Practice test 3 Flashcards

Question 1

Q

Which of the following port or ports does SIP use?

443
389/636
135/139/445
5060/5061

Answer

A

SIP works with other protocols over 5060/5061. 443 is HTTPS, 389/636 is LDAP, and 135/139/445 is NetBIOS and SMB.

Question 2

Q

What describes an IPv6 address of ::1?

Broadcast
Loopback
Classless
Multicast

Answer

A

In IPv6, ::1 is the loopback address, whereas in IPv4 it is 127.0.0.1. The loopback address is used to send a test signal sent to a network destination in order to diagnose problems.

Question 3

Q

Dion Training has just installed a brand new email server. Which of the following DNS records would need to be created to allow the new server to receive email on behalf of diontraining.com?

CNAME
MX
PTR
A

Answer

A

An MX record is required in the DNS for a domain in order for the email server to accept emails on behalf of a registered domain name..

Question 4

Q

If you have an ISDN or T-1 connection, it can deliver multiple voice calls over a copper wire using which of the following technologies?

CSMA/CD
Time division spread spectrum
Analog circuit switching
Time division mltiplexing

Answer

A

Time-division multiplexing allows for two or more signals or bit streams to be transferred in what appears to be simultaneous sub-channels in one communication channel, but are physically taking turns on the channel. This is the technology used in a single PRI (ISDN or T-1) service to essentially share a single cable but pass multiple voice calls over it.

Question 5

Q

Which of the following protocols are designed to avoid loops on a Layer 2 network?

OSPF
RIPv2
802.1q
802.1d

Answer

A

The Spanning Tree Protocol is part of the 802.1d standard and avoids loops in the switching network (layer 2).

Question 6

Q

Which of the following describes the ID of a specified native VLAN when traffic passes over a trunk?

It becomes the gateway of last resort for the switch or router
It becomes the default VLAN for untagged frames
It becomes the priority ID for all the VLAN traffic across the device
It becomes the default gateway for the port or ports

Answer

A

It becomes the default VLAN for untagged frames

Trunk ports carry all traffic, regardless of VLAN number, between all switches in a LAN. The VLAN designation for a trunk port is its native VLAN. If the trunk port has a native VLAN that differs from the tag placed on the frame as it entered the access port, the switch leaves the tag on the frame and sends the tagged frame along to the next switch or switches. If the trunk port’s native VLAN is the same as the access ports VLAN, then the switch drops the tag and sends the untagged frame out the trunk port.

Question 7

Q

A small law office has a network with three switches (8 ports), one hub (4 ports), and one router (2 ports). Switch 1 (switchport 8) is connected to an interface port (FastEthernet0/0) on the router. Switch 2 (switchport 8) and switch 3 (switchport 8) are connected to Switch 1 (switchports 1 and 2). The hub has three computers plugged into it on ports 1, 2, and 3. The fourth port on the hub is connected to the router’s other interface port (FastEthernet0/1). Based on the configuration described here, how many broadcast domains are there within this network?

Answer

A

2

A broadcast domain is a logical division of a computer network in which all nodes can reach each other by broadcast at the data link layer. A broadcast domain can be within the same LAN segment or it can be bridged to other LAN segments. Routers break up broadcast domains, therefore there are two broadcast domains in this network - one for each side of the router (the three switches makeup one broadcast domain, and the hub makes up the second broadcast domain).

Question 8

Q

Which of the following wireless standards should you implement if the existing wireless network only allows for three non-overlapping channels and you need additional non-overlapping channels to prevent interference with neighboring businesses in your office building?

11b
11g
11ac
1q

Answer

A

802.11ac

Wireless B and G only support 3 non-overlapping channels (1, 6, 11). Wireless N and Wireless AC supports 5 GHz spectrum which provides dozens of non-overlapping channels. 802.1q is used for VLANs, and is not a wireless networking standard.

Question 9

Q

Elizabeth was replacing a client’s security device that protects their DMZ. The client has an application that allows external users to access the application remotely. After replacing the devices, the external users cannot connect remotely to the application anymore. Which of the following devices was MOST likely misconfigured and is now causing a problem?

Content filler
Firewall
DNS
DHCP

Answer

A

A firewall is an integral part of a DMZ. If configured correctly, it can regulate exactly what traffic and users are allowed to access the server. This is different from a content filter because a content filter simply denies traffic to a user based on content, but not access to a server. If the firewall ruleset was not configured to allow external users to access the application remotely, the default condition is to “deny by default”.

