Practice test 2 Flashcards

Question 1

Q

You are configuring a network to utilize SNMPv3 to send information from your network devices back to a SNMP manager. Which of the following SNMP options should you enable to ensure the data is transferred confidentially?

authPriv
authNoPriv
authProtect
authEncrypt

Answer

A

authPriv
In SNMPv3, the authPriv option ensures that the communications are sent with authentication and privacy. This uses MD5 and SHA for authentication and DES and AES for privacy and encryption.

Question 2

Q

You are working as a wireless networking technician and running a wireless controller to aid in the administration of the network. You supervisor has requested that you implement a centralized authentication service. Which of the following devices should you install and configure if you want to decrease the amount of time spent administering the network while still providing a centralized authentication service for your users?

Layer 3 switch
Proxy server
RADIUS server
VPN concentrator

Answer

A

A Remote Authentication Dial-In User Service (RADIUS) server will enable the wireless clients to communicate with a central server to authenticate users and authorize their access to the requested system or service. None of the other options presented are designed to support centralized authentication services by themselves, but instead use a protocol like RADIUS to perform those functions.

Question 3

Q

A new network administrator is hired to replace a consultant that has been running the network for several months and whose contract was just cancelled. After a month of working on the network, the new network administrator realized there are some network issues and configuration changes in the server settings. The log files on the servers do not contain any error messages related to the issues or changes. What could be the problem?

TACACS+RADIUS misconfiguration is causing logs to be erased
ICMP ping of death is resetting DHCP and DNS on the server
A backdoor has been installed to access the network
The last ACL on the router is set to Deny All

Answer

A

A hacker or the previous administrator (consultant) left a piece of software or an SSH protocol to be able to allow themselves access to the network in order to change the server settings. The consultant may be disgruntled that their contract was cancelled and that the new network administrator was hired to replace them.

Question 4

Q

Lynne is a home user who would like to share music throughout the computers in her house using an external USB hard drive connected to a router that she purchased over a year ago. The manufacturer states that the router is capable of recognizing drives up to 4TB in size, but she cannot get her 3TB drive to show up on the network. What should Lynne do to fix this problem?

Load the latest hardware drivers for her USB drive
Install the latest OS on her computers
Download the latest playback software for her music files
Flash the latest firmware for her router

Answer

A

Flash the latest firmware for her router
Routers can be updated by conducting a firmware flash. This is similar to upgrading or patching your computer’s operating system, or even updating a device driver. By flashing the firmware, it can provide the ability to communicate with newer devices.

Question 5

Q

Which device actively defends the network by detecting threats and shutting down ports or changing configurations to prevent attacks?

Honeypot
IPS
Firewall
IDS

Answer

A

IPS

Intrusion Protection Systems (IPS) can reconfigure themselves based on the threats experienced. Firewalls maintain a static configuration.

Question 6

Q

Which of the following ports are used to provide secure remote connection sessions over the Internet?

22
25
80
23

Answer

A

Port 22 is used by Secure Shell (SSH) to securely create communication sessions over the Internet for remote access to a server or system. Telnet used to be used over port 23, but it is insecure and doesn’t provide an encrypted tunnel like SSH does. Port 25 is for SMTP, and Port 80 is for HTTP, neither of which provide an encrypted tunnel, either.

Question 7

Q

Barbara, an employee, has properly connected her personal wireless router to a network jack inside her office. The router is unable to get a DHCP address even though her corporate laptop can get a DHCP address when connected to the same jack. Barbara checked the router’s configuration to ensure it is setup to obtain a DHCP address. Which of the following is the MOST likely reason that the router is not getting a DHCP address?

The admin has enabled DHCP snooping on the network
The admin is blocking DHCP requests that originate from the access points
The admin is blocking the wireless routers MSC address using MAC filtering
The admin has implemented a feature that only allows whitelist MAC addresses to connect to the network

Answer

A

The admin has implemented a feature that only allows whitelist MAC addresses to connect to the network

Whitelisting specific MAC addresses is a security measure implemented by the administrator in order to grant access to a specific user only. It avoids a person with malicious intention to access the corporate network. Since the router has a different MAC address, it is being blocked from connecting to the wired network.

Question 8

Q

A network technician needs to monitor the network to find a user that is browsing websites that are against the company policy. What should the technician use to view the website and find the user browsing it?

SNMP GET
Top listener tool
Intrusion detection system
Packet sniffer

Answer

A

Packet Sniffers can capture and analyze network user traffic. This information can be queried to view website addresses, contents, and sometimes even the password information. This differs from an intrusion detection system in that IDS’ wait to receive implicitly-malicious data in a network prior to logging the event.

