Practice Exam #4

Question 1

You just started work as a network technician at Dion Training. You have been asked to determine if Ethernet0/0 is currently connected using OSPF or EIGRP on one of the network devices. Which of the following commands should you enter within the command line interface?

show route

show interface

show config

show diagnostic

Answer 1

show route

Overall explanation
OBJ-5.3: The “show route” command is used on a Cisco networking device to display the current state of the routing table for a given network device. To determine if Ethernet0/0 is connected using OSPF or EIGRP, you would need to use the “show route” command to display the current status. The “show configuration” command is used on a Cisco networking device to display the device’s current configuration. The “show interface” command is used on a Cisco networking device to display the statistics for a given network interface. The “show diagnostic” command is used on a Cisco networking device to display details about the hardware and software on each node in a networked device.

Question 2

A technician installs a new piece of hardware and now needs to add the device to the network management tool database. However, when adding the device to the tool using SNMP credentials, the tool cannot successfully interpret the results. Which of the following needs to be added to allow the network management tool to interpret the new device and control it using SNMP?

TRAP

MIB

GET

WALK

Answer 2

MIB

Overall explanation
OBJ-3.1: Management Information Base (MIB) is used for managing all entities on a network using Simple Network Management Protocol. It would allow the tool to interpret the information received correctly.

Question 3

Users connecting to an SSID appear to be unable to authenticate to the captive portal. Which of the following is the MOST likely cause of the issue?

SSL certificates

WPA2 security key

CSMA/CA

RADIUS

Answer 3

RADIUS

Overall explanation
OBJ-5.4: Captive portals usually rely on 802.1x, and 802.1x uses RADIUS for authentication. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. This defines port security. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server. The Remote Authentication Dial-in User Service (RADIUS) is used to manage remote and wireless authentication infrastructure. Users supply authentication information to RADIUS client devices, such as wireless access points. The client device then passes the authentication data to an AAA (Authentication, Authorization, and Accounting) server that processes the request. Secure Sockets Layer (SSL) is a security protocol developed by Netscape to provide privacy and authentication over the Internet. SSL is application-independent that works at layer 5 [Session] and can be used with a variety of protocols, such as HTTP or FTP. Client and server set up a secure connection through PKI (X.509) certificates. Carrier-sense multiple access with collision avoidance (CSMA/CA) is a type of network multiple access method that uses carrier sensing, but nodes attempt to avoid collisions by beginning transmission only after the channel is sensed to be idle. CSMA/CA occurs in the background when communicating with a wireless access point and would not prevent the user from authenticating to the captive portal. A WPA2 security key is a preshared password used to authenticate and connect to a wireless access point. If the user connected to the SSID, then the WPA2 security key was valid.

Question 4

You are installing a Small Office/Home Office (SOHO) network consisting of a router with 2 ports, a switch with 8 ports, and a hub with 4 ports. The router has one port connected to a cable modem and one port connected to switch port #1. The other 6 ports on the switch each have a desktop computer connected to them. The hub’s first port is connected to switch port #2. Based on the description provided, how many collision domains exist in this network?

9

11

8

3

Answer 4

9

Overall explanation
OBJ-2.1: Based on the description provided, there are 9 collision domains. Each port on the router is a collision domain (2), each port on the switch is a collision domain (8), and all of the ports on the hub make up a single collision domain (1). But, since one of the ports on the router is connected to one of the switch ports, they are in the same collision domain (-1). Similarly, the hub and the switch share a common collision domain connected over the switch port (-1). This gives us 9 collision domains total: the 8 ports on the switch and the 1 port on the route that is used by the cable modem.

Question 5

Rick is upset that he was passed over for a promotion. He decides to take revenge on his nemesis, Mary, who got the job instead of him. Rick sets up an on-path attack against Mary’s computer by redirecting any layer 2 traffic destined for the gateway to his computer first. Rick is careful only to affect the traffic associated with Mary’s computer and not the entire network. Which type of on-path attack is Rick conducting against Mary?