Question 10

Q

A technician is testing a new web-based tool capable of generating automatic teller machine (ATM) cash and service availability reports. The web-based tool was developed by a consortium of financial institutions. Which of the following cloud delivery models is being described in this scenario?

Saas
Public
Community
Paas

Answer

A

A community or private delivery model would work best. A community cloud in computing is a collaborative effort in which infrastructure is shared between several organizations from a specific community with common concerns (security, compliance, jurisdiction, etc.), whether managed internally or by a third-party and hosted internally or externally. The scenario described is a community cloud created tool by the banking industry.

Question 11

Q

A technician needs to ensure wireless coverage in the green space near the center of the college campus. The antenna is being installed in the middle of the field on a pole. Which type of antenna should be installed to ensure maximum coverage?

Omnidirectional
Yagi
Unidirectional
Directional

Answer

A

Omnidirectional antennas send the signal out equally in all directions, therefore it will provide the best coverage since it is located in the center of the field.

Question 12

Q

A technician suspects that the email system is slow due to an excessive amount of Spam being received. Which of the following should the technician do FIRST according to the troubleshooting methodology?

Verify full system functionality
Block incoming email
Establish a plan of action
Gather information

Answer

A

After identifying the problem (the server is slow), the next step is to gather information. This can be from various sources such as (but not limited to) users, logs and IP addresses. After information has been gathered, the technician should establish a plan of action to resolve the issue.

Question 13

Q

You have just installed a new switch in your company’s network closet. The switch connects to your router using a SFP port on both the router and switch. Unfortunately, you only had a long cable available to make the connection, so after running the cable from the rack containing the switch to the other rack containing the router you decide to coil up the excessive cable and use a zip tie to hold the coil to the side of the rack. You head back to your office, log into the switch over SSH, and check the log file. You notice that there are several messages indicating that the signal strength on the transmit portion of the SFP is registering as too weak. What is the BEST explanation for the cause of this error?

The SFP module has gone bad
You used a MMF cable instead of a SMF cable
The bend radius of the cable has been exceeded
You used a MTRJ cable instead of a ST cable

Answer

A

The most likely explanation is that you coiled up the excess cable too tightly and exceeded the bend radius for the cable. By doing this, you may have broken or cracked the fiber connected to the transmit portion of the SFP. It is unlikely that the SFP failed, since only the transmit portion is registering as weak. If you used the wrong type of cable (MTRJ vs ST), you would not have been able to connect it to the SFP module as it wouldn’t fit. Similarly, if you used a MMF instead of a SMF cable, you would get no connection, not a weak connection.

Question 14

Q

A company suffers an outage due to a bad module in a core switch. What is the NEXT step to conduct in troubleshooting?

Gather information, start at the top of the OSI model, and work down.
Establish a plan of action to solve the problem
Establish a theory, identify the problem, duplicate the problem, test the theory, and repeat
Gather information, start at the bottom of the OSI model and work up

Answer

A

The troubleshooting steps are to (1) Identify the problem, (2) Establish a theory of probable cause, (3) Test the theory to determine the cause, (4) Establish a plan of action to resolve the problem and identify potential effects, (5) Implement the solution or escalate as necessary, and (6) Verify full system functionality and if applicable implement preventative measures. Since the cause of the problem is already known (a bad module), we can skip directly to establishing a plan of action to solve the problem.

Question 15

Q

Which of the following needs to be configured to allow jumbo frames on a network?

MTU
MAC
MIBS
IPS

Answer

A

MTU is the largest unit that can be transmitted across a network. If the MTU is set at a value above 1500, the network is configured to support jumbo frames.

Question 16

Q

What is a connectionless protocol?

ICMP
SSL
TCP
SSH

Answer

A

A connectionless protocol is a form of data transmission in which data is transmitted automatically without determining whether the receiver is ready, or even whether a receiver exists. ICMP, UDP, IP, and IPX are well-known examples.

Question 17

Q

Sarah connects a pair of switches using redundant links. When she checks the status of the links, one of them is not active, even when she changes ports. What MOST likely disabled the redundant connection to the other switch?

Spanning tree
IGRP routing
SSID mismatch
Port Mirroring

Answer

A

The purpose of spanning tree is to verify no loops exist in the network. If something isn’t working, it’s possibly because the switch detects that there’s a loop in the redundant connections.