Question 9

Q

You are trying to increase the security of your network by implementing a system of two-factor authentication (2FA). Which of the following authentication factors should you choose to meet this requirement?

Smartcard and PIN
Facial scan and fingerprint
Key fob and smartcard
Username and password

Answer

A

Two-factor authentication (also known as 2FA) is a method of confirming a user’s claimed identity by using a combination of two different factors: (1) something you know, (2) something you have, or (3) something you are. Out of the options provided, only a smartcard (something you have) and a PIN (something you know) meet the requirements of 2FA. If you have two factors from the same type/category, like something you know (username and password), this is only considered a single factor of authentication.

Question 10

Q

A new piece of malware is attempting to exfiltrate user data through hiding the traffic and sending it over a TLS-encrypted outbound traffic over random ports. What technology would be able to detect and block this type of traffic?

Intrusion detection system
Application aware firewall
Stateful packet inspection
Stateless packet inspection

Answer

A

A Web Application Firewall (WAF) or Application Aware Firewall would be able to detect both the accessing of random ports and TLS encryption, and could identify it as suspicious, whereas Stateless would inspect port number being used by the traffic leaving. IDS only analyzes incoming traffic, therefore would not be able to see this activity as suspicious.

Question 11

Q

A network administrator needs to install a centrally-located firewall that needs to block specific incoming and outgoing IP addresses without denying legitimate return traffic. Which type of firewall should the administrator install?

A host based firewall
A stateful network-based firewall
A host based stateful firewall
A stateless network-based firewall

Answer

A

A stateful firewall enhances security through the use of packet filtering and these types of firewalls also keep track of outbound requests and open the port for the returning traffic to enter the network.

Question 12

Q

A client has combined the voice-data circuit from a provider and is getting a maximum download and upload speeds of 2.0Mbps. Which type of service is MOST likely being used by the client?

ADSL
T1
E1
VDSL

Answer

A

E1 service provides symmetric 2.0 Mbps of data service. It can handle voice and digital services (with a mix-n-match service). E1 is the European signal of DS1. E1 has higher bandwidth than T1 because T1 reserves bits for overhead. VDSL and ADSL provide different upload and download rates, but this question shows that a symmetric upload and download rate was used.

Question 13

Q

What allows a telecommunication company to remotely test circuits of customers?

VLAN configuration
Toner Probe
RDP
Smart Jack

Answer

A

Smart jacks have built-in remote diagnostics.

Question 14

Q

You have been asked to add an entry to your DNS records to allow SMTP traffic to be sent out using your domain name. Which type of record should you add to your DNS record?

CNAME
A
MX
AAA

Answer

A

A MX record is used for outgoing (SMTP) and incoming (POP3/IMAP) traffic. An A record associates your domain name with an IPv4 address. An AAAA record associates your domain name with an IPv6 address. A CNAME record is canonical name or alias name, which associates one domain name as an alias of another (like beta.diontraining.com and www.diontraining.com could both refer to the same website using a CNAME).

Question 15

Q

Your company has just installed a new web server that will allow inbound connections over port 80 from the internet while not being able to accept any connections from the internal network. You have been asked where to place the web server in the network architecture and how to configure the ACL rule to support the requirements. The current network architecture is segmented using a firewall to create the following three zones: ZONE INTERFACE IP address PUBLIC eth0 66.13.24.16/30 DMZ eth1 172.16.1.1/24 PRIVATE eth2 192.168.1.1/24 Based on the requirements and current network architecture above, what is the BEST recommendation?

Put the server in the DMZ with an inbound rule from eth1 to eth0 that allows port 80 traffic to the server’s IP

Put the server in the PUBLIC zone with an inbound rule from the eth0 to eth1 that allows port 80 traffic to the server’s IP

Put the server in the DMZ with an inbound rule from eth0 to eth1 that allows port 80 traffic to the servers IP

Put the server in the PRIVATE zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server’s IP

Answer

A

Put the server in the DMZ with an inbound rule from eth0 to eth1 that allows port 80 traffic to the servers IP

Since the new web server needs to not allow traffic from the internal network (PRIVATE), you should place it in the DMZ. Then, you should add an ACL entry to the firewall that allows traffic from eth0 (PUBLIC, the internet) to the server’s IP within the DMZ (eth1). Most firewalls utilize an implicit deny policy, so all other ports from the eth0 will be blocked, as well as all ports from eth2.

Question 16

Q

You have been asked to connect three 802.11a devices to an 802.11g access point that is configured with WEP. The devices are within 20 feet of the access point, but they are still unable to associate with the access point. Which of the following is the MOST likely cause of the devices being unable to associate with the WAP?