Evil twin

ARP poisoning

IP spoofing

MAC spoofing

Answer 5

ARP poisoning

Overall explanation
OBJ-4.2: Based on the scenario, we can eliminate evil twin (focused on wireless access points) and IP spoofing (since this affects layer 3 traffic). While MAC spoofing the gateway’s address might work, it would also affect every computer on this subnet. ARP poisoning (also known as ARP spoofing) is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network. This results in the linking of an attacker’s MAC address with the IP address of a legitimate computer or server on the network. By conducting an ARP spoofing, Rick can poison the cache and replace Mary’s computer’s MAC address and IP binding association with his own, allowing him to complete an on-path attack between Mary and the default gateway.

Question 6

A small law office has a network with three switches (8 ports), one hub (4 ports), and one router (2 ports). Switch 1 (switch port 8) is connected to an interface port (FastEthernet0/0) on the router. Switch 2 (switch port 8) and switch 3 (switch port 8) are connected to Switch 1 (switch ports 1 and 2). The hub has three computers plugged into it on ports 1, 2, and 3. The fourth port on the hub is connected to the router’s other interface port (FastEthernet0/1). Based on the configuration described here, how many broadcast domains are there within this network?

16

5

1

2

28

Answer 6

2

Overall explanation
OBJ-2.1: A broadcast domain is a logical division of a computer network in which all nodes can reach each other by broadcast at the data link layer. A broadcast domain can be within the same LAN segment, or it can be bridged to other LAN segments. Routers break up broadcast domains. Therefore there are two broadcast domains in this network - one for each side of the router (the three switches make up one broadcast domain, and the hub makes up the second broadcast domain).

Question 7

You just arrived at school today, pulled your laptop out of your backpack, and tried to connect your laptop to the Wi-Fi network. It worked fine yesterday, but today it won’t connect automatically or display any available networks. You haven’t done anything to the laptop since you left class yesterday. You ask your classmates if they can connect to the Wi-Fi, and every one of them is connected without any issues. What should you check FIRST in your attempt to connect your laptop to the Wi-Fi?

The configuration of the access point

IP address issued by the DHCP server

Wireless controller configuration

Wireless switch on your laptop

Answer 7

Wireless switch on your laptop

Overall explanation
OBJ-5.4: Since everyone else’s laptops are connected without any issues, the problem is not with the network but with your laptop in some form. This rules out the wireless controller configuration or access point settings since those are both things that would affect all users on the network. Additionally, as a student at the school, it is unlikely you have access to check the configuration of the access point or wireless controller. Since you are not connected or finding any networks, you won’t have a DHCP address assigned either. The most likely cause of your issue is that the wireless switch on your laptop was accidentally switched to the off position when you put your laptop in your backpack. Now, not all laptops have a wireless switch, but from the options provided, this is the most logical answer. If you have a MacBook, for example, they do not use a physical wireless switch. If you are troubleshooting this issue using the bottom-to-top methodology, you would start with layer 1 of the OSI model, the physical layer. In this case, the physical layer would relate to your wireless networking card and the radio frequencies it is supposed to transmit.

Question 8

Which of the following ports should be allowed to enable access to certain VoIP applications?

3306

5060

110

139

Answer 8

5060

Overall explanation
OBJ-1.5: Session Initiation Protocol (SIP) uses ports 5060 and 5061, and is a signaling protocol for initiating, maintaining, and terminating real-time sessions that include voice, video, and messaging applications. Post Office Protocol version 3 (POP3) uses port 110 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Server Message Block (SMB) uses ports 139 and 445, and is a network file sharing protocol that runs on top of the NetBIOS architecture in Windows environments. MySQL uses ports 3306 and is an open-source relational database management system that is fully compatible with the structured query language (SQL).

Question 9

Which cellular technology is compromised of LTE and LTE-A to provide higher data speeds than previous cellular data protocols?

