Practice - Set A Flashcards by Kris G

A company has decided to update their usage policy to allow employees to surf the web unrestricted from their work computers. Which of the following actions should the IT security team implement to help protect the network from attack as a result of this new policy?

A. Install host-based anti-malware software

B. Implement MAC filtering on all wireless access points

C. Add an implicit deny to the core router ACL

D. Block port 80 outbound on the company firewall

E. Require users to utilize two-factor authentication

To protect the computers from employees installing malicious software they download on the internet, antimalware should be run on all systems.
After a single machine in a company is compromised and is running malicious software (malware), the attacker can then use that single computer to proceed further into the internal network using the compromised host as a pivot point. The malware may have been implemented by an outside attacker or by an inside disgruntled employee.

How well did you know this?

Not at all

Perfectly

An administrator notices an unused cable behind a cabinet that is terminated with a DB-9 connector. Which of the following protocols was MOST likely used on this cable?

A. RS-232

B. 802.3

C. ATM

D. Token ring

A DB-9 connector is used on serial cables. Serial cables use the RS-232 protocol which defines the functions of the 9 pins in a DB-9 connector. The RS-232 standard was around long before computers. It’s rare to see a new computer nowadays with a serial port but they were commonly used for connecting external analog modems, keyboards and mice to computers.

How well did you know this?

Not at all

Perfectly

A network technician has created a network consisting of an external internet connection, a DMZ, an internal private network, and an administrative network. All routers and switches should be configured to accept SSH connections from which of the following network segments?

A. The internal network since it is private

B. The admin private network allowing only admin access

C. The DMZ only allowing access from the segment with the servers

D. The internet connection to allow admin access from anywhere

How well did you know this?

Not at all

Perfectly

During a check of the security control measures of the company network assets, a network administrator is explaining the difference between the security controls at the company. Which of the following would be identified as physical security controls? (Select THREE).

A. RSA

B. Passwords

C. Man traps

D. Biometrics

E. Cipher locks

F. VLANs

G. 3DES

CDE

Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism.

C: A mantrap is a mechanical physical security devices for catching poachers and trespassers. They have taken many forms, the most usual being like a large foothold trap, the steel springs being armed with teeth which met in the victim’s leg.

D: Biometric authentication is a type of system that relies on the unique biological characteristics of individuals to verify identity for secure access to electronic systems. Biometric authentication is a physical security device.

E: Cipher locks are used to control access to areas such as airport control towers, computer rooms, corporate offices, embassies, areas within financial institutions, research and development laboratories, and storage areas holding weapons, controlled substances, etc. Cipher locks are physical security devices.

How well did you know this?

Not at all

Perfectly

A customer is attempting to download a file from a remote FTP server, but receives an error that a connection cannot be opened. Which of the following should be one FIRST to resolve the problem?

A. Ensure that port 20 is open

B. Ensure that port 161 is open

C. Flush the DNS cache on the local workstation

D. Validate the security certificate from the host

How well did you know this?

Not at all

Perfectly

While monitoring the network, a technician notices that the network traffic to one of the servers is extremely high. Which of the following should the technician use to verify if this is a concern?

A. Log management

B. Network diagram

C. Network baseline

D. Real time monitor

How well did you know this?

Not at all

Perfectly

Which of the following integrity security mechanisms ensures that a sent message has been received intact, by the intended receiver?

A. IPSEC

B. SHA

C. DES

D. CRC

How well did you know this?

Not at all

Perfectly

A device operating at Layer 3 of the OSI model uses which of the following protocols to determine the path to a different network?

A. STP

B. RTP

C. RIP

D. NTP

E. SIP

How well did you know this?

Not at all

Perfectly

A technician needs to install a server to authenticate remote users before they have access to corporate network resources when working from home. Which of the following servers should the technician implement?

A. DNSSEC

B. PPP

C. RAS

D. VLAN

E. NAT

How well did you know this?

Not at all

Perfectly

A client is concerned about a hacker compromising a network in order to gain access to confidential research data. Which of the following could be implemented to redirect any attackers on the network?

A. DMZ

B. Content Filter

C. Botnet

D. Honeypot

How well did you know this?

Not at all

Perfectly

A technician just completed a new external website and setup access rules in the firewall. After some testing, only users outside the internal network can reach the site. The website responds to a ping from the internal network and resolves the proper public address. Which of the following could the technician do to fix this issue while causing internal users to route to the website using an internal address?

A. Configure NAT on the firewall

B. Implement a split horizon DNS

C. Place the server in the DMZ

D. Adjust the proper internal ACL

Split horizon DNS (also known as Split Brain DNS) is a mechanism for DNS servers to supply different DNS query results depending on the source of the request. This can be done by hardware-based separation but is most commonly done in software.
In this question, we want external users to be able to access the website by using a public IP address. To do this, we would have an external facing DNS server hosting a DNS zone for the website domain. For the internal users, we would have an internal facing DNS server hosting a DNS zone for the website domain. The external DNS zone will resolve the website URL to an external public IP address. The internal DNS server will resolve the website URL to an internal private IP address.

How well did you know this?

Not at all

Perfectly

Users are reporting extreme slowness across the network every Friday. Which of the following should the network technician review first to narrow down the root cause of the problem?

A. Baseline

B. Bottleneck

C. Utilization

D. Link status

How well did you know this?

Not at all

Perfectly

A company has contracted with an outside vendor to perform a service that will provide hardware, software, and procedures in case of a catastrophic failure of the primary datacenter. The Chief Information Officer (CIO) is concerned because this contract does not include a long-term strategy for extended outages. Which of the following should the CIO complete?