Interference
Frequency mismatch
Signal loss
Mismatched encryption

Answer

A

Frequency mismatch

802.11a operates in the 5 GHz band while 802.11g operates in the 2.4 GHz band. Therefore, 802.11a devices will be unable to communicate with 802.11b or 802.11g access point.

Question 17

Q

One of the routers in your network just failed. You have been asked to replace it with the same model router from the spare inventory closet as part of an emergency change request. You find the new router in the closet and notice it was signed into inventory 13 months ago. You install the router and attempt to enable HTTPS in the configuration to allow for remote access. The failed router had this capability, but this spare does not even though they are the exact same model and were purchased at the same time. What should you do to enable the HTTPS access for this router?

Perform a factory reset
Update the firmware
Enable HTTP instead
Reboot the router

Answer

A

Update the firmware

Since the new router was pulled from your spare inventory closet, it is likely using an older and out of date version of the firmware. You should update the firmware for this router and then check if the HTTPS can be enabled again.

Question 18

Q

A common technique used by malicious individuals to perform a man-in-the-middle attack on a wireless network is:

ARP cache poisoning
Amplified DNS attacks
Session hijacking
Creating an evil twin

Answer

A

Evil Twin access points are the most common way to perform a man-in-the-middle attack on a wireless network.

Question 19

Q

A technician needs to add new features to existing hardware devices. Which of the following should be performed to add the new features?

Firmware updates
Changing to IPv6
Cloning
Vulnerability patching

Answer

A

To add new features to existing hardware devices, updating the firmware is always a must to mitigate any vulnerabilities.

Question 20

Q

Rick is upset that he was passed over for a promotion. He decides to take revenge on his nemesis, Mary, who got the job instead of him. Rick sets up a man-in-the-middle attack against Mary’s computer by redirecting any layer 2 traffic destined for the gateway to his own computer first. Rick is careful to only affect the traffic associated with Mary’s computer and not the entire network. Which type of man-in-the-middle attack is Rick conducting against Mary?

IP spoofing
MAC spoofing
ARP cache poisoning
Evil Twin

Answer

A

ARP cache poisoning

Based on the scenario, we can eliminate evil twin (which is focused on wireless access points) and IP spoofing (since this affects layer 3 traffic). While MAC spoofing the address of the gateway might work, it would also affect every computer on this subnet. By conducting an ARP cache poisoning attack, Rick can poison the cache and replace Mary’s computer’s MAC association with his own, allowing him to become the man-in-the-middle between Mary and the default gateway.

Question 21

Q

A home user reports to a network technician that the Internet is slow. The network administrator discovers that multiple unknown devices are connected to the access point. What is MOST likely the cause?

An eveil twin has been implemented
A successful WPS attack has occurred
The user is experiencing ARP poisoning
The user is connected to a botnet

Answer

A

A successful WPS attack has occurred

Successful WPS attacks happen when the default username/password etc. has not been changed or reconfigured on the router. If your default username/password hasn’t been changed, anybody can get into the settings and open the network. This is why additional unknown devices are on the network.

Question 22

Q

A network administrator needs to allow employees to upload files to a remote server securely. What port should be allowed through the firewall?

21
22
25
161

Answer

A

22

Normally, port 21 is used for the FTP (File Transfer Protocol) to transfer files between computers and a remote server, but it does so over an unencrypted connection (and is therefore not secure). Therefore, it is a better idea to use port 22 which will allow a user to use SFTP (Secure FTP) or SCP (Secure Copy) to transfer a file from a computer to a remote server over an encrypted SSL/TLS tunnel.

Question 23

Q

Which of the following is designed to keep system’s uptime running in the event of a disaster?

High availability
Load balancing
Quality of service
Caching engines

Answer

A

High availability

If a network switch or router stops operating correctly (meaning that a network fault occurs), communication through the network could be disrupted, resulting in a network becoming unavailable to its users. Therefore, network availability, called uptime, is a major design consideration.

Question 24

Q

(This is a simulated Performance-Based Question.) What is the correct color scheme for Pin 1 to Pin 8 for a T-568B connector?

blue, white/blue, orange, white/brown, brown, white/green, green, orange/white

white/green, green, orange/white, blue, white/blue, orange, white/brown, brown

white/orange, orange, white/green, blue, white/blue, green, white/brown, brown

white/green, green, white/orange, orange, blue, white/blue, white/brown, brown

Answer

A

white/orange, orange, white/green, blue, white/blue, green, white/brown, brown

You need to have the T-568-A and T-568-B standards memorized before test day, because you may be asked to perform a drag and drop exercise of placing the right colored wires into the right pin numbers based on a T-568A or T-568B connector. Remember, a straight through cable will have T-568B one both ends. If you are asked to make a cross-over cable, you need a T-568A on one side and a T-568B on the other side.