4G

3G

5G

WMN

Answer 9

4G

Overall explanation
OBJ-2.4: 4G cellular technology is made up of LTE and LTA-A. Long Term Evolution (LTE) is a packet data communications specification providing an upgrade path for both GSM and CDMA2000 cellular networks. LTE has a theoretical speed of 150 Mbps and a real-world speed of around 20 Mbps. LTE Advanced (LTE-A) has a theoretical speed of 300 Mbps and a real-world speed of around 40 Mbps. 5G cellular technology is made up of three different types: low-band, mid-band, and high-band mmWave technology. Low-band 5G reaches an average speed of 55 Mbps with a theoretical speed of 150 Mbps. Mid-band 5G reaches an average speed of 150 Mbps with a theoretical speed of 1.5 Gbps. High-band 5G reaches an average speed of 3 Gbps with a theoretical speed of up to 70 Gbps. 3G cellular technology is made up of two different technologies: HSPA+ and EV-DO. HSPA+ (Evolved High-Speed Packet Access) is a 3G standard used for GSM cellular networks and can support up to a theoretical download speed of 168 Mbps and a theoretical upload speed of 34 Mbps. In the real world, though, HSPA+ normally reaches speeds around 20 Mbps. EV-DO (Evolution-Data Optimized) is a 3G standard used for CDMA cellular networks and can support up to 3.1 Mbps downloads. A wireless mesh network (WMN) is a wireless network topology where all nodes, including client stations, can provide forwarding and path discovery to improve coverage and throughput compared to using just fixed access points and extenders.

Question 10

A network technician is tasked with designing a firewall to improve security for an existing FTP server on the company network. The FTP server must be accessible from the Internet. The security team is concerned that the FTP server could be compromised and used to attack the domain controller hosted within the company’s internal network. What is the BEST way to mitigate this risk?

Add a deny rule to the firewall’s ACL that blocks port 21 outbound

Configure the firewall to utilize an implicit deny statement

Migrate the FTP server from the internal network to a screened subnet

Upgrade the FTP server to an SFTP server since it is more secure

Answer 10

Migrate the FTP server from the internal network to a screened subnet

Overall explanation
OBJ-4.1: A screened subnet (formerly called a demilitarized zone or DMZ) is a perimeter network that protects an organization’s internal local area network (LAN) from untrusted traffic. A screened subnet is placed between the public internet and private networks. Public servers, such as the FTP server, should be installed in a screened subnet so that additional security mitigations like a web application firewall or application-aware firewall can be used to protect them. SFTP (Secure File Transfer Protocol) is a file transfer protocol that leverages a set of utilities that provide secure access to a remote computer to deliver secure communications by leveraging a secure shell (SSH) connection to encrypt the communication between the client and the server. This will prevent an attacker from eavesdropping on the communications between the SFTP server and a client, but it will not prevent an attacker from exploiting the SFTP server itself. An implicit deny is when a user or group is not granted specific permission in the security settings of an object, but they are not explicitly denied either. This is a best practice to enable, but the FTP server would still have some open ports, such as ports 20 and 21, to operate. These ports could then be used by the attacker to connect to the FTP server and exploit it. Adding a deny rule to the firewall’s ACL that blocks port 21 outbound would simply prevent internal network users and servers from accessing external FTP servers. This would in no way prevent the exploitation of the company’s FTP server since it has port 21 open and listening for inbound connections.

Question 11

Which of the following technologies is not commonly used by a captive portal to perform user redirection?

ICMP redirect

HTTP redirect

DNS redirect

DHCP redirect

Answer 11

DHCP redirect

Overall explanation
OBJ-4.3: In general, captive portals are implemented by using an HTTP redirect, an ICMP redirect, or a DNS redirect. A captive portal is a web page accessed with a web browser that is displayed to newly connected users of a wireless network before they are granted broader access to network resources. Captive portals are commonly used to present a landing or log-in page which may require authentication, payment, acceptance of an end-user license agreement, acceptable use policy, survey completion, or other information prior to allowing access to the network and its resources.

Question 12

Which of the following ethernet standards is used with a single-mode fiber optic cable?