Question 18

Q

A technician has finished configuring AAA on a new network device. However, the technician is unable to log into the device with LDAP credentials but is able to do so with a local user account. What is the MOST likely reason for the problem?

Username is misspelled in the device configuration file
IDS is blocking RADIUS
Shared secret key is mismatched
Group policy has not propagated to the device

Answer

A

AAA through RADIUS uses a Server Secret Key (a shared secret key). A secret key mismatch could cause login problems.

Question 19

Q

An increased amount of web traffic to an e-commerce server is observed by a network administrator, but without an increase in the number of financial transactions. Which kind of attack might the company be experiencing?

Bluejacking
ARP cache poisoning
Phishing
DoS

Answer

A

A DoS attack or Denial-of-Service attack works by overloading a server with multiple requests (more than it can handle), thus eventually knocking the server offline.

Question 20

Q

Your company’s security policy states that its workstations must hide their internal IP addresses whenever they make a network request across the WAN. You have been asked to recommend a technology that would BEST implement this policy. Which of the following is the BEST solution for you to recommend?

NAT
DMZ
WPA
OSPF

Answer

A

Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. By using NAT, you can have the internal IP address of each workstation mapped to a public IP address or port when it crosses the router to access the WAN.

Question 21

Q

According to the OSI model, at which of the following layers is data encapsulated into a frame?

1
2
3
4

Answer

A

The data layer, or layer 2, is the second layer of the seven-layer OSI model. The data link layer encapsulates data into frames for delivery between nodes on the same network.

Question 22

Q

A single mode fiber is no longer providing network connectivity to a remote site. What could be used to identify the location of the break?

MT-RJ
OTDR
Media Converter
Cable certifier

Answer

A

An optical time-domain reflectometer (OTDR) is an optoelectronic instrument used to characterize an optical fiber.

Question 23

Q

What access control model will a network switch utilize if it requires multilayer switches to use authentication via RADIUS/TACACS+?

802.1q
802.3af
PKI
802.1x

Answer

A

802.1x is the standard that is used for network authentication with RADIUS and TACACS+.

Question 24

Q

You have just moved into a new apartment and need to get internet service installed. Your landlord has stated that you are not allowed to drill any holes to install new cables into the apartment. Luckily, your apartment already has cable TV installed. Which of the following technologies should you utilize to get your internet installed in your apartment?

Wireless router
DSL modem
Satelite modem
DOCSIS modem

Answer

A

DOCSIS (Data Over Cable Service Interface Specification) is an international telecommunications standard that permits the addition of high-bandwidth data transfer to an existing cable television system. It is employed by many cable television operators to provide Internet access over their existing hybrid fiber-coaxial (HFC) infrastructure. Most people today call these ‘cable modems’, but technically they are DOCSIS modems.

Question 25

Q

You are currently troubleshooting a workstation in the office and determined that it is an issue with the cabling somewhere between the workstation and the switch. You have tested the patch cable from the workstation to the wall jack and it is not faulty. You want to check the port on the switch next, which of the following would BEST help you identify which switchport is associated with the workstation’s wall jack?

Network baseline
Proper labeling
Inventory management
Standard procedures

Answer

A

You should always use proper labeling of your cables, wall jacks, and patch panels to make it easy to locate which switchport is associated with each portion of the cable distribution plant.

Question 26

Q

Michael has been tasked with assigning two IP addresses to WAN interfaces on connected routers. In order to conserve address space, which of the following subnet masks should he use for this subnet?

/24
/30
/28
/29

Answer

A

An IPv4 address consists of 32 bits. The first x number of bits in the address is the network address and the remaining bits are used for the host addresses. The subnet mask defines how many bits form the network address and from that, we can calculate how many bits are used for the host addresses. In this question, the /30 subnet mask dictates that the first 30 bits of the IP address that are used for network addressing and the remaining 2 bits are used for host addressing. The formula to calculate the number of hosts in a subnet is 2n - 2. The “n” in the host’s formula represents the number of bits used for host addressing. If we apply the formula (22 - 2), a /30 subnet mask will provide 2 usable IP addresses.

Question 27

Q

A company wants to install a new wireless network. The network must be compatible with 802.11ac protocol in order to obtain the maximum amount of throughput available. Which of the following frequencies will this wireless network utilize?

4GHz
7GHz
0GHz
0GHz

Answer

A

Wireless AC uses 5.0 GHz for wireless transmission, whereas Wireless B/G uses 2.4 GHz.