Question 25

Q

(This is a simulated Performance-Based Question.) What ports do FTP and SFTP utilize?

20,21
21,22
22,23
21,23

Answer

A

FTP (File Transfer Protocol) uses port 20 and 21. SFTP (Secure File Transfer Protocol) uses port 22. If this was a question on the real exam, you would see a list of ports on one side and a list of protocols on the other, and you would drag and drop each one to match them up. (It might also have 4-6 different pairs to match up.)

Question 26

Q

Which type of network geography is used to connect various circuits between remote locations?

WAN
PAN
WLAN
LAN

Answer

A

WAN because to connect various circuits between remote locations, a Wide Area is required. Local can only be within a limited small area. A PAN is used for very small areas. A WLAN is a wireless LAN.

Question 27

Q

A network administrator wants to implement a centralized monitoring solution that utilizes push alerts sent from the client to a server. Which of the following should be implemented within the network?

SNMP
SMTO
NIDS
SMS

Answer

A

The keyword is MONITORING. SNMP stands for Simple Network Management Protocol. SMTP is simple mail TRANSPORT protocol. NIDS is network intrusion detection system and SMS is short message service. So, knowing what all of them stand for helps you to understand if the goal is simply to manage the server and send alerts from client to server. Based on these information, SNMP is the best choice.

Question 28

Q

Which of the following wireless technologies use MIMO on non-overlapping channels to increase the bandwidth of the wireless network?

11a
11b
11g
11n

Answer

A

802.11n introduced support for MIMO on non-overlapping channels as a method to increase the bandwidth available for the wireless network. This is also supported in 802.11ac (MU-MIMO), which was the next version released after 802.11n. The other wireless networking technologies (a/b/g) do not support MIMO.

Question 29

Q

You have been asked by your supervisor, Martha, to ensure that you enable 802.3af on a managed switch. Which of the following features does Martha want you to enable?

PoE
Port Bonding
VLAN
Trunking

Answer

A

Power over Ethernet (PoE) is defined by the IEEE 802.3af standard. PoE+ is defined by the IEEE 802.3at standard.

Question 30

Q

What can be issued from the command line to find the layer 3 hops to a remote destination?

traceroute
nslookup
ping
netstat

Answer

A

Traceroute will determine every hop between the host and the destination using ICMP.

Question 31

Q

A network technician is troubleshooting connectivity problems between switches but suspects the ports are not properly labeled. What option will help to quickly identify the switches connected to each port?

Configure TACAS+ on each network device
Enable a discovery protocol on the network devices
Configure each uplink to send LACP discovery units
Enable a packet sniffer on each network device’s uplink port

Answer

A

By enabling a discovery protocol on the network devices, the technician will be able to get detailed information such as the IP addresses, system version, and the type of device information from supporting devices directly connected to the discovery protocol, therefore providing information about the specific routers.

Question 32

Q

Multiple students within a networking lab are required to simultaneously access a single switch remotely. The administrator checks and confirms that the switch can be accessed using the console, but currently only one student can log in at a time. What should be done to fix this issue?

Increase installed memory and install a larger flash module
Increase the number of VLANs configured on the switch
Decrease the number of VLANs configured on the switch
Increase the number of virtual terminals available

Answer

A

You can set a limit of how many virtual terminals can simultaneously connect to a switch. Here, the limit is set to one and we should increase it to solve the issue.

Question 33

Q

Which of the following is an example of a valid IPv4 address?

192:168:1:55
192.168.1.254
00:AB:FA:B:1:07:34
::1

Answer

A

An IPv4 address consists of 32 bits. IPv4 addresses are written in dotted octet notation, such as 192.168.1.254

Question 34

Q

A user has installed a new wireless printer on the network. The user cannot get it connected to the Internet, but can print locally. All other office users can reach the Internet, but cannot connect to the new wireless printer. All users are wireless in this part of the office. What MOST likely has occurred?

They installed the printer in an infrastructure mode
They installed the printer in the wrong subnet
They misconfigured the gateway on the wireless printer
They installed the printer in ad-hoc mode

Answer

A

The printer is most likely in ad-hoc mode, which is also known as IBSS. In this type of network, devices talk directly to each other but have no connection outside of this “self-created” network.

Question 35

Q

The Chief Information Officer (CIO) in your company has been trying to convince the Chief Security Officer (CSO) that the company should move its data to a SaaS solution in order to some money in the budget. The CSO is hesitant to move all of the company’s data because she is concerned with the risk involved in moving the corporation’s sensitive data to a SaaS solution. The CSO has been asked for a reason behind her fears. Which of the following might be her response?

