streams and effectively increasing the data throughput.
The other options are incorrect for the following reasons. WPA2 is a security protocol used to encrypt wireless data but does not impact the speed of the network. LWAPP (Lightweight Access Point Protocol) is used for managing wireless access points in a network but does not directly enhance the speed of the wireless connection. PoE (Power over Ethernet) provides power to devices like access points over Ethernet cables, but it also does not influence wireless speed. Therefore, MIMO is the key technology that enables higher speeds in 802.11n and 802.11ac networks.
Your company is currently using a 5 GHz wireless security system, so your boss has asked you to install a 2.4 GHz wireless network to use for the company’s computer network to prevent interference. Which of the following can NOT be installed to provide a 2.4 GHz wireless network?
802.11b
802.11g
802.11ac
802.11n
The correct answer is 802.11ac. This wireless standard primarily operates in the 5 GHz frequency band, which means it cannot be used to create a 2.4 GHz wireless network.
The other options can be installed for a 2.4 GHz network. 802.11b and 802.11g both operate exclusively in the 2.4 GHz band, with 802.11b supporting speeds up to 11 Mbps and 802.11g supporting speeds up to 54 Mbps. 802.11n can operate in both the 2.4 GHz and 5 GHz bands, making it versatile for creating a 2.4 GHz network as well. Therefore, 802.11ac is the only option that cannot be installed for a 2.4 GHz wireless network.
What is true concerning jumbo frames?
They are commonly used with DHCP
Their MTU size is less than 1500
They are commonly used on a SAN
They are commonly used with a NAS
The correct answer is they are commonly used on a SAN. Jumbo frames are Ethernet frames that have a larger maximum transmission unit (MTU) size than the standard 1500 bytes, typically ranging from 9000 bytes to 9216 bytes. This larger frame size is beneficial for reducing CPU overhead and improving network efficiency, especially in storage area networks (SANs) where large amounts of data are transferred.
The other options are incorrect for the following reasons. Jumbo frames are not commonly associated with DHCP, as DHCP relies on standard frame sizes. The statement that their MTU size is less than 1500 is also incorrect since jumbo frames are defined by having an MTU size greater than 1500 bytes. While jumbo frames can be used with NAS (Network Attached Storage) systems, they are particularly emphasized in SAN environments due to the high data transfer rates and large block sizes typically involved in storage operations. Thus, the most accurate statement concerning jumbo frames is that they are commonly used on a SAN.
Tamera just purchased a Wi-Fi-enabled Nest Thermostat for her home. She has hired you to install it, but she is worried about a hacker breaking into the thermostat since it is an IoT device. Which of the following is the BEST thing to do to mitigate Tamera’s security concerns? (Select TWO)
Configure the thermostat to use a segregated part of the network by installing it into a screened subnet
Enable two-factor authentication on the device’s website (if supported by the company)
Configure the thermostat to use the WEP encryption standard for additional confidentiality
Upgrade the firmware of the wireless access point to the latest version to improve the security of the network
Disable wireless connectivity to the thermostat to ensure a hacker cannot access it
Configure the thermostat to connect to the wireless network using WPA2 encryption and a long, strong password
The best actions to mitigate Tamera’s security concerns are to configure the thermostat to use a segregated part of the network by installing it into a screened subnet and to configure the thermostat to connect to the wireless network using WPA2 encryption and a long, strong password.
Configuring the thermostat to use a screened subnet (also called a separate VLAN) helps isolate the device from the main network, reducing the risk if the IoT device is compromised. Using WPA2 encryption with a strong password ensures that the connection between the thermostat and the network is secure, preventing unauthorized access.
For the exam, remember that securing IoT devices involves isolating them from critical network components and using strong, modern encryption like WPA2.
The network administrator is troubleshooting the switchports for a file server with dual NICs. The file server needs to be configured for redundancy, and the dual NICs need to be combined for maximum throughput. What feature on the switch should the network administrator ensure is enabled for best results?
LACP
Spanning tree
BPDU
Load balancing
The network administrator should ensure that LACP (Link Aggregation Control Protocol) is enabled for best results.