Question 28

Q

Patches have just been released by a third-party vendor to resolve a major vulnerability. There are over 100 critical devices that need to be updated. What action should be taken to ensure the patch is installed with minimal downtime?

Test the patch in a lab environment and then install it in the production network during the next scheduled maintenance
Download and install all patches in the production network during the next scheduled maintenance period
Configure endpoints to automatically download and install the patches
Deploy the patch in a lab environment, quickly conduct testing, and then immediately install it in the production environment

Answer

A

Patches should always be tested first. Once successfully tested, deployment to the production environment can then be accomplished.

Question 29

Q

A network technician discovers an issue with spanning tree on the core switch. Which step should the network technician perform NEXT when troubleshooting to resolve the issue?

Test a theory to determine the cause
Escalate to a senior technician
Identify the symptoms
Establish a thoery of probable care

Answer

A

If the technician has already discovered the issue, the symptoms have already been identified. Testing the theory comes after you have established a theory, which can only come once the issue has been discovered. Establishing a theory of probable cause allows you to continue with the next steps in troubleshooting the issue.

Question 30

Q

You have just finished installing a small network consisting of a router, a firewall, and a single computer. What type of physical network topology have you created in this scenario?

Ring
Bus
Mesh
Star

Answer

A

As described, this network would resemble a physical bus network topology because the firewall connects directly to the router, and the router connects directly to the computer. This would form a single line (or bus) from one device to the next.

Question 31

Q

Janet is a system administrator who is troubleshooting an issue with a DNS server. She notices that the security logs have filled up and that they need to be cleared from the event viewer. She recalls this being a daily occurrence. Which of the following would BEST resolve this issue?

Increase the maximum log size
Log into the DNS server every hour to check if the logs are full
Install an event management tool
Delete the logs when full

Answer

A

Using an event management tool will allow the administrator to clear the event logs and move them from the server to a centralized database, if needed.

Question 32

Q

The Security Operations Center is trying to determine if there are any network anomalies currently being observed. To assist them, you gather information about the current performance of the network. Which of the following should you also gather to compare the current information against?

Logs
PCAP
NETFLOW
Baseline

Answer

A

While all of the network artifacts, such as Logs, PCAP, and NETFLOW data are useful, the general terms for the historical network performance data is a baseline. A baseline may be created from these other types of data, but based on the question, the BEST and most correct answer is a baseline.

Question 33

Q

The RAID controller on a server failed and was replaced with a different brand. What will be needed after the server has been rebuilt and joined to the domain?

Vendor documentation
Recent backups
Physical IP address
Physical network diagram

Answer

A

If the RAID controller fails and is replaced with a RAID controller with a different brand, the RAID will break. We would have to rebuild a new RAID disk and access and restore the most recent backup to the new RAID disk.

Question 34

Q

An administrator has a virtualization environment that includes a vSAN and iSCSI switching. Which of the following actions could the administrator take to improve the performance of data transfers over iSCSI switches?

The administrator should configure the switch ports to auto-negotiate the proper Ethernet settings
The admin should configure each vSAN participant to have its own VLAN
The admin should connect the iSCSI switches to each other over inter-switch links (ISL)
The admin should set the MTU to 9000 on each of the participants in the vSAN

Answer

A

When using an iSCSI SAN (with iSCSI switching), we can improve network performance by enabling ‘jumbo frames’. A jumbo frame is a frame with an MTU of more than 1500. By setting the MTU to 9000, there will be fewer but larger frames going over the network. Enabling jumbo frames can improve network performance by making data transmissions more efficient.

Question 35

Q

A company has a secondary datacenter in a remote location. The cable management and power management are handled by the data center staff, while the building’s security is also handled by the datacenter staff with little oversight from the company. Which of the following should the technician do to follow the best practices?

Secure the patch panels
Ensure power monitoring is enabled
Ensure rack security
Secure the UPS units

Answer

A

By ensuring rack security such as locks, RFID card locks, and swing handles, the technician adds an extra layer of security to the servers which is a best practice.

Question 36

Q

Which of the following connector types is used to terminate DS3 connections in a telecommunications facility?

66 block
BNC
F-connector
RJ-11

Answer

A

Bayonet Neill-Concelman Connector (BNC connector) is a type of coaxial RF (Radio frequency) electrical connector that is used in place of coaxial connectors. A DS3 (Digital Signal 3) is also known as a T3 line with a maximum bandwidth of 44.736 Mbit/s. DS3 uses 75 ohm coaxial cable and BNC connectors.