40GBase-T

10GBase-LR

10GBase-SR

1000Base-T

Answer 12

10GBase-LR

Overall explanation
OBJ-1.3: 10GBase-LR is a standard for 10 Gigabit Ethernet over single-mode fiber optic cabling. 10GBase-SR is a 10 Gigabit Ethernet LAN standard for use with multimode fiber optic cables using short-wavelength signaling. 1000Base-T and 40GBase-T are ethernet standards that use copper wiring. For the exam, remember the memory aid, “S is not single,” which means that if the naming convention does not contain Base-S as part of its name then it uses a single-mode fiber cable.

Question 13

A new piece of malware attempts to exfiltrate user data by hiding the traffic and sending it over a TLS-encrypted outbound traffic over random ports. What technology would be able to detect and block this type of traffic?

Stateless packet inspection

Intrusion detection system

Application-aware firewall

Stateful packet inspection

Answer 13

Application-aware firewall

Overall explanation
OBJ-4.2: A web application firewall (WAF) or application-aware firewall would detect both the accessing of random ports and TLS encryption and identify it as suspicious. An application-aware firewall can make decisions about what applications are allowed or blocked by a firewall, and TLS connections are created and maintained by applications. A stateless packet inspection firewall allows or denies packets into the network based on the source and destination IP address or the traffic type (TCP, UDP, ICMP, etc.). A stateful packet inspection firewall monitors the active sessions and connections on a network. The process of stateful inspection determines which network packets should be allowed through the firewall by utilizing the information it gathered regarding active connections as well as the existing ACL rules. Neither a stateless nor stateful inspection firewall operates at layer 6 or layer 7, so they cannot inspect TLS connections. An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. An IDS only monitors the traffic on the network, it cannot block traffic.

Question 14

Which of the following wireless technologies use MIMO on non-overlapping channels to increase the wireless network’s bandwidth?

802.11n

802.11b

802.11a

802.11g

Answer 14

802.11n

Overall explanation
OBJ-2.4: 802.11n introduced MIMO support on non-overlapping channels to increase the bandwidth available for the wireless network. This is also supported in 802.11ac (MU-MIMO), which was released after 802.11n. The other wireless networking technologies (a/b/g) do not support MIMO.

Question 15

Which of the following types of agreements is a non-legally binding document used to detail what common actions each party intends to perform?

AUP

NDA

SLA

MOU
.

Answer 15

MOU

Overall explanation
OBJ-3.2: A memorandum of understanding (MOU) is a non-binding agreement between two or more organizations to detail what common actions they intend to take. A non-disclosure agreement (NDA) is a documented agreement between two parties that define what data is considered confidential and cannot be shared outside of that relationship. An NDA is used to protect an organization’s intellectual property. A service level agreement (SLA) is a documented commitment between a service provider and a client, where the quality, availability, and responsibilities are agreed upon by both parties. An acceptable use policy (AUP) is a set of rules applied by the owner, creator, or administrator of a network, website, or service, that restrict how the network, website, or system may be used and sets guidelines as to how it should be used.

Question 16

Dion Training is afraid that an attacker might try to send other types of network traffic over port 80 to bypass their security policies. Which of the following should they implement to prevent unauthorized traffic from entering through the firewall?

Application-aware firewall

Stateful packet inspection

HTTPS (SSL/TLS)

Stateless packet inspection

Answer 16

Application-aware firewall

Overall explanation
OBJ-2.1: An application-aware firewall can make decisions about what applications are allowed or blocked by a firewall, as opposed to simply using IP addresses and port numbers, by applications by inspecting the data contained within the packets. A stateless packet inspection firewall allows or denies packets into the network based on the source and destination IP address or the traffic type (TCP, UDP, ICMP, etc.). A stateful packet inspection firewall monitors the active sessions and connections on a network. The process of stateful inspection determines which network packets should be allowed through the firewall by utilizing the information it gathered regarding active connections as well as the existing ACL rules. Neither a stateless nor stateful inspection firewall operates at layer 6 or layer 7, so they cannot inspect the contents of the packet to ensure it contains HTTP traffic and not other types of network traffic. HTTPS (SSL/TLS) would allow for an encrypted communication path between the webserver and the client, but this would not prevent an attacker from sending other network protocol data over port 80 and bypassing the firewall rules.