The SaaS solution is incompatible with our current network

Migrating all of our data to a Saas solution will result in a loss of full control over our data and resources

Migrating our data to a Saas solution will result in decreased performance in our internal network

Migrating to a Saas solution will out us at a higher risk of exposure to malware and hackers

Answer

A

Migrating all of the corporate data to a SaaS solution will result in a loss of full control over the data and its protection. If the company intends to move sensitive data to a cloud-based solution, it should seek out a private cloud solution or a PaaS/IaaS solution instead since it will allow them to retain much more control over their data. As for exposure to malware and hackers, there is no evidence that cloud solutions are more exposed than on-premise solutions. Since the proposal is to migrate information out of the internal network, this should not decrease performance but instead increase it. Also, since a SaaS is proposed, there is not an incompatibility issues since SaaS solutions are almost always web-based solutions, and therefore compatible with any web browser.

Question 36

Q

Jason just got into his car and paired his smartphone to his car’s stereo. Which of the following types of networks was just created?

LAN
PAN
WAN
MAN

Answer

A

PAN is short for Personal Area Network. Personal area networks generally cover a range of a few centimeters up to around 10 meters (33 feet). Bluetooth, Infrared, or USB connections are usually used to form a PAN.

Question 37

Q

You have been asked by the server administrators to open the default port on the firewall for their new DNS server. Which of the following ports should you set as ALLOW in the ACL?

53
67
110
3389

Answer

A

Port 53 is used for DNS. Port 67 is used for DHCP. Port 110 is used for POP3. Port 3389 is used for RDP.

Question 38

Q

A college needs to provide wireless connectivity in a cafeteria with a minimal number of WAPs. What type of antenna will provide the BEST coverage?

High gain
Bidirectional
Dipole
Omni-directional

Answer

A

High gain antennas put out increased signal strengths and therefore can reach further with less WAPs.

Question 39

Q

Your router has been turning itself off and on again for a few weeks. You begin to think back to when these issues are occurring and remember that each time it occurs that the lights also become dimmer momentarily. You hook up a device to monitor the power being supplied to the router and identify that brownouts are frequently occurring, resulting in the power cycling of the router. What should you (a network technician) do to solve this problem?

Install an upgraded router
Install a surge protector
Install a UPS
Install a new electrical outlet

Answer

A

The best solution would be to install an UPS. Since you are a network technician and not an electrician, you should not attempt to install a new electrical circuit. The other two options would not solve this problem.

Question 40

Q

An end user receives a new computer and now is unable to connect to a database using ODBC. Other users are able to connect successfully, and the network technician is able to successfully ping the database server but still is unable to connect. What might have caused this issue?

Missing IP routes on router
Wrong default gateway address
Software firewall is blocking ports
Failing network interface card

Answer

A

A change in the firewall settings to allow access to the specified ports will fix the problem. It appears the default firewall on this new computer is blocking the port used to communicate with the database server.

Question 41

Q

A network’s design includes gateways connecting an assembly-line network. The assembly-line network uses specialized cabling and interfaces to allow the assembly-line robots to communicate with one another. Which type of network would you classify this design as?

CSU-/DSU
SCADA/ICS
IS-IS
LAN

Answer

A

SCADA/ICS is used in industrial control systems, such as an assembly-line network.

Question 42

Q

You have just upgraded a small office LAN switch. When you finish, a user states they can no longer access the network. You check the user’s workstation, but do not see any LED lights lit on their NIC. What should you check next?

Verify the switch is connected to the router
Verify the device is using the correct cable type
Verify the NIC is operating properly
Verify the network cable is attached to the new switch

Answer

A

Since the workstation was working yesterday but now it isn’t because you upgraded the switch, you should first double check what changed. In this case, you unplugged the old switch and connected the new switch. It is likely that you didn’t fully plug the cable back into the new switch after the upgrade. This would lead to no LED lights being lit on the workstation’s NIC. Similarly, if you recently moved a workstation, you would want to double check the cable connection on the workstation itself. This is most likely a layer 1 issue.

Question 43

Q

Several users at an adjacent office building report connectivity issues after a new building was built in-between the two offices. The network technician has determined the adjacent office building is connected to the main office building via an 802.11ac bridge. The network technician logs into the AP and confirms the SSID, encryption, and channels are all correct. Which of the following is MOST likely the cause of this issue?

Device saturation
Antenna type
Bandwidth saturation
Interference

Answer

A

The most likely reason is interference from the new building being placed between the signal path. By process of elimination: Device saturation involves too many devices with too few sources, antenna type restricts the direction for the data to travel and the bandwidth saturation occurs if too many devices are on one WAN link.