Question 37

Q

Dion Training is trying to connect two geographically dispersed offices using a VPN connection. You have been asked to configure their networks to allow VPN traffic into the network. Which device should you configure FIRST?

Switch
Modem
Firewall
Router

Answer

A

You should FIRST configure the firewall, since the firewall is installed at the external boundary (perimeter) of the network. By allowing the VPN connection through the firewall, the two networks can be connected together and function as a single intranet (internal network).

Question 38

Q

Dion Training has created a guest wireless network for students to use during class. This guest network is separated from the corporate network for security. Which of the following should be implemented to require the least amount of configuration for a student to be able to access the Internet over the guest network?

Enable SSID broadcast for the guest wireless network
Enable two-factor authentication on the students device
Configure the access point to 802.1x for authentification
Configure WEP with a pre-shared key

Answer

A

Since security was not listed as a requirement for the guest wireless network, it would be easiest to not setup any encryption, passwords, or authentication mechanisms on the network. Instead, you should simply enable the SSID broadcast for the guest network so students can easily find and connect to it.

Question 39

Q

What would provide the highest level of physical security for the client if they are concerned with theft of equipment from the datacenter?

Cipher lock
Proximity reader
Magnetic key swipe
Man Trap

Answer

A

A man trap will ensure that only a single authorized person can get in or out of the building at one time. It provides the highest level of physical security among the choices given.

Question 40

Q

The administrator’s network has OSPF for the internal routing protocol. One port going out to the Internet is congested. The data is going out to the Internet, but queues up before sending. What would resolve this issue? Output: Fast Ethernet 0 is up, line protocol is up Int ip address is 10.20.130.5/25 MTU 1500 bytes, BW 10000 kbit, DLY 100 usec Reliability 255/255, Tx load 1/255, Rx load 1/255 Encapsulation ospf, loopback not set Keep alive 10 Half duplex, 100Mb/s, 100 Base Tx/Fx Received 1052993 broadcasts 0 input errors 983881 packets output, 768588 bytes 0 output errors, 0 collisions, 0 resets

Set the loopbak address
Change the IP address
Change the slash notation
Change the duplex to full

Answer

A

From the output, we see that the half-duplex is configured. This would not use the full capacity of ports on the network. By changing to full duplex, the throughput would be doubled.

Question 41

Q

Your company wants to develop a voice solution to provide 23 simultaneous connections using VoIP. Which of the following technologies could BEST provide this capability?

DOCSIS
T1
DSL
POTS

Answer

A

A T1 can transmit 24 telephone calls at a time because it uses a digital carrier signal (DS-1). DS-1 is a communications protocol for multiplexing the bit streams of up to 24 telephone calls simultaneously. The T1’s maximum data transmission rate is 1.544 mbps. DOCSIS is the standard for a cable modem. DSL is a Digital Subscriber Line which has variable speeds from 256 kbps and up. POTS is the Plain Old Telephone System, and provides only a single phone connection at a time. Out of these options, the T1 is the BEST to ensure you can reliably provide 23 simultaneous phone connections.

Question 42

Q

A network technician needs to install a server to authenticate remote users before they have access to corporate network resources when working from home. Which kind of server should the network technician implement?

DNSSEC
PPP
RAS
VLAN

Answer

A

A remote access server is a type of server that provides a suite of services to remotely connect users to a network or the Internet. Usually this will be a RDP or VNC server.

Question 43

Q

Your company is using a T1 connection for its connectivity to the internet. When you arrived at work this morning, you found that your internet connection was not working properly. You began troubleshooting and verified that the network’s router is properly configured, the cable is connected properly between the router and the T1’s CSU/DSU, but the T1 remains down. You call your ISP and they have requested that you test the interface on the CSU/DSU to ensure it hasn’t failed. Which tool should you utilize to perform this test?

Cable tester
Tone generator
Light meter
Loopback adapter

Answer

A

If you have a T1 for internet service, it is highly recommended that you have a T1 loopback adapter or plug for testing purposes if the line ever has trouble on it. By inserting the loopback adapter into the CSU/DSU, this will allow the ISP to remotely diagnosis if the connection between their central office and your demarcation point is working properly.

Question 44

Q

An administrator would like to test out an open-source based phone system prior to making an investment in hardware and phones. Which of the following should the administrator do to BEST test the software?