A. Disaster recovery plan

B. Business continuity plan

C. Service level agreement

D. First responder training

How well did you know this?

Not at all

Perfectly

The RAID controller on a server failed and was replaced with a different brand. Which of the following will be needed after the server has been rebuilt and joined to the domain?

A. Vendor documentation

B. Recent backups

C. Physical IP address

D. Physical network diagram

If the RAID controller fails and is replaced with a RAID controller with a different brand the RAID will break. We would have to rebuild a new RAID disk, access and restore the most recent backup to the new RAID disk.
Note: RAID controller is a hardware device or software program used to manage hard disk drives (HDDs) or solid-state drives (SSDs) in a computer or storage array so they work as a logical unit. In hardware-based RAID, a physical controller is used to manage the RAID array.

How well did you know this?

Not at all

Perfectly

A network technician is troubleshooting a problem at a remote site. It has been determined that the connection from router A to router B is down. The technician at the remote site re-terminates the CAT5 cable that connects the two routers as a straight through cable. The cable is then tested and is plugged into the correct interface. Which of the following would be the result of this action?

A. The normal amount of errors and the connection problem has been resolved.

B. The interface status will indicate that the port is administratively down.

C. The traffic will flow, but with excessive errors.

D. The interface status will show line protocol down.

Devices of different types are connected with a straight through cable (patch cable). In this case, it is used to connect two devices of the same type. It is for this reason that the interface will display the line protocol down status.

How well did you know this?

Not at all

Perfectly

Multiple students within a networking lab are required to simultaneously access a single switch remotely. The administrator checks and confirms that the switch can be accessed using the console, but currently only one student can log in at a time. Which of the following should be done to correct this issue?

A. Increase installed memory and install a larger flash module.

B. Increase the number of VLANs configured on the switch.

C. Decrease the number of VLANs configured on the switch.

D. Increase the number of virtual terminals available.

You can set a limit of how many virtual terminals that can simultaneously be connected to a switch. Here the limit is set to one, and we should increase it. For a Cisco network device:
You can use virtual terminal lines to connect to your Cisco NX-OS device, for example a switch. Secure Shell (SSH) and Telnet create virtual terminal sessions. You can configure an inactive session timeout and a maximum sessions limit for virtual terminals.
session-limit sessions Example:
switch(config-line)# session-limit 10
Configures the maximum number of virtual sessions for the Cisco NX-OS device. The range is from 1 to 64.

How well did you know this?

Not at all

Perfectly

Which of the following devices implements CSMA/CA virtually through the RTS/CTS protocols?

A. Firewall

B. Router

C. 802.11 AP

D. Switch

802.11 AP is a Wireless Access Point used in a wireless network.
If two computers on a network send data frames at the same time, a collision between the frames can occur. The frames are then discarded and the sending computers will attempt to send the data again.
Carrier sense multiple access with collision avoidance (CSMA/CA) is a protocol used in wireless networks where computers connected to the wireless network attempt to avoid collisions by transmitting data only when the channel is sensed to be “idle”. Carrier Sense Multiple Access/Collision Detect (CSMA/CD) is unreliable in wireless networks because computers connected to the wireless network often cannot see each other so CSMA/CA is a better option for avoiding collisions.
Request to Send/Clear to Send (RTS/CTS) can also be used to mediate access to the wireless network. This goes some way to alleviating the problem of computers not being able to see each other because in a wireless network, the Wireless Access Point only issues a “Clear to Send” to one node at a time.
With RTS/CTS, a Request to Send (RTS) packet is sent by the sending computer, and a Clear to Send (CTS) packet is sent by the intended receiver. This will alert all computers within range of the sender, receiver or both, to not transmit for the duration of the transmission. This is known as the IEEE 802.11 RTS/CTS exchange.

How well did you know this?

Not at all

Perfectly

A network technician wants to allow HTTP traffic through a stateless firewall. The company uses the 192.168.0.0/24 network. Which of the following ACL should the technician configure? (Select TWO)

A. PERMIT SRCIP 192.168.0.0/24 SPORT:80 DSTIP:192.168.0.0/24 DPORT:80

B. PERMIT SRCIP 192.168.0.0/24 SPORT:ANY DSTIP:ANY DPORT 80

C. PERMIT SRCIP:ANY SPORT:80 DSTIP:192.168.0.0/24 DPORT ANY

D. PERMIT SRCIP: ANY SPORT:80 DSTIP:192.168.0.0/24 DPORT:80

E. PERMIT SRCIP:192.168.0.0/24 SPORT:80 DSTIP:ANY DPORT:80

How well did you know this?

Not at all

Perfectly

A technician is troubleshooting a point-to-point fiber-optic connection. The technician is at a remote site and has no connectivity to the main site. The technician confirms the switch and the send-and-receive light levels are within acceptable range. Both fiber SFPs are confirmed as working. Which of the following should the technician use to reveal the location of the fault?

A. OTDR

B. Light meter

C. Tone generator

D. CSU/DSU

How well did you know this?

Not at all

Perfectly

Which of the following ports is used to provide secure sessions over the web by default?

A. 22

B. 25

C. 80

D. 5004

How well did you know this?

Not at all

Perfectly

A technician has punched down only the middle two pins (pins 4 and 5) on an ethernet patch panel. The technician has cabled this port to be used with which of the following?

A. 10baseT

B. POTS

C. 568B

D. 568A

How well did you know this?

Not at all

Perfectly

A technician is connecting a NAS device to an Ethernet network. Which of the following technologies will be used to encapsulate the frames?