Question 44

Q

An employee of a highly-secure company needs to use facial recognition in addition to username/password to successfully establish a VPN. What BEST describes this methodology?

PKI
Federated identity
Two-factor authentication
Biometric authentication

Answer

A

This would classify best as two-factor authentication, since it requires “something you are” (face) and “something you know” (username/password) for successful authentication to occur.

Question 45

Q

Your network has been the victim of data breach. Your company has hired an incident response team to help control the damage of the breach and restore the network to its full functionality. The incident response team wants to connect a packet capture device to the switch that connects your servers to the DMZ. Which of the following should be configured to ensure the packet capture device can receive all the network traffic going to and from the servers?

802.1q
802.1x
Port mirroring
Port security

Answer

A

Port Mirroring, also known as SPAN (Switched Port Analyzer), is a method of monitoring network traffic. With port mirroring enabled, the switch sends a copy of all network packets seen on one port (or an entire VLAN) to another port, where the packet can be analyzed. In this case, you can connect the packet capture device to the SPAN port (mirrored port) to collect all the network traffic for later analysis.

Question 46

Q

OFDM, QAM and QPSK are all examples of what wireless technology?

Frequency
Modulation
RF interference
Spectrum

Answer

A

Common types of modulation include Orthogonal frequency-division multiplexing (OFDM), Quadrature Amplitude Modulation (QAM), and Quadrature Phase-shift keying (PSK).

Question 47

Q

You are working as a wireless networking technician and have been sent to a user’s home to install a brand new 802.11 AC WAP to replace their old WAP. To ensure all of the current devices on the network will automatically connect to the new network, you set the SSID, encryption type, and password to the exact same ones as the old WAP. You turn the new WAP on and notice most of the devices connect automatically, but one older wireless printer simply won’t connect. You notice that the printer is about 7 years old, but the user says it has always worked great over the old wireless network. What is the MOST likely reason that the printer will not connect to the new WAP?

You forgot to set the channel properly
The power level on the WAP is too low
The password on the WAP was changed
There is a mismatch in frequencies

Answer

A

Wireless B/G networks utilize 2.4 Ghz, while Wireless AC uses 5.0 Ghz. Wireless N has the ability to support both 2.4 ghz and 5.0 Ghz frequencies. The most likely cause of the issue is that the older WAP supported 2.4 Ghz (for older devices) and 5.0 Ghz (for newer devices). Since you installed a brand new 802.11 AC WAP, it is only broadcasting at 5.0 Ghz, which prevents the older printer from connecting due to a frequency mismatch.

Question 48

Q

You are configuring a point-to-point link and want to ensure it is configured for the most efficient use of your limited pool of available public IP addresses. Which of the following subnet masks would be BEST to use in this scenario?

/24
/28
/29
/30

Answer

A

The most efficient subnet mask for a point-to-point link is actually a /31 subnet, which only provides 2 addresses. This will only work if both routers are using a newer routing protocol like OSPF, IS-IS, EIGRP, or RIPv2 (or above). The tried and true method is to use a /30, though, which uses 4 IP addresses. The first is the network IP, the last is the broadcast, and the other 2 IPs can be assigned to the routers on either end of the point-to-point network. For the exam, if you see the option of /30 or /31, remember, they can be used for point-to-point networks.

Question 49

Q

You are working at the service desk as a network security technician and just received the following email from an end user who believes a phishing campaign is being attempted. ***** From: user@diontraining.com To: abuse@diontraining.com Subject: You won a free iPhone! Dear Susan, You have won a brand new iPhone! Just click the following link to provide your address so we can ship it out to you this afternoon: (http://www.freephone.io:8080/winner.php) ********* What should you do to prevent any other employees from accessing the link in the email above, while still allowing them access to any other webpages at the domain freephone.io?

Add http://www.freephone.io:8080/winner.php to the browsers group policy block list
Add DENY TCP to http://www.freephone.io to ANY EQ 8080 to the firewall ACL
ADD DENY IP ANY ANY EQ 8080 to the IPS filter
Add http://www.freephone.io:8080/winner.php to the load balancer

Answer

A

There are two ways to approach this question. First, you can consider which is the right answer (if you know it). By adding the full URL of the phishing link to the browser’s group policy block list (or black hole list), the specific webpage will be blocked from being accessed by the employees while allowing the rest of the freephone.io domain to be access. Now, why not just block the entire domain? Well, maybe the rest of the domain isn’t suspect but just this one page is. (For example, maybe someone is using a legitimate site like GitHub to host their phishing campaign, therefore you only want to block their portion of GitHub.) The second approach to answering this question would be to rule out the incorrect answers. If you used DENY TCP to the firewall ACL answer, you would block all access to the domain, blocking legitimate traffic as well as the possible malicious activity. If you used the DENY IP ANY ANY to filter traffic at the IPS, you would block any IP traffic to ANY website over port 8080. If you added the link to the load balancer, this would not block it either. Therefore, we are only left with the correct answer of using a group policy in this case.