Create virtual IP phones that ultilizes the STP protocol in your lab
Deploy an open-source VDI solution to create a testing lab
Deploy new SIP appliances and connect them to open source phone
Create a virtual PBX and connect it to SIP phone applications

Answer

A

To test out the system prior to purchasing it, he should connect to a virtual PBX with a SIP phone application and ensure it meets his need. Deploying new SIP appliances would be costly, therefore a bad choice. Deploying a VDI is a virtual desktop infrastructure solution, which doesn’t have anything to do with phones. Creating virtual IP phones in a lab may work but isn’t going to give him an accurate representation of the actual usage of the system.

Question 45

Q

Which of the following would be the BEST addition to a business continuity plan to protect the business from a catastrophic disaster such as a fire, tornado, or earthquake?

UPS and battery backups
Fire suppression systems
Building generator
Hot sites or cold sites

Answer

A

Although all answers are adequate suggestions to aid in business continuity, the addition of a hot or cold site is the BEST option. A hot or cold site is a commercial service that provides all equipment and facilities to allow a computer or networking company to continue operations in the event of a catastrophic event. In the case that the building has been destroyed, the hot/cold site is the only option that will allow the business to continue their operations effectively.

Question 46

Q

A technician has punched down only the middle two pins (pins 4 and 5) on an Ethernet patch panel. Which of the following has the technician cabled this port to be used with?

10baseT
POTS
568B
568A

Answer

A

POTS is short for plain old telephone service. The technician was making a cable for a telephone to use, since it only requires two pins (send and receive).

Question 47

Q

Your company has just hired a contractor to attempt to exploit a weakness in your network to identify all their vulnerabilities. This person has been giving permission to perform these actions and will only conduct their actions within the scope of work of their contract. Which of the following will be conducted by the contractor?

Vulnerability scanning
hacktivism
Social engineering
Penetration testing

Answer

A

Penetration testing is the practice of testing a computer system, network, or web application to find security vulnerabilities that an attacker could exploit. Penetration testers only do this with permission of the organization who owns the system, network, or web application, and within the bounds of their scope of work. In vulnerability scanning, the person will not attempt to exploit a weakness. Social engineering may be used as part of a penetration test, but it does not adequately describe the scenario provided. Hacktivism is when someone is hacking an organization without permission based on their own set of morals and values.

Question 48

Q

You are troubleshooting a wireless network. A user has complained that their iPad cannot connect to the wireless network from their desk in the corner of the office building. The user has no issues connecting to the wireless network with the tablet when they are located in the break room area at the center of the building. You measured the distance from their office to the 802.11 AC wireless access point, and it is about 170 feet. What is MOST likely the cause of the tablet not connecting to the WAP?

Refraction
Reflection
Distance
Absorption

Answer

A

A general rule of thumb in home networking says that Wifi routers operating on the traditional 2.4 GHz and 5.0 GHz bands can reach up to about 150 feet (46 m) indoors and 300 feet (92 m) outdoors. Since the distance is listed as 170 feet, the issue is likely caused by the user’s office being too far from the WAP.

Question 49

Q

A network technician is tasked with designing a firewall to improve security for an existing FTP server that is on the company network and is accessible from the Internet. Security personnel are concerned that the FTP server is compromised and is possibly being used as a platform to attack other company servers. What is the BEST way to mitigate this risk?

Add outband ACL to the firewall
Change the FTP server to a more secure SFTP
Use the implicit deny of the firewall
Move the server to the company’s DMZ

Answer

A

The DMZ is the subnetwork of a network that hosts public-facing servers and has additional security added to it.

Question 50

Q

An administrator notices an unused cable behind a cabinet that is terminated with a DB-9 connector. What protocol was MOST likely used on this cable?

RS-232
802.3
ATM
Token Ring

Answer

A

RS-232 is a standard for serial communication transmission of data. It formally defines the signals connecting between a DTE (data terminal equipment) such as a computer terminal, and a DCE (data circuit-terminating equipment or data communication equipment).

Question 51

Q

Which type of equipment should be used for telecommunications equipment and have an open design?

2/4 post racks
Rail racks
Vertical frame
Ladder racks

Answer

A

The 2/4 post racks are open framed which are most common with telecommunication equipment.

Question 52

Q

An outside technician notices that a SOHO employee who is logged into the company VPN has an unexpected source IP address. What is the employee MOST likely using?