A. HTTPS

B. Fibre channel

C. iSCSI

D. MS-CHAP

A NAS or a SAN will use either iSCSI or Fiber Channel. In this question, the NAS is connected to an Ethernet network. Therefore, iSCSI will most likely be used (Fiber Channel over Ethernet (FCoE) can be used but is less common). ISCSI means Internet SCSI. ISCSI uses TCP (Transmission Control Protocol) which enables it to be used over TCP/IP networks such as Ethernet.
For Fiber channel, a separate Fiber Channel network would be required unless FCoE is used.

How well did you know this?

Not at all

Perfectly

Peter, a network technician, is setting up a DHCP server on a LAN segment. Which of the following options should Peter configure in the DHCP scope, in order to allow hosts on that LAN segment using dynamic IP addresses, to be able to access the Internet and internal company servers? (Select THREE).

A. Default gateway

B. Subnet mask

C. Reservations

D. TFTP server

E. Lease expiration time of 1 day

F. DNS servers

G. Bootp

ABF

The question states that the client computers need to access the Internet as well as internal company servers. To access the Internet, the client computers need to be configured with an IP address with a subnet mask (answer B) and the address of the router that connects the company network to the Internet. This is known as the ‘default gateway’ (answer A).
To be able to resolve web page URLs to web server IP addresses, the client computers need to be configured with the address of a DNS server (answer F).

How well did you know this?

Not at all

Perfectly

Which of the following PDUs is used by a connectionless protocol?

A. Frames

B. Segments

C. Streams

D. Datagram

How well did you know this?

Not at all

Perfectly

A contractor is setting up and configuring conference rooms for a convention. The contractor sets up each room in the conference center to allow wired Internet access going to individual tables. The contractor measured the distance between the hotel’s patch panel to the jack, and the distance is within Cat 5e specifications. The contractor is concerned that the room will be out of specification if cables are run in each room from the wall jacks. Which of the following actions should the contractor take to ensure the cable runs meet specifications and the network functions properly? A. Place a switch at the hotel’s patch panel for connecting each room’s cables B. Place a switch on each table to ensure strong connectivity C. Place repeaters between the patch panel and the rooms D. place a switch at the wall jack and run the cables in the room from there

A technician installs a new piece of hardware and now needs to add the device to the network management tool database. However, when adding the device to the tool using SNMP credentials, the tool cannot successfully interpret the results. Which of the following would need to be added to the network management tool to allow it to interpret the new device and control it using SNMP? A. TRAP B. GET C. MIB D. WALK

A client reports that half of the office is unable to access a shared resource. Which of the following should be used to troubleshoot the issue? A. Data backups B. Network diagrams C. Baseline information D. Vendor documentation

A network technician is troubleshooting a network connection error, when pinging the default gateway no reply is received. The default gateway is found to be functioning properly but cannot connect to any workstations. At which of the following OSI layers could the problem exist? (Select TWO) A. Presentation B. Transport C. Session D. Data link E. Application F. Physical

A network engineer is dispatched to an employee office to troubleshoot an issue with the employee’s laptop. The employee is unable to connect to local and remote resources. The network engineer flips the laptop’s wireless switch on to resolve the issue. At which of the following layers of the OSI model was the issue resolved? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4 E. Layer 7

A The bottom layer of the OSI reference model is Layer 1, the physical layer. The physical layer is the layer that defines the hardware elements of a network. These elements include: Network Interface Cards Network topology Network cabling The type of signals used for data transmissions In this question, the network engineer flipped the laptop’s wireless switch on to resolve the issue. The laptop was unable to connect to the wireless network because the wireless network interface card was switched off. Switching the wireless network interface card on enabled the laptop to connect to the wireless network. The wireless network interface card is a physical layer device.

Which of the following protocols is used to encapsulate other network layer protocols such as multicast and IPX over WAN connections? A. MPLS B. ESP C. GRE D. PPP

A network technician has received comments from several users that cannot reach a particular website. Which of the following commands would provide the BEST information about the path taken across the network to this website? A. ping B. netstat C. telnet D. tracert

D The tracert command is used to determine the amount of hops a packet takes to reach a destination. It makes use of ICMP echo packets to report information at every step in the journey. This is how the path taken across the network is obtained.

A user is unable to connect to a server in another building. A technician is troubleshooting the issue and determines the following: 1) Client PC 1 has an IP address if 192.168.10.25/25 2) PC 1 can successfully ping its gateway of 192.168.10.1/25 which is an interface of router A 3) Server A is named ‘BLDGBFILESRVR01’ and has an IP address of 192.168.10.145/25 4) PC 2 with an IP address of 192.168.10.200/25 can successfully ping server A However, when PC 1 pings server A, it receives a destination host unreachable responds. Which of the following is the MOST likely cause? A. Link from router A to PC 1 are on different subnets B. Link from router A to server A is down C. Link from PC 1 to router A has duplex issues D. Link from server A top PC 2 is down

B PC 1 cannot connect to Server A. PC 1 and Server A are on different subnets that are connected by Router A. PC 1 can connect to Router A; therefore there is no problem with the link or IP address configuration between PC 1 and Router A. PC 2, which is on the same subnet as Server A, can connect to Server A; therefore Server A is up. As PC 1 can connect to Router A but cannot connect to Server A, and Server A is up; the problem must be the connection (link) between Router A and Server A.