LACP allows the network administrator to combine multiple physical NICs (Network Interface Card) into a single logical link, which provides both redundancy and increased throughput. This feature ensures that if one NIC fails, the other can still maintain the connection. It also enables traffic distribution across both NICs for better performance.
For the exam, it’s important to know that LACP is used for link aggregation to improve throughput and provide redundancy by combining multiple network interfaces into a single, logical link.
An organization has hired you to upgrade its wired computer network. The network currently uses static routing for the internal network, but the organization wants to reconfigure it to use a dynamic routing protocol. The new dynamic routing protocol must support both IPv4 and VLSM. Based on the requirements provided, which of the following routing protocols should you enable and configure?
VRRP
OSPF
RIPv1
HSRP
The best routing protocol to enable and configure is OSPF (Open Shortest Path First).
OSPF is a dynamic routing protocol that supports both IPv4 and VLSM (Variable Length Subnet Masking), making it suitable for modern networks with subnetting requirements. OSPF is widely used for internal routing due to its efficiency and scalability. It also supports multiple areas and is a link-state protocol, which allows for more precise control over routing decisions.
For the exam, know that OSPF supports IPv4, VLSM, and is typically used in larger, more complex network environments. It is preferred over older protocols like RIPv1, which does not support VLSM.
Max is a network technician who just terminated the ends on a new copper cable used between two legacy switches. When he connects the two switches using the cable, they fail to establish a connection. What is MOST likely the issue?
The cable is a straight-through cable
The cable has RJ-11 connectors instead of RJ-45
The cable has exceeded bend radius limitations
The cable is a crossover cable
The most likely issue is that the cable is a straight-through cable.
Legacy switches often require a crossover cable to connect directly to each other without using a hub or switch in between. A straight-through cable connects devices of different types, like a switch to a computer. However, for two switches to communicate directly, a crossover cable is typically used to ensure the correct transmission and reception pins are connected.
For the exam, remember that straight-through cables are used for different device types (e.g., PC to switch), while crossover cables are needed for connecting like devices (e.g., switch to switch, router to router).
A network administrator needs to install a centrally located firewall that needs to block specific incoming and outgoing IP addresses without denying legitimate return traffic. Which type of firewall should the administrator install?
A stateful network-based firewall
A host-based stateless firewall
A stateless network-based firewall
A host-based stateful firewall
The correct answer is a stateful network-based firewall. This type of firewall is designed to monitor the state of active connections and can make decisions based on the context of the traffic, allowing it to block specific incoming and outgoing IP addresses while still permitting legitimate return traffic.
The other choices are incorrect for several reasons. A host-based stateless firewall does not track the state of connections and would not be able to differentiate between legitimate return traffic and unsolicited traffic, leading to potential issues with communication. A stateless network-based firewall also lacks the capability to maintain connection states, making it unable to properly manage return traffic. Finally, a host-based stateful firewall operates on individual devices rather than centrally, which would not meet the requirement for a centrally located solution.
Which of the following IEEE specifications describes the use of network authentication?
802.1d
802.3ad
802.3af
802.1x
The correct answer is 802.1x. This IEEE specification describes network authentication, specifically how it provides port-based access control for both wired and wireless networks. It ensures that only authenticated devices can access the network.
The other choices are incorrect because they refer to different technologies. 802.1d is related to spanning tree protocol, which prevents loops in network switches. 802.3ad defines link aggregation, allowing the bundling of multiple network connections to increase throughput. 802.3af refers to Power over Ethernet (PoE), which enables network cables to carry electrical power along with data. None of these are directly related to network authentication.
Which of the following encryption types was used by WPA to better secure wireless networks than WEP?
CCMP
AES
TKIP
IV
The correct answer is TKIP. Temporal Key Integrity Protocol (TKIP) was used by WPA (Wi-Fi Protected Access) to improve security over WEP (Wired Equivalent Privacy). TKIP provided dynamic key generation, making it more secure than WEP’s static key usage.
The other options are incorrect. AES (Advanced Encryption Standard) was used in WPA2, not WPA. CCMP is the encryption protocol that works with AES in WPA2. IV (Initialization Vector) is a value used in WEP, but it was vulnerable and part of what made WEP insecure.