Practice test 5

Question 1

What type of cable would you use to connect a router to a switch?

Crossover

RG-6

Rollover

RS-232

Straight-through

Answer 1

Explanation
When connecting switches to routers, you can just use a straight-through cable because switches are DCE and routers are DTE devices. When you connect a (switch/hub) to a (switch/hub), you need a crossover. If you connect a (switch/hub) to a (router/computer), you need a straight through. If you connect a (router/computer) to (router/computer), then you need a crossover. If this was a real question on the exam, you would have the words provided in a list, and you would drag them below the appropriate drawing.

Question 2

During what period should all scheduled work on production network equipment be conducted?

Maintenance window

Development life cycle

Down time

Business hours

Answer 2

Explanation
By using a Maintenance Window, all downtime is limited and the organization can prepare in advance for the scheduled work to be carried out.

Question 3

You want to ensure that only one person can enter or leave the server room at a time. Which of the following physical security devices would BEST help you meet this requirement?

Cipher lock

Thumbprint reader

Video monitoring

Mantrap

Answer 3

Explanation
A mantrap allows you to enter one door and wait for it to close before entering another door. Video monitoring is a passive security feature, so it won’t prevent two people from entering at once. The thumbprint reader or cipher lock will ensure that only an authorized user can open the door, but it won’t prevent someone from piggybacking and entering with them.

Question 4

The network technician has received a large number of complaints from users that there is poor network performance. The network technician suspects a user may have created a malicious flood on the network with a large number of ping requests. What should the technician do?

Block all ICMP request

Update all antivirus software

Remove all suspected users from the network

Upgrade firmware on all network cards

Answer 4

Explanation
Ping requests use the Internet Control Message Protocol to send operational information about a host or router. Blocking all ICMP requests would eliminate the ping request flood, although it may become harder to diagnose network issues in the future as ICMP is used heavily in network troubleshooting.

Question 5

A network technician is responsible for the basic security of the network. Management has asked if there is a way to improve the level of access users have to the company file server. Right now, any employee can upload and download files with basic system authentication (username and password). What should he configure to increase security?

Kerberos authentication

MDS authentication

Multi-factor authentication

Single sign-on authentication

Answer 5

Explanation
This security approach provides a defense layer that makes it difficult for an unauthorized user to break into a system. It provides multiple factors that a user must know in order to obtain access. For instance, if one factor is successfully broken, there will be few others that the individual attempting to enter the system must overcome.

Question 6

John is investigating a performance issue on a server and has begun by gathering the server’s utilization statistics. John notices that the statistics are outside of the normal acceptable ranges. What should John do next?

Archive the logs

Conduct a vulnerability scan

Conduct a baseline review

Conduct a port scan

Answer 6

Explanation
John should conduct a baseline review to compare the statistics he collected against the previous baseline. He can then use this information to further investigate the cause of the drop in the server’s performance.

Question 7

After a recent breach, the security technician decides the company needs to analyze and aggregate its security logs. Which system should be used?

Event log

Syslog

SIEM

SNMP

Answer 7

Explanation
Using a Security information and event management (SIEM) product, the security logs can be analyzed and aggregated. SIEM is a term for software products and services combining security information management (SIM) and security event management (SEM).

Question 8

Your company has installed a guest wireless network in the break room. According to company policy, employees may only connect to the network and use it while on their lunch break. Which of the following policies should you have each employee sign to show they understand and accept the conditions of use for this guest network?

MOU

AUP

SLA

NDA

Answer 8

Explanation
An acceptable use policy (AUP), acceptable usage policy or fair use policy, is a set of rules applied by the owner, creator or administrator of a network, website, or service, that restrict the ways in which the network, website or system may be used and sets guidelines as to how it should be used. In this scenario, this is the most appropriate policy to utilize.

Question 9

You need to connect to a Linux server to conduct some maintenance. The server is located in a remote office about 50 miles from your own. You decide to connect the server remotely instead of driving to the location to save some time, but you want to ensure you do this securely. The Linux server has VNC installed, but it isn’t configured to provide an encrypted connection. Which of the following should you use to secure the VNC connection to the remote server?