A technician logs onto a system using Telnet because SSH is unavailable. SSH is enabled on the target device, and access is allowed from all subnets. The technician discovers a critical step was missed. Which of the following would allow SSH to function properly? A. Perform file hashing B. Generate new keys C. Update firmware D. Change default credentials

A network technician was tasked to install a network printer and share it to a group of five human resource employees. The technician plugged the device into a LAN jack, but was unable to obtain an IP address automatically. Which of the following is the cause of the problem? A. DNS B. Wrong TCP port C. Split horizon D. DHCP scope

Which of the following devices should a network administrator configure on the outermost part of the network? A. Media converter B. Switch C. Modem D. Firewall

A company has seen an increase in ransomware across the enterprise. Which of the following should be implemented to reduce the occurrences? A. ARP inspection B. Intrusion detection system C. Web content filtering D. Port filtering

C Ransomware is a type of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed. The best way to avoid ransomware include proactive measures like the following: Don’t click on any URL or open an attachment you are not expecting. Implement an email content filtering service Install a web content filtering service Invest in leading end point security software solutions

Jane, a network technician, has just installed a fiber switch in a datacenter. To run the fiber cabling, Jane plans the cable route over the top of the rack using the cable trays, down to the switch, coiling up any excess cable. As Jane configures the switch, she notices several messages in the logging buffer stating the receive signal of the SFP is too weak. Which of the following is MOST likely the cause of the errors in the logging buffer? A. Bend radius exceeded B. Fiber cable mismatch C. Fiber type mismatch D. Bad fiber switch

A technician add memory to a router, but that memory is never recognized by the router. The router is then powered down, and the technician relocates all of the memory to different modules. On startup, the router does not boot and displays memory errors. Which of the following is MOST likely the cause? A. VTP B. Driver update C. ESD D. Halon particles

When a client calls and describes a problem with a computer not being able to reach the Internet, in which of the following places of the OSI model would a technician begin troubleshooting? A. Transport layer B. Physical layer C. Network layer D. Session layer

B The bottom layer of the OSI reference model is Layer 1, the physical layer. The physical layer is the layer that defines the hardware elements of a network. These elements include: Network Interface Cards Network topology Network cabling The type of signals used for data transmissions When troubleshooting a network connectivity issue, the first thing you would check is the computer’s network cabling, the network card etc. In other words, the computer’s physical connection to the network.

Jane, a network technician, was asked to remove a virus. Issues were found several levels deep within the directory structure. To ensure the virus has not infected the .mp4 files in the directory, she views one of the files and believes it contains illegal material. Which of the following forensics actions should Jane perform? A. Erase the files created by the virus B. Stop and escalate to the proper authorities C. Check the remaining directories for more .mp4 files D. Copy the information to a network drive to preserve the evidence

B Computer forensics is about legal evidence found in computers and digital storage. A plan should include first responders securing the area and then escalating to senior management and authorities when required by policy or law.

A company is selecting a fire suppression system for their new datacenter and wants to minimize the IT system recovery period in the event of a fire. Which of the following is the best choice for the fire suppression system? A. Portable extinguishers B. Wet Pipe C. Clean Gas D. Dry Pipe

A network technician has configured a point-to-point interface on a router, however, once the fiber optic cables have been run, the interface will not come up. The technician has cleaned the fiber connectors and used an optical power meter to confirm that light is passing in both directions without excessive loss. Which of the following is the MOST likely cause? A. Distance limitation B. Wavelength mismatch C. cross-talk D. EMI E. Macro bend

After connecting a workstation directly to a small business firewall, a network administrator is trying to manage it via HTTPS without losing its stored configuration. The only two pieces of information that the network administrator knows about the firewall are the management interface MAC address, which is 01:4a:d1:fa:b1:0e, and the administrator’s password. Which of the following will allow the administrator to log onto the firewall via HTTPS if the management’s IP address is unknown and the administrator’s workstation IP address is 192.168.0.10/23? A. Use the reset button on the back of the firewall to restore it to its factory default, and then log onto B. Run the following command on the administrator’s workstation: arp –s 192.168.1.200 01:4a:d1:fa:b1:0e C. Use an SNMP tool to query the firewall properties and determine the correct management IP address D. Use a crossover cable to connect to the console port and reconfigure the firewall management IP to 192.168.0.1

B Address Resolution Protocol (ARP) is used to resolve IP addresses to MAC addresses. The arp –s command adds a static permanent address to the ARP cache. This will allow the administrator to access the firewall.

A network technician must create a wireless link between two buildings in an office park utilizing the 802.11ac standard. The antenna chosen must have a small physical footprint and minimal weight as it will be mounted on the outside of the building. Which of the following antenna types is BEST suited for this solution? A. Yagi B. Omni-directional C. Parabolic D. Patch

D A patch antenna is a type of radio antenna with a low profile, which can be mounted on a flat surface. A patch antenna is typically mounted to a wall or a mast and provides coverage in a limited angle pattern.

When configuring a new server, a technician requests that an MX record be created in DNS for the new server, but the record was not entered properly. Which of the following was MOST likely installed that required an MX record to function properly? A. Load balancer B. FTP server C. Firewall DMZ D. Mail server

D A mail exchanger record (MX record) is a DNS record used by email servers to determine the name of the email server responsible for accepting email for the recipient’s domain. For example a user sends an email to recipient@somedomain.com. The sending user’s email server will query the somedomain.com DNS zone for an MX record for the domain. The MX record will specify the hostname of the email server responsible for accepting email for the somedomain.com domain, for example, mailserver.somedomain.com. The sending email server will then perform a second DNS query to resolve mailserver.somedomain.com to an IP address. The sending mail server will then forward the email to the destination mail server.