Proxy server
Least-cost routing
IPv6
VPN concentrator

Answer

A

Proxy servers are just different computers that serve as a hub where Internet requests are processed. When you are connected to a proxy, your computer sends request to that server and then returns your answers to the proxy server before forwarding the data to the requesting computer.

Question 53

Q

You are configuring a new machine with a hypervisor and several operating systems hosted within it that will be used for developing some new applications. You want to ensure that the various virtual machines hosted by the hypervisor can communicate with each other over a network, but you don’t want their network traffic to leave the hypervisor itself. What is the BEST solution to meet these requirements?

Install and configure a virtual switch
Install and configure individual routes between the virtual machines
Configure each virtual machine to use a route to a default gateway
Connect each machine to an individual switch

Answer

A

A virtual switch is a software program that allows one virtual machine (VM) to communicate with another. This is usually created within the hypervisor’s software.

Question 54

Q

A NAC service has discovered a virus on a client laptop. What location should the NAC service put the laptop?

On a DMZ network
On the sandbox network
On the honeypot
On the quarantine network

Answer

A

Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication, and network security enforcement. When NAC detects an issue with a client, it places them in a quarantine network.

Question 55

Q

An additional network segment is urgently needed for QA testing on the external network. A software release could be impacted if this change is not immediate. The request come directly from management, and there is no time to go through the emergency change management process. Which of the following should the technician do?

Wait until maintenance window and make the requested change
First document the potential impacts and procedures related to the change
Send out a notification to the company about the change
Make the change, document the requester, and document all network changes

Answer

A

While this is a difficult situation, the best answer is to make the change, document the requester, and document all the network changes. Since the request came directly from management, if they have sufficient authority to authorize the change, it can be performed outside of the emergency change control process. This should be a RARE occurrence.

Question 56

Q

The network administrator is troubleshooting a switch port for a file server with dual NICs. The file server needs to be configured for redundancy and the dual NICs needs to be combined for maximum throughput. What feature on the switch should the network administrator ensure is enabled for best results?

BPDU
LACP
Spanning tree
Load balancing

Answer

A

LACP is a protocol used to control the combining of ports. Link Aggregation groups combine numerous physical ports to make one high bandwidth path. This method can increase bandwidth and therefore, throughput. It can also provide network redundancy and load balancing.

Question 57

Q

Jason wants to use his personal cell phone for work-related purposes. Because of his position in the company, Jason has access to sensitive company data which might be stored on his cell phone during its usage. The company is concerned about this but believes with the proper security controls in place it might be acceptable. Which of the following should be done to protect both the company and Jason if they allow him to use his personal cell phone for work-related purposes?

Establish a consent to monitoring policy so that the company can audit Jason’s cell phone usage
Establish a AUP that allows a personal phone to be used for work-related purposes
Conduct real-time monitoring of the phone’s activity and usage
Establish an NDA that states Jason cannot share the confidential data with others

Answer

A

While all four are good options, the BEST solution is to conduct real-time monitoring of the phone’s activity since it is a technical control that could identify an issue quickly. The other options are all administrative controls (policies), which are useful, but would not actually identify if the sensitive data was leaked from Jason’s phone.

Question 58

Q

A company has added a lot of new users to the network that is causing an increase in network traffic by 200%. Original projection by the engineers was that the new users would only add 20-30% more network traffic, not 200%. The network administrator suspects that a compromise of the network may have occurred. What should the network administrator have done previously to prevent this network breach?

Create VLANs to segment the network traffic.
Place a network sniffer on segments with new employees.
Provide end user awareness and training for employees.
Ensure best practices were implemented when creating new user accounts.

Answer

A

With new employees entering a company, often they are not fully aware of the company’s Internet usage policy and safe Internet practices. Providing end user awareness and training for new employees help reduce the company’s vulnerability to malicious entities on the Internet.

Question 59

Q

A system administrator wants to verify that external IP addresses are unable to collect software versioning from servers on the network. Which of the following should the system administrator do to confirm the network is protected?

Analyze packet captures.
Utilize netstat to locate active connections.
Use nmap to query known ports.
Review the ID3 logs on the network.

Answer

A

Captured packets show you the information that was travelling through certain files, etc. Packet sniffers detail the information they’ve received, so working through those would show if the external network shows or details software versions.