HTTPS

SSH in tunnel mode

RDP

WPA2

Answer 9

Explanation
Since you want to use the existing VNC server to make the connection and it is unencrypted, you should tunnel the VNC protocol through a secure SSH connection to encrypt it. While an SSH client connects to a Secure Shell server, which allows you to run terminal commands as if you were sitting in front of another computer, it can also allow you to “tunnel” any port or protocol between your local system and a remote SSH server through its own encryption process. This allows you to add a layer of encryption and security to an unsecured protocol or application.

Question 10

A project lead is reviewing the statement of work for an upcoming project that is focused on identifying potential weaknesses in the organization’s internal and external network infrastructure. As part of the project, a team of external contractors will attempt to employ various attacks against the organization. The statement of work specifically addresses the utilization of an automated tool to probe network resources in an attempt to develop logical diagrams indicating weaknesses in the infrastructure. The scope of activity as described in the statement of work is an example of:

Session hijacking

Vulnerability scanning

Social engineering

Penetration testing

Answer 10

Explanation
Penetration testing is the act of using a computer system, an individual network, or another application to find vulnerabilities that an attacker could use to compromise your systems. Penetration testing can also find endpoints with vulnerabilities which makes the attack surface greater.

Question 11

You just arrived at school today, pulled your laptop out of your backpack, and tried to connect your laptop to the Wi-Fi network. It worked fine yesterday, but today it won’t connect automatically or display any available networks. You haven’t done anything to the laptop since you left class yesterday. You ask your classmates if they are able to connect to the Wifi and every one of them is connected without any issues. What should you check FIRST in your attempt to connect your laptop to the Wifi?

Wireless controller configuration

IP address issued by the DHCP server

Wireless switch on your laptop

The configuration of the WAP

Answer 11

Explanation
Since everyone else’s laptops are connected without any issues, the problem is not with the network but with your laptop in some form. This rules out the wireless controller configuration or WAP settings since those are both things that would affect all users on the network. Since you are not connected or finding any networks, you won’t have a DHCP address assigned. The most likely cause of your issue is that the wireless switch on your laptop was accidentally switched to the off position when you put your laptop in your backpack. (Note: Not all laptops have a wireless switch, but from the options provided, this is the most logical answer. If you have a MacBook, for example, they do not use a physical wireless switch.)

Question 12

Dion Training is considering moving its headquarters and data center to Florida, but they are worried about hurricanes disrupting their business operations. To mitigate this risk, Dion Training has signed a contract with a vendor located in a different state to provide hardware, software, and the procedures necessary for the company to recover quickly in the case of a catastrophic event, like a hurricane causing a power loss for up to 10 days. Jason, as the owner, is a little concerned that this contract isn’t sufficient to mitigate enough of the risk since it only provides a solution for the first 10 days. Jason wonders, “what will we do if a major outage occurs and our offices are not able to be used for 6-12 months?” Jason has hired you on to help develop Dion Training’s long-term strategy for recovering from such an event. What type of plan should you create?

Incident response plan

Disaster recovery plan

Business continuity plan

Risk management plan

Answer 12

Explanation
A business continuity plan (BCP) is a plan to help ensure that business processes can continue during a time of emergency or disaster. Such emergencies or disasters might include a fire or any other case where business is not able to occur under normal conditions. A disaster recovery plan is useful (and usually a piece of the large business continuity plan), but it is insufficient for the long-term strategy which is needed to support business operations during an extended outage.

Question 13

A technician is attempting to resolve an issue with users on the network not being able to access websites. The technician pings the default gateway and DNS servers successfully. Pinging a website by URL is unsuccessful but using a known IP address is successful. What would resolve the issue?

Update the HOST file with the URLs for all websites

Use NSLOOKUP to resolve URLs

Ensure ICMP messages can pass through the firewall

Enable port 53 on the firewall

Answer 13

Explanation

Port 53 is used by DNS. The DNS Server is used to translate FQDN to IP addresses.