A technician has finished configuring AAA on a new network device. However, the technician is unable to log into the device with LDAP credentials but is able to do so with a local user account. Which of the following is the MOST likely reason for the problem? A. Username is misspelled is the device configuration file B. IDS is blocking RADIUS C. Shared secret key is mismatched D. Group policy has not propagated to the device

C AAA through RADIUS uses a Server Secret Key (a shared secret key). A secret key mismatch could cause login problems. Authentication, authorization, and accounting (AAA) allows a network to have a single repository of user credentials. A network administrator can then, for example, supply the same credentials to log in to various network devices (for example, routers and switches). RADIUS and TACACS+ are protocols commonly used to communicate with an AAA server.

A user with an 802.11n WLAN card is connected to a SOHO network and is only able to connect at 11 Mbps with full signal strength. Which of the following standards is implemented on the network? A. 802.11a B. 802.11ac C. 802.11b D. 802.11g

C 802.11 is a set of IEEE standards that govern wireless networking transmission methods. The 802.11 standards commonly used today to provide wireless connectivity in home or office wireless networks are 802.11a, 802.11b, 802.11g, 802.11n and 802.11ac. 802.11b supports speeds up to 11Mbps and uses the 2.4GHz frequency. In this question, the user is using an 802.11n WLAN card. Although the 802.11n WLAN card can support speeds up to 300Mbps, the user is only able to connect at 11Mbps because the user is connected to a wireless network configured to use 802.11b.

A technician is attempting to resolve an issue with users on the network not being able to access websites. The technician pings the default gateway and DNS servers successfully. Pinging a website by URL is unsuccessful but using a known IP address is successful. Which of the following will resolve the issue? A. Update the HOST file with the URLs for all websites B. Use NSLOOKUP to resolve URLs C. Ensure ICMP messages can pass through the firewall D. Enable port 53 on the firewall

Which of the following ports should be allowed to provide access to certain VoIP applications? A. 110 B. 139 C. 1720 D. 5060

A company is deploying a new wireless network and requires 800Mbps network throughput. Which of the following is the MINIMUM configuration that would meet this need? A. 802.11ac with 2 spatial streams and an 80MHz bandwidth B. 802.11ac with 3 spatial streams and a 20MHz bandwidth C. 802.11ac with 3 spatial streams and a 40MHz bandwidth D. 802.11ac with 4 spatial streams and a 160MHz bandwidth

A Spatial streaming is used in wireless communications where multiple-input-multiple-output (MIMO) is being used. With MIMO, multiple antennas are used for transmission and reception. MIMO was available in 802.11n but its capabilities have been extended in 802.11ac. 802.11ac supports a mandatory 80 MHz channel bandwidth for stations (vs. 40 MHz maximum in 802.11n), 160 MHz available optionally and more (up to 8) special streams. A single antenna and 80 MHz channel bandwidth provides a bandwidth of 433Mbps. In this question, we need a minimum bandwidth of 800Mbps. Two antennas and 80 MHz channel bandwidth provides a bandwidth of 867Mbps and therefore meets the requirement.

A company recently upgraded all of its printers to networked multifunction devices. Users can print to the new devices, but they would also like the ability to scan and fax files from their computers. Which of the following should the technician update to allow this functionality? A. Device software B. Printer drivers C. Printer firmware D. NIC drivers

An administrator has a physical server with a single NIC. The server needs to deploy two virtual machines. Each virtual machine needs two NIC’s, one that connects to the network, and a second that is a server to server heartbeat connection between the two virtual machines. After deploying the virtual machines, which of the following should the administrator do to meet these requirements? A. The administrator should create a virtual switch for each guest. The switches should be configured for inter-switch links and the primary NIC should have a NAT to the corporate network B. The administrator should create a virtual switch that is bridged to the corporate network and a second virtual switch that carries intra-VM communication only C. The administrator should create a virtual switch to bridge all of the connections to the network. The virtual heartbeat NICs should be set to addresses in an unused range D. The administrator should install a second physical NIC onto the host, and then connect each guest machine’s NICs to a dedicated physical NIC

A network topology in which all nodes have point to point connections to all other nodes is known as which of the following? A. Mesh B. Ring C. Bus D. Star

A company has added several new employees, which has caused the network traffic to increase by 200%. The network traffic increase from the new employees was only expected to be 20% to 30%. The administration suspects that the network may have been compromised. Which of the following should the network administrator have done previously to minimize the possibility of a network breach? A. Create VLANs to segment the network traffic B. Place a network sniffer on segments with new employees C. Provide end user awareness and training for employees D. Ensure best practices were implemented when creating new user accounts

A network administrator has a monitoring system in place that is currently polling hundreds of network devices at regular intervals. The continuous polling is causing high CPU utilization on the server. Which of the following tasks should the administrator perform to resolve the CPU issue while maintaining full monitoring capabilities? A. Remove SNMP polling and configure SNMP traps on each network device B. Remove SNMP polling and implement snmpwalk on each network device C. Upgrade SNMP to the latest version to mitigate vulnerabilities D. Modify SNMP polling to poll only during business hours

A network engineer wants to a segment the network into multiple broadcast domains. Which of the following devices would allow for communication between the segments? A. Layer 2 switch B. Layer 3 switch C. Bridge D. Load balancer

Channel bonding will improve which of the following wireless characteristics? A. Signal strength B. Encryption strength C. Coverage area D. Connection speed

A technician is diagnosing an issue with a new T1 connection. The router is configured, the cable is connected, but the T1 is down. To verify the configuration of the router, which of the following tools should the technician use? A. Loopback adapter B. Cable tester C. Tone generator D. Multimeter

The management team wants to set up a wireless network in their office but all of their phones operate at the 2.4 GHz frequency. They need a wireless network that would be able to operate at a higher frequency than their phones. Which of following standards should be used? A. 802.11a B. 802.11b C. 802.11g D. 802.1x

A In this question, we need a wireless network that operates at a frequency higher than the 2.4GHz frequency. 802.11 is a set of IEEE standards that govern wireless networking transmission methods. The 802.11 standards commonly used today to provide wireless connectivity in home or office wireless networks are 802.11a, 802.11b, 802.11g, 802.11n and 802.11ac. The 802.11a standard supports speeds up to 54Mbps and uses the 5-GHz band.