Question 60

Q

You work for a fast food restaurant which is installing a new electronic sign board to display their menu items to customers. The signboard is connected to the network and it came preconfigured with a public IP address so that the central office can connect to it remotely to update the menu items and prices being displayed. This new signboard was installed by one of the other employees who simply unboxed the new device, hung it on the wall, and plugged it into the network. When you arrive at work the next day, you see that the menu items have all been changed to include vulgar names and prices like $6.66. It appears the signboard has been hacked and is being used for digital vandalism. What is the MOST likely reason the attackers were able to access the signboard?

The signboard’s self-signed digital cert had expired.
Unnecessary services were not disabled on the signboard during installation.
The signboard default ports were left open
The signboard’s default credentials were never changed during installation.

Answer

A

Since the signboard was installed with all the defaults still in place (since the employee who installed it simply removed it from the box, hung it on the wall, and plugged it in), it is most likely that the electronic signboard default credentials were never changed. While the other options may cause an issue, the unchanged default username and passwords are the biggest threat and most likely cause of the hack/vandalism act.

Question 61

Q

Sally in the web development group has asked for your assistance in troubleshooting her latest website. When she attempts to connect to the web server as a user, her web browser issues a standard HTTP request, but continually receives a timeout response in return. You decided that to best troubleshoot the issue, you should capture the entire TCP handshake between her workstation and the web server. Which of the following tools would BEST allow you to capture and then analyze the TCP handshake?

Protocol analyzer
Packet sniffer
Spectrum analyzer
Tone generator

Answer

A

A protocol analyzer or packet analyzer (like Wireshark) has the capability to capture the handshake and display it for analysis. A packet sniffer, though, will only capture the handshake. Neither a spectrum analyzer or a tone generator would be helpful in this situation.

Question 62

Q

The network administrator noticed that the border router is having high network capacity loading during non-working hours. This load is causing web services outages. Which of the following is the MOST likely cause of the issue?

Evil twin
Session hijacking
Distributed DoS
ARP cache poisoning

Answer

A

Distributed Denial of Service (DDoS) is when a computer or multiple computers are compromised due to a network breach or virus attack. This kind of attack can impact the network and cause outages or slowness, if your workstation is affected and acting as part of a botnet.

Question 63

Q

A company is implementing enhanced user authentication for system administrators accessing the company’s confidential servers. They intend to use two-factor authentication to accomplish this. Which of these BEST represents two-factor authentication?

ID badge and keys
Password and key fob
Fingerprint scanner and retina scan
Username and password

Answer

A

Two–factor authentication requires 2 out of 3 of the following: something you know, something you have, something you are. The only correct answer therefore is Password (something you know) and key fob (something you have).

Question 64

Q

Which of the following provides accounting, authorization, and authentication via a centralized privileged database, as well as challenge/response and password encryption?

Multi-factor authentication
ISAKMP
TACAS+
Network access control

Answer

A

TACACS+ is a AAA (accounting, authorization, and authentication) protocol to provide AAA services for access to routers, network access points, and other networking devices.

Answer 65

A

Based on the results, the hard drive (disk queue) is causing the bottle neck. Since the average processor is not over 50%, the pages/second (memory) is not heavily burdened, nor do we have any information on the NIC.

Answer 66

A

Since there is a security issue with the current web browser, it most likely needs to be updated with a vulnerability patch from the manufacturer. A vulnerability patch is a piece of software that fixes security issues.

Answer 67

A

Unified Communications (UC) enables people using different modes of communication, different media, and different devices to communicate with anyone, anywhere, at any time. To accomplish this, a UC gateway is needed.

Answer 68

A

Establishing the probable cause is the second step in the troubleshooting process, which allows the technician to list reasons from top to bottom, beginning with the simplest and most obvious issues to the most complex.

Answer 69

A

During an update of a production router, the router would not be able to route packages and the network traffic would be affected. It would be necessary to announce a maintenance window. A maintenance window is a period of time designated in advance by the technical staff, during which preventive maintenance that could cause disruption of service may be performed.

Answer 70

A

AUP stands for acceptable use policy. If you’re agreeing to what you can and can’t view, you’re agreeing to the policy. MOU is memo of understanding which typically contains an agreement on certain actions. SLA is service-level agreement which is usually made between two companies to state what level of service is expected if machines go down, etc., and when they can expect to be back up and running.

Brainscape's Knowledge GenomeTM

Practice test 3 Flashcards

Brainscape's Knowledge Genome^TM