Question 16

You are troubleshooting an older wireless network that is running Wireless G (802.11g). This network appears to have a lot of collisions and interference. You look up the configuration on two of the three access points in the areas and see they are using Channel 1 and Channel 11. To prevent interference and ensure non-overlapping of the channels, what channel should the third access point utilize?

Channel 5

Channel 8

Channel 7

Channel 6

Answer 16

Channel 6

Overall explanation
OBJ-2.4: With wireless access points that run 2.4 GHz frequencies, you can only select channels between 1 and 11 in the United States. This includes 802.11b, 802.11g, 802.11n, and 802.11ax networks. To prevent overlapping of the channels, you should select channels 1, 6, and 11. By doing so, you can increase the reliability and throughput of your wireless network.

Question 17

Which of the following IEEE specifications describes the use of the link aggregation control protocol (LACP)?

802.1x

802.1d

802.3ad

802.3af

Answer 17

802.3ad

Overall explanation
OBJ-2.3: Link Aggregation Control Protocol or LACP is one element of an IEEE specification (802.3ad) that provides guidance on the practice of link aggregation for data connections. The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that results from them. STP is defined in the IEEE 802.1d standard. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. This defines port security. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server. Power over Ethernet (POE) is a technology that lets network cables carry electrical power. POE is defined in the IEEE 802.3af.

Question 18

Which communication technology would MOST likely be used to increase bandwidth over an existing fiber-optic network by combining multiple signals at different wavelengths?

DWDM

LACP

FCoE

ADSL

Answer 18

DWDM

Overall explanation
OBJ-1.2: Dense wavelength-division multiplexing (DWDM) is a high-speed optical network type commonly used in MANs (metropolitan area networks). DWDM uses as many as 32 light wavelengths on a single fiber, where each wavelength can support as many as 160 simultaneous connections. Asymmetric digital subscriber line (ADSL) is a type of digital subscriber line technology, a data communications technology that enables faster data transmission over copper telephone lines than a conventional voiceband modem can provide. The link aggregation control protocol (LACP) is used to combine multiple network connections in parallel by any of several methods, in order to increase throughput beyond what a single connection could sustain, to provide redundancy in case one of the links should fail, or both. LACP would require bundling multiple fiber optic cables together to increase bandwidth, therefore it wouldn’t use your existing fiber-optic network to increase the bandwidth as it would need additional cables. Fibre Channel over Ethernet (FCoE) is a method of supporting converged Fibre Channel (FC) and Ethernet traffic on a data center bridging (DCB) network. FCoE encapsulates unmodified FC frames in Ethernet to transport the FC frames over a physical Ethernet network.

Question 19

What tool would a network technician use to troubleshoot a span of single-mode fiber cable?

Punchdown tool

Cable tester

Spectrum analyzer

OTDR

Answer 19

OTDR

Overall explanation
OBJ-5.2: An optical time-domain reflectometer (OTDR) is an optoelectronic instrument used to characterize an optical fiber. An OTDR is the optical equivalent of an electronic time-domain reflectometer. A fiber light meter would also be a good option to test a fiber cable. A punchdown tool or cable tester is used with twisted-pair copper cables, not fiber optic cables. A spectrum analyzer is used to measure the radio frequency in use by a network, but fiber optic cables do not use the radiofrequency of electricity and instead use light as its transmission mechanism

Question 20

Which of the following wireless technologies use MU-MIMO on non-overlapping channels to increase the wireless network’s bandwidth?