A company installs a new mail server. Which of the following DNS records need to be configured to allow the organization to receive email? A. CNAME B. MX C. PTR D. A

A technician has prolonged contact with a thermal compound. Which of the following resources should be consulted? A. HCL B. MSDS C. SLA D. HVAC

B MSDS stands for Material Safety Data Sheet. An MSDS is a health and safety document that contains information on the potential hazards of working with a chemical product and how to work safely with the chemical product. In this question, the thermal compound is a chemical product so the MSDS will provide information about the effects of prolonged contact with the thermal compound.

Which of the following policies would Peter, a user, have to agree to when he brings in his personal tablet to connect to the company’s guest wireless Internet? A. NDA B. IRP C. BYOD D. SLA

Which of the following 802.11g antennas broadcast an RF signal in a specific direction with a narrow path? A. Omni-direction B. Unidirectional C. Patch D. Yagi

A facility would like to verify each individual’s identity prior to allowing access to the datacenter. Additionally,the facility would like to ensure that users do not tailgate behind other users. Which of the following would BEST meet these goals? A. Implement a biometric reader at the datacenter entrance and require passage through a mantrap B. Implement a security guard at the facility entrance and a keypad on the datacenter entrance C. Implement a CCTV camera and a proximity reader on the datacenter entrance D. Implement a biometric reader at the facility entrance and a proximity card at the datacenter entrance

A malicious student is blocking mobile devices from connecting to the internet when other students are in the classroom. Which of the following is the malicious student implementing? A. Removing the AP from the classroom B. ACL C. Jamming D. Firewall E. IPS

Jane, a system administrator, is troubleshooting an issue with a DNS server. She notices that the security logs have filled up and that they need to be cleared from the event viewer. She recalls this being a daily occurrence. Which of the following solutions would BEST resolve this problem? A. Increase the maximum log size B. Log into the DNS server every hour to check if the logs are full C. Install an event management tool D. Delete the logs when full

A single mode fiber is no longer providing network connectivity to a remote site. Which of the following would be used to identify the location of the break? A. MT-RJ B. OTDR C. Media converter D. Cable certifier

A company utilizes a patching server to regularly update their PC’s. After the latest round of patching all of the older PCs with non-gigabit Ethernet cards become disconnected from the network and now require a technician to fix the issue locally at each PC. Which of the following should be done to prevent this issue in the future? A. Enable automatic rebooting of the pCs after patching is completed B. Require the patching server to update the oldest PCs off hours C. Disable automatic driver updates to PCs on the patching server D. Throttle the connection speed of the patching server to match older PCs

A technician needs to limit the amount of broadcast traffic on a network and allow different segments to communicate with each other. Which of the following options would satisfy these requirements? A. Add a router and enable OSPF. B. Add a layer 3 switch and create a VLAN. C. Add a bridge between two switches. D. Add a firewall and implement proper ACL.

B We can limit the amount of broadcast traffic on a switched network by dividing the computers into logical network segments called VLANs. A virtual local area network (VLAN) is a logical group of computers that appear to be on the same LAN even if they are on separate IP subnets. These logical subnets are configured in the network switches. Each VLAN is a broadcast domain meaning that only computers within the same VLAN will receive broadcast traffic. To allow different segments (VLAN) to communicate with each other, a router is required to establish a connection between the systems. We can use a network router to route between the VLANs or we can use a ‘Layer 3’ switch. Unlike layer 2 switches that can only read the contents of the data-link layer protocol header in the packets they process, layer 3 switches can read the (IP) addresses in the network layer protocol header as well.

A technician discovers that multiple switches require a major update. Which of the following policies should be followed? A. Change management policy B. Remote access policy C. Acceptable use policy D. Memorandum of understanding

Two weeks after installation, a network technician is now unable to log onto any of the newly installed company switches. The technician suspects that a malicious user may have changed the switches’ settings before they were installed in secure areas. Which of the following is the MOST likely way in which the malicious user gained access to the switches? A. Via SSH using the RADIUS shared secret B. Via HTTP using the default username and password C. Via console using the administrator’s password D. Via SNMP using the default RO community

B A new network switch is accessed via HTTP to perform the initial configuration. The username and password used is a factory default.

A customer cannot access a company’s secure website. The company’s network security is reviewing the firewall for the server and finds the following output: [picture missing] Which of the following changes should be made to allow all customers to access the company’s secure website? A. Allow any any 10.5.0.10 443 B. Allow any any 12.73.15.5 443 C. Allow 10.5.0.10 443 any any D. Allow 10.5.0.10 any 10.5.0.10 80

A network administrator notices that the border router is having high network capacity loads during non-working hours which is causing web services outages. Which of the following is the MOST likely cause? A. Evil twin B. Session hijacking C. Distributed DoS D. ARP cache poisoning

When two or more links need to pass traffic as if they were one physical link, which of the following would be used to satisfy the requirement? A. Port mirroring B. 802.1w C. LACP D. VTP

C The Link Aggregation Control Protocol (LACP) enables you to assign multiple physical links to a logical interface, which appears as a single link to a route processor.