Question 50

Q

Which of the following network geographies refer to a network that spans several buildings that are within walking distance of each other, such as at a business park?

CAN
WAN
PAN
MAN

Answer

A

A campus area network (CAN) is a network of multiple interconnected local area networks (LAN) in a limited geographical area. These are common in business parks and at colleges/universities.

Question 51

Q

A network administrator updated an Internet server to evaluate some new features in the current release. A week after the update, the Internet server vendor warns that the latest release may have introduced a new vulnerability and a patch is not available for it yet. Which of the following should the administrator do to mitigate this risk?

Enable the host based firewall on the internet server
Enable HIPS to protect the server until the patch is released
Ultilize WAF to restrict malicious activity to the Internet server
Downgrade the server and defer the new feature testing

Answer

A

Since the vendor stated that the new version introduces vulnerabilities in the environment, it is better to downgrade the server to the older and more secure version until a patch is available.

Question 52

Q

A client reports that half of the office is unable to access a shared printer on the network. Which of the following should the network technician use to troubleshoot the issue?

Data backups
Network Diagrams
Baseline information
Vendor Documentation

Answer

A

Network diagram is a visual representation of a computer network. Understanding all the connections is a fundamental step in network troubleshooting. This baseline information can be used for anticipating future problems, as well as planning for future growth.

Question 53

Q

A technician is tasked with troubleshooting a network’s slowness. While troubleshooting, the technician is unable to ping any external websites. Users report they are able to access the sites using the web browsers. What is the MOST likely cause?

ICMP traffic being blocked by the firewall
VLAN hopping
TACAS misconfiguration
MTU black hole

Answer

A

Many companies block ICMP at the firewall, causing PING to fail since it relies on ICMP. If the user can access the site in the web browser but not by PING, this is usually the cause.

Question 54

Q

You have installed and configured a new wireless router. The clients and hosts can ping each other. The WAN connection is 10Gbp/s. The wired clients have fast connections, but the wireless clients are slow to ping and browse the Internet. Which of the following is MOST likely the cause of the slow speeds experienced by the wireless clients?

An access point experiencing RFI from fluorescent light bulbs
A router is on the incorrect LAN
A cable connection does not support wireless
A high signal to noise ratio on the wireless network

Answer

A

An access point experiencing RFI from fluorescent light bulbs

If interference in the wireless spectrum is occurring, more retransmissions will be needed (and thereby slowing speeds experienced). All the other answers will not cause a slow down of only the wireless network. And a high signal to noise ratio is a good thing on wireless networks.

Question 55

Q

Which of the following WAN technologies would MOST likely be used to connect several remote branches that have no fiber or satellite connections?

OC12
POTS
WiMax
OC3

Answer

A

POTS is the Plain Old Telephone System, and is connected to almost every facility in the United States. DSL and dial-up services can be received over POTS.

Question 56

Q

A network technician was tasked to install a network printer and share it to a group of five human resource employees. The technician plugged the device into a LAN jack, but was unable to obtain an IP address automatically. What is the cause of the problem?

Incorrect DNS records
Incorrect TCP port in ACL
Split horizon is disabled
DHCP scope is exhausted

Answer

A

The DHCP scope is used as a pool of IP addresses that can be assigned automatically. The issue might be that there are no more IP addresses left in the scope and it is therefore exhausted.

Question 57

Q

You network is currently under attack from multiple hosts outside of the network. Which type of attack is most likely occurring?

DoS
Spoofing
DDoS
Wardriving

Answer

A

A Distributed Denial of Service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system or network. DoS and Spoofing attacks originate from a single host, while wardriving is focused on the surveillance and reconnaissance of wireless networks.

Question 58

Q

Which of the following network devices would be considered a perimeter device and should be installed at the outermost part of the network?

Switch
Firewall
Bridge
Wireless Access Point

Answer

A

A firewall is considered a perimeter security device. It should be installed at the perimeter or boundary of a network to provide the maximum security to the network. Switches, bridges, and wireless access points are all considered internal network devices, and should not be installed at the outermost perimeter of the network.

Question 59

Q

Which communication technology would MOST likely be used to increase bandwidth over an existing fiber optic network by combining multiple signals at different wavelengths?