802.11b

802.11n

802.11ac

802.11g

Answer 20

802.11ac

Overall explanation
OBJ-2.4: Multi-user, multiple-input, multiple-output technology (MU-MIMO) allows a wireless access point to communicate with multiple devices simultaneously to decrease the time each device has to wait for a signal and dramatically speeds up the entire wireless network. The 802.11ac standard introduced MU-MIMO support on non-overlapping channels to increase the bandwidth available for the wireless network. The older 802.11n utilized MIMO. The other wireless networking technologies (a/b/g) do not support MIMO. The newer 802.11ax does support a newer version of MU-MIMO called UL MU-MIMO.

Question 21

You are trying to connect to another server on the network but are unable to ping it. You have determined that the other server is located on the 10.0.0.1/24 network, but your workstation is located on the 192.168.1.1/24 network. Which of the following tools should you use to begin troubleshooting the connection between your workstation and the server?

ifconfig

netstat

dig

traceroute

Answer 21

traceroute

Overall explanation
OBJ-5.3: The traceroute command is used on Linux, Unix, and OS X devices to show details about the path that a packet takes from a host to a target and displays information about each hop in the path. While using ping will tell you if the remote website is reachable or not, it will not tell you where the connection is broken. Traceroute performs a series of ICMP echo requests to determine which device in the connection path is not responding appropriately. This will help identify if the connectivity issue lies within your workstation and the server since the traffic must be routed between the two networks. The dig command is used to query the domain name system (DNS) to obtain information about host addresses, mail exchanges, nameservers, and related information. The ifconfig tool is used on Linux, Unix, and OS X devices to display the current TCP/IP network configuration, assign an IP address, and assign configure TCP/IP settings for a given network interface. The dig command is used to query the domain name system (DNS) to obtain information about host addresses, mail exchanges, nameservers, and related information.

Question 22

A network administrator is assigned an approved change request with a change window of 120 minutes. After 90 minutes, the change is stuck on step five of a five-step change. The network manager decides to initiate a rollback. Which describes what the network administrator should do next?

Return the system back to the original state before the change

Request additional time since the change is near completion

Return the system to step four since this was the last working step

Leave the change as is and inform users of a workaround

Answer 22

Return the system back to the original state before the change

Overall explanation
OBJ-3.2: By performing a rollback, the administrator will change everything back to the last known good configuration before the change is started. This would involve resetting everything back to how it was before the configuration and installation of the changes were begun in this maintenance window

Question 23

Dion Training is configuring a new branch office in Florida and wants to assign it a portion of their public Class C IPv4 address space. Dion Training has been assigned a Class C scope of 187.15.3.0/24. The new branch office in Florida will require 23 devices that will need IP addresses assigned. What is the correct CIDR notation for the new subnet in order to accommodate the 23 devices while allocating the minimum number of addresses?

/29

/27

/28

/26

Answer 23

/27

Overall explanation
OBJ-1.4: To answer this question, you must be able to perform a basic subnetting calculation. First, you need to determine the number of IP addresses that will be needed. In this scenario, you have 23 clients that will each need an IP address, but you also need one IP address for the network and a second IP for the broadcast. This means you need 25 IP addresses total. IP addresses are assigned in multiples of 2 (1, 2, 4, 8, 16, 32, 64, 128, 256). Since we need 25 IP addresses, we need to round up to a block of 32. To symbolize a CIDR block with 32 IP addresses, we would use /27, which is 2^5 = 2

Question 24

A technician installs three new switches to a company’s infrastructure. The network technician notices that all the switchport lights at the front of each switch flash rapidly when powered on and connected. After about a minute, the switches return to normal operation. Additionally, there are rapidly flashing amber lights on the switches when they started up the next day. What is happening to the switches?

The switches are connected and detected a spanning tree loop

The switches are having problems communicating with each other

The switches are running through their spanning tree process

The switches are not functioning properly and need to be disconnected

Answer 24

The switches are running through their spanning tree process

Overall explanation
OBJ-5.5: The switch port lights flashing is indicating that the switch is performing the spanning tree process. The Spanning Tree Protocol (STP) is responsible for identifying links in the network and shutting down the redundant ones, preventing possible network loops. To do so, all switches in the network exchange BPDU messages between them to agree upon the root bridge. When spanning tree protocol is enabled on a switch, the switchports will go through five port states: blocking, listening, learning, forwarding, and disabled to create a loop-free switching environment.