A network engineer is designing a new network for a remote site. The remote site consists of ten desktop computers, ten VoIP phones, and two network printers. In addition, two of the desktop computers at the remote site will be used by managers who should be on a separate network from the other eight computers. Which of the following represents the BEST configuration for the remote site? A. One router connected to one 24-port switch configured with three VLANS: one for the manager’s computers and printer, one for the other computers and printer, and one for the VoIP phones B. Two routers with each router connected to a 12-port switch, with a firewall connected to the switch connected to the manager’s desktop computers, VoIP phones, and printer C. One router connected to one 12-port switch configured for the manager’s computers, phones, and printer, and one 12-port switch configured for the other computers, VoIP phones, and printer D. One router connected to one 24-port switch configured with two VLANS: one for the manager’s computers, VoIP phones, and printer, and one for the other computers, VoIP phones, and printer

A company is experiencing very slow network speeds of 54Mbps. A technician has been hired to perform an assessment on the existing wireless network. The technician has recommended an 802.11n network infrastructure. Which of the following allows 802.11n to reach higher speeds? A. MU-MIMO B. LWAPP C. PoE D. MIMO

D One way 802.11n achieves superior throughput is through the use of a technology called multiple input, multiple output (MIMO). MIMO uses multiple antennas for transmission and reception.

A technician is setting up a direct connection between two older PCs so they can communicate but not be on the corporate network. The technician does not have access to a spare switch but does have spare Cat 6 cables, RJ-45 plugs, and a crimping tool. The technician cuts off one end of the cable. Which of the following should the technician do to make a crossover cable before crimping the new plug? A. Reverse the wires leading to pins 1 and 2 B. Reverse the wires leading to pins 1 and 3 C. Reverse the wires leading to pins 2 and 3 D. Reverse the wires leading to pins 2 and 4

A contractor was hired to troubleshoot congestion issues on the network. After a few of the switches have been reconfigured/upgraded by the contractor, congestion worsens and collisions increase. Which of the following is the BEST action to alleviate the situation? A. Allow the contractor to reset switches to factory defaults B. Check the cabling on all switches for improper crossover use C. Document the changes that were made D. Downgrade firmware and restore backup configuration

A network topology that utilizes a central device with point-to-point connections to all other devices is which of the following? A. Star B. Ring C. Mesh D. Bus

A A Star network is the most common network in use today. Ethernet networks with computers connected to a switch (or a less commonly a hub) form a star network. The switch forms the central component of the star. All network devices connect to the switch. A network switch has a MAC address table which it populates with the MAC address of every device connected to the switch. When the switch receives data on one of its ports from a computer, it looks in the MAC address table to discover which port the destination computer is connected to. The switch then unicasts the data out through the port that the destination computer is connected to.

Which of the following physical security controls prevents an attacker from gaining access to a network closet? A. CCTVs B. Proximity readers C. Motion sensors D. IP cameras

B A proximity card is a physical card which used to get access to a physical area such as a network closet. It is a “contactless” smart card which can be read without inserting it into a reader device, as required by earlier magnetic stripe cards such as credit cards and “contact” type smart cards. The proximity cards are part of the Contactless card technologies. Held near an electronic reader for a moment they enable the identification of an encoded number. Note: Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism.

The ability to make access decisions based on an examination of Windows registry settings, antivirus software, and AD membership status is an example of which of the following NAC features? A. Quarantine network B. Persistent agents C. Posture assessment D. Non-persistent agents

C Network Admission Control (NAC) can permit or deny access to a network based on characteristics of the device seeking admission, rather than just checking user credentials. For example, a client’s OS, Windows Registry settings, AD membership status, and version of antivirus software could be checked against a set of requirements before allowing the client to access a network. This process of checking a client’s characteristics is called posture assessment.

QoS operates at which of the following OSI model layers? (Select TWO) A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4 E. Layer 5

A system administrator wants to update a web-based application to the latest version. Which of the following procedures should the system administrator perform FIRST? A. Remove all user accounts on the server B. Isolate the server logically on the network C. Block all HTTP traffic to the server D. Install the software in a test environment

D We should test the new version of the application in a test/lab environment first. This way any potential issues with the new software would not affect the production environment. Set up a test lab on an isolated network in your organization. Do not set up your test lab in your production environment.

A service provider is unable to maintain connectivity to several remote sites at predetermined speeds. The service provider could be in violation of the: A. MLA. B. SLA. C. SOW. D. MOU.

B SLA stands for Service Level Agreement. This is a common document in business used to define a minimum standard of service that a customer can expect from a supplier. SLA’s are particularly common in the I.T. sector where a service provider is offering a service to a customer. As a customer, you want your hosted services and Internet or WAN connections to be available all the time. SLAs often guarantee 99.9% uptime for a service. In this question, the service provider is providing WAN links to remote sites with a guaranteed bandwidth on the WAN links. A failure to maintain the connectivity to the remote sites would be a violation of the Service Level Agreement (SLA).