DWDM
SONET
ADSL
LACP

Answer

A

Dense wavelength-division multiplexing (DWDM) is a high-speed optical network type commonly used in MANs (metropolitan area networks). DWDM uses as many as 32 light wavelengths on a single fiber, where each wavelength can support as many as 160 simultaneous connections.

Question 60

Q

While implementing wireless access points into the network, one building is having connectivity issues due to light fixtures being replaced in the ceiling, while all other buildings’ connectivity is performing as expected. Which of the following should be changed on the access point for the building with connection issues?

UTP patch cables
Antenna
Power adapter
Security standard

Answer

A

Since only one building is having the issue, it is likely an issue with the antenna having radio frequency interference.

Question 61

Q

A company needs to implement stronger authentication by adding an authentication factor to their wireless system. The wireless system only supports WPA with pre-shared keys, but the back-end authentication system supports EAP and TTLS. What should the network administrator implement?

PKI with user authentification
802.1x using EAP wtih MSCHAPv2
WPA2 with a complex shared key
MAC address filtering with IP filtering

Answer

A

Since the back end uses a RADIUS server for back-end authentication, the network administrator can install 802.1x using EAP with MSCHAPv2 for authentication.

Question 62

Q

A network technician determines that two dynamically-assigned workstations have duplicate IP addresses. What command should the technician use to correct this issue?

ipconfig /all
ipconfig /dhcp
ipconfig /release; ipconfig /renew
ipconfig /renew

Answer

A

The first thing to do is to release that IP address using the command ipconfig /release. Next, the technician should dynamically assign another IP address using the command ipconfig /renew.

Question 63

Q

A network administrator is troubleshooting an issue with unstable wireless connections in a residence hall. Users on the first and second floors report that the hall’s SSID is not visible in the evenings. The network administrator has verified that the wireless system is operating normally. What is the cause of the issue being reported by the users?

Internet router maintenance is scheduled
An ARP attack is underway
The SSID is set to hidden
A jammer is being used

Answer

A

Process of elimination: the ARP attack would allow attackers to intercept data or stop all traffic; the SSID being set to hidden wouldn’t just change during the day, and a jammer being used would show some possible “wrong” traffic in the logs of the wireless. Internet router maintenance would simply take the network down for the duration of the update/maintenance.

Question 64

Q

You are creating a wireless link between two buildings in an office park utilizing the 802.11ac standard. The antenna chosen must have a small physical footprint and a minimal weight as it will be mounted on the outside of the building. Which type of antenna should you install?

Whip
Omni-directional
Parabolic
Patch

Answer

A

A patch antenna is a type of radio antenna with a low profile, which can be mounted on a flat surface. A patch antenna is typically mounted to a wall or a mast and provides coverage in a limited angle pattern. A yagi or directional antenna could also be used, but if the distance is smaller than about 300 feet between the buildings, using a patch antenna would be sufficient. For longer distances, a yagi would be utilized instead, but these do weight more and have a larger footprint.

Answer 65

A

You should create an out-of-band management network using a SSH (console) connection to the router. Telnet and HTTP are not encrypted channels and should not be used for remote connections. Using a modem is also a bad security practice, since these are subject to war dialing and provide very slow connectivity speeds.

Answer 66

A

A biometric reader would read the employee’s fingerprints. A mantrap is most often used in physical security to separate non-secure areas from secure areas and prevent unauthorized access.

Answer 67

A

An analog modem is a device that converts the computer’s digital pulses to tones that can be carried over analog telephone lines, and vice versa. The other type of Internet connection that occurs over an RJ-11 (phone line) is DSL.

Answer 68

A

A Remote Authentication Dial-in User Service (RADIUS) server provides AAA management for users connecting to a wired or wireless network, which includes the ability to authenticate users. As servers are inherently not built with wireless access capabilities, an access point would have to be included in the setup for the RADIUS to work correctly with wireless clients.

Answer 69

A

Explanation

The switches use the spanning tree process to ensure no routing loops will occur.

Answer 70

A

A vulnerability scanner is a computer program designed to assess computers, computer systems, networks, or applications for weaknesses. Most vulnerability scanners also create an itemized report of their findings after the scan.

Answer 71

A

Policies are plans that describe the goal of an established procedure (Acceptable use, Physical Security or VPN access), while the standards are the mechanisms implemented to achieve that goal. VPN and HTTPS are examples of standards.

Answer 72

A

By rolling back the drivers, Ann would be able to use her lab equipment again. To roll back a driver in Windows means to return the driver to the version that was last installed for the device.

Brainscape's Knowledge GenomeTM

Practice test 2 Flashcards

Brainscape's Knowledge Genome^TM