Question 25

An organization wants to choose an authentication protocol that can be used over an insecure network without implementing additional encryption services. Which of the following protocols should they choose?

Kerberos

RADIUS

PAP

TACACS+

Answer 25

Kerberos

Overall explanation
OBJ-4.1: The Kerberos protocol is designed to send data over insecure networks while using strong encryption to protect the information. RADIUS, TACACS+, and PAP are all protocols that contain known vulnerabilities that would require additional encryption to secure them during the authentication process.

Question 26

A small law office has a network with three switches (8 ports), one hub (4 ports), and one router (2 ports). Switch 1 (switch port 8) is connected to an interface port (FastEthernet0/0) on the router. Switch 2 (switch port 8) and switch 3 (switch port 8) are connected to Switch 1 (switch ports 1 and 2). The hub has three computers plugged into it on ports 1, 2, and 3. The fourth port on the hub is connected to the router’s other interface port (FastEthernet0/1). Based on the configuration described here, how many collision domains are there within this network?

1

8

2

4

Answer 26

4

Overall explanation
OBJ-2.1: A collision domain is a network segment connected by a shared medium or through repeaters where simultaneous data transmissions collide with one another. Hubs do not break up collision domains, but routers and switches do. For each switchport or interface on a switch or router, there is a new collision domain. Therefore, in this network, you will have one collision domain for the hub and its clients that are connected to FastEthernet0/1. There is a second collision domain for the router’s other interface (FastEthernet0/0) that is shared with Switch 1 (switch port 8). There is a third collision domain for the connection between Switch 2 and Switch 1, and a fourth domain for the connection between Switch 3 and Switch 1. If there were additional clients on any of these switches, each client would also be a part of its own collision domain, but since none were mentioned, we only have 4 collision domains in this network.

Question 27

Your boss has asked you to select the technology for a new wireless network for the office. She stated that the new network must allow users to connect their laptops, smartphones, and tablets wirelessly using a 5GHz frequency. The technology selected should utilize the longest range possible without signal loss. Which of the following wireless technologies should be selected to meet these requirements?

802.11ac

802.11a

802.11b

802.11g

Answer 27

802.11ac

Overall explanation
OBJ-2.4: To meet these requirements, you should recommend 802.11ac because it allows for faster speeds than wireless b, g, and n, and it provides the longest ranges of the options provided. The 802.11ac can reach 115 feet (35 meters) using 8 MIMO streams for higher bandwidth, or up to 230 feet (70 meters) using only 4 MIMO streams to provide greater coverage at a lower bandwidth. The 802.11ac (Wireless AC or Wi-Fi 5) standard utilizes a 5 GHz frequency to provide wireless networking at theoretical speeds up to 3.5 Gbps. Wireless AC uses channel bonding to create a single channel of up to 160 MHz to provide additional bandwidth. Wireless AC uses multi-user multiple-input-multiple-output (MU-MIMO) technology to use multiple antennas to transmit and receive data at higher speeds. The 802.11n (Wireless N) standard utilizes a 2.4 GHz frequency to provide wireless networking at speeds up to 108 Mbps or a 5.0 GHz frequency to provide wireless networking at speeds up to 600 Mbps. Wireless N supports the use of multiple-input-multiple-output (MIMO) technology to use multiple antennas to transmit and receive data at higher speeds. Wireless N supports channel bonding by combining two 20 MHz channels into a single 40 MHz channel to provide additional bandwidth. The 802.11g (Wireless G) standard utilizes a 2.4 GHz frequency to provide wireless networking at speeds up to 54 Mbps. The 802.11b (Wireless B) standard utilizes a 2.4 GHz frequency to provide wireless networking at speeds up to 11 Mbps.