A network technician is diagnosing a time-out issue generated from an end user’s web browser. The web browser issues standard HTTP get and post commands to interact with the website. Given this information, the technician would like to analyze the entire TCP handshake of the HTTP requests offline. Which of the following tools would allow the technician to view the handshake? A. Packet analyzer B. Port analyzer C. SNMP traps D. Spectrum analyzer

A technician wants to update the organization’s disaster recovery plans. Which of the following will allow network devices to be replaced quickly in the event of a device failure? A. Vendor documentation B. Archives/backups C. Proper asset tagging and labeling D. Network Baseline

A technician is troubleshooting a PC that is having intermittent connectivity issues. The technician notices that the STP cables pairs are not completely twisted near the connector. Which of the following is the issue? A. Cross-talk B. 568A/568B mismatch C. Tx/Rx reverse D. Split pairs

There is a network looping problem after installing some switches. The switch vendor suggested the use of 802.1d. Which of the following is the MOST probable reason the vendor made this suggestion? A. It is a rapid version of spanning tree that uses BPDU to detect problems B. It is a regular version of port mirroring that uses hellow packets to detect loops C. It is a simple version of spanning tree that uses BPDU to detect problems D. It is a rapid version of port mirroring that uses BPDU to detect problem

Which of the following would be the BEST addition to a business continuity plan that would protect business from a catastrophic event such as a fire, tornado, or earthquake? A. UPS and battery backups B. Fire suppression systems C. Building generator D. Hot sites or cold sites E. NAS and tape backups

A network engineer is troubleshooting an issue with a computer that is unable to connect to the Internet. The network engineer analyzes the following output from a command line utility: Network DestinationNetmaskGatewayInterface 192.168.1.0 255.255.255.0192.168.1.254eth0 192. 168.1.10255.255.255.255192.168.1.10eth0 127. 0.0.1255.0.0.0On-Linlo 127. 0.0.0255.0.0.0On-Linklo 255. 255.255.255255.255.255.255102.168.1.10eth0 Which of the following is the reason for the computer issue, given the above output? A. Wrong default gateway netmask B. Incorrect default gateway address C. Default gateway on the wrong interface D. Missing default gateway

D The output appears to be a result of running the netstat –r command. If the default gateway was present, the first line would show the Network Destination as 0.0.0.0 and the Netmask as 0.0.0.0.

Users have reported poor network performance. A technician suspects a user may have maliciously flooded the network with ping request. Which of the following should the technician implement to avoid potential occurrences from happening in the future? A. Block all ICMP request B. Update all antivirus software C. Remove all suspected users from the network D. Upgrade firmware on all network cards

Which of the following network infrastructure implementations would be used to support files being transferred between Bluetooth-enabled smartphones? A. PAN B. LAN C. WLAN D. MAN

A PAN stands for Personal Area Network. It is a network of devices in the area of a person typically within a range of 10 meters and commonly using a wireless technology such as Bluetooth or IR (Infra-Red).

The human resource department has been moved to an area which is more than 60 meters away from the nearest IDF. In order to comply with the SLA which requires that 10Gb speeds be provided, which of the following media will need to utilized? A. CAT6e B. CAT5e C. 802.11n D. 802.11ac

A technician has verified that a recent loss of network connectivity to multiple workstations is due to a bad CAT5 cable in the server room wall. Which of the following tools can be used to locate its physical location within the wall? A. Cable certifier B. Multimeter C. Cable tester D. Toner probe

D Toner probes are specifically used to trace cables hidden in floors, ceilings, or walls. They can also be used to track cables from the patch panels to their destinations.

The IT manager at a small firm is in the process of renegotiating an SLA with the organization’s ISP. As part of the agreement, the organization will agree to a dynamic bandwidth plan to provide 150Mbps of bandwidth. However, if the ISP determines that a host on the organization’s internal network produces malicious traffic, the ISP reserves the right to reduce available bandwidth to 1.5 Mbps. Which of the following policies is being agreed to in the SLA? A. Session hijacking B. Blocking C. Throttling D. Data usage limits E. Bandwidth quotas

A network administrator is setting up a web-based application that needs to be continually accessible to the end users. Which of the following concepts would BEST ensure this requirement? A. High availability B. Snapshots C. NIC teaming D. Cold site

A technician needs to secure web traffic for a new e-commerce website. Which of the following will secure traffic between a web browser and a website? A. SSL B. DNSSEC C. WPA2 D. MTU

A Secure Sockets Layer (SSL) provides cryptography and reliability for upper layers (Layers 5–7) of the OSI model. SSL (and TLS) provide secure web browsing (web traffic) via Hypertext Transfer Protocol Secure (HTTPS).

The administrator modifies a rule on the firewall, and now all the FTP users cannot access the server any longer. The manager calls the administrator and asks what caused the extreme downtime for the server. In regards to the manager’s inquiry, which of the following did the administrator forget to do FIRST? A. Submit a change request B. Schedule a maintenance window C. Provide notification of change to users D. Document the changes

A network technician has been tasked with designing a WLAN for a small office. One of the requirements of this design is that it is capable of supporting HD video streaming to multiple devices. Which of the following would be the appropriate wireless technology for this design? A. 802.11g B. 802.11ac C. 802.11b D. 802.11a

B In this question, we need a wireless network capable of supporting HD video streaming to multiple devices. We therefore need the fastest wireless network speed available. 802.11 is a set of IEEE standards that govern wireless networking transmission methods. The 802.11 standards commonly used today to provide wireless connectivity in home or office wireless networks are 802.11a, 802.11b, 802.11g, 802.11n and 802.11ac. The 802.11ac standard is the fastest wireless network supporting speeds of over 3Gbps and uses the 5-GHz band.

A single PRI can deliver multiple voice calls simultaneously using which of the following Layer 1 technologies? A. Time division multiplexing B. Analog circuit switching C. CSMA/CD D. Time division spread spectrum