Question 14

A network technician responds to a customer reporting that a workstation continually loses the connection to the network. The user explains that it occurs randomly and it happens several times throughout the day. Which step of the troubleshooting method should the technician perform first?

Test the theory

Establish a plan of action

Gather information

Question the obvious

Answer 14

Explanation
In order to have a good understanding and a clear idea on what the issue could be, the technician should gather information as the first step.

Question 15

The Chief Security Officer is concerned with the possible theft of corporate data from the network. He wants to ensure that any sensitive data cannot be exfiltrated from the network. Which of the following should be implemented to BEST mitigate this threat?

AUP

DLP
(Correct)

NDA

MOU

Answer 15

Explanation
Data loss prevention (DLP) systems are used to ensure that end users do not send sensitive or critical information outside the corporate network. These DLP products help a network administrator control what data end users can transfer. While an Acceptable Use Policy (AUP), Non Disclosure Agreement (NDA), or MOU (Memorandum of Understanding) might provide some administrative controls to help mitigate the threat of data loss or theft, a DLP is the BEST solution as it provides a technical way to enforce your policies.

Question 16

A network administrator recently set up a network computer lab and discovered some connectivity issues. The administrator is able to ping the fiber uplink interface, but none of the new PCs plugged into the switch respond to ICMP requests. What should the technician do next?

Check if there are link lights on the ports

Check the ports on the switch for full duplex

Check to see if port security is enabled

Check to see if the uplink interface is configured correctly

Answer 16

Explanation
By checking the link lights on the ports, the administrator can verify if there is any activity on the network, if the ports are enabled, and if the Layer 1 components are working correctly.

Question 17

Which of the following cloud infrastructures includes on-premise servers utilizing a centralized syslog server that is hosted at a third-party organization in order to review the logs?

Hybrid

Public

Community

Private

Answer 17

Explanation
On-premise servers is an aspect of the private cloud, whereas syslog hosted on a third-party server is an aspect of the public cloud. Since a hybrid cloud consists of any type of cloud computing sharing multiple aspects of different cloud infrastructure designs, hybrid is the correct answer.

Question 18

You have been asked to configure a router. Which of the following protocols should you enable to allow the router to determine the path to another network?

BGP

RTP

NTP

STP

Answer 18

Explanation
BGP (Border Gateway Protocol) is a protocol that operates at layer 3 of the OSI model. Since the question asks about a router, you need to identify a routing protocol since this would enable the router to determine the path to another network using IP (layer 3) information. The other protocols listed are not routing protocols: RTP (Real-time Transport Protocol), NTP (Network Time Protocol), and STP (Spanning Tree Protocol).

Question 19

Which of the following ports should be allowed to provide access to certain VoIP applications?

110

139

1720

5060

Answer 19

Explanation

5060 is used by SIP, which VOIP relies upon.

Question 20

IPv4 addresses are written using Base 10 numbers while IPv6 addresses are written in Base 16 numbers. What type of notation does Base16 utilize?

Octet

Binary

Hexadecimal

Decimal

Answer 20

Explanation
Hexadecimal (or Hex for short) is the system of numbering that uses Base16. This includes the numbers 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F.

Question 21

A switch technician is being tasked to centrally manage the switches and to segment the switches by broadcast domains. The corporate network is currently using VLAN 1 for all of its devices and is using a single private IP address range with a 24-bit mask. The supervisor wants VLAN 100 to be the management subnet and all switches to share the VLAN information. What option would be best to use?

Use VLSM on the IP address range, with STP and 802.1q on the inter switch connections with native VLAN 100

Use VLSM on the IP address range with VTP and 802.1x on all inter switch connections with native VLAN 100

Use VLSM on VLAN1, with VTP and 802.1w on the inter switch connections with native VLAN 100

Use VLSM on the IP address range with VTP and 802.1q on the inter switch connections with native VLAN 100

Answer 21

Explanation
802.1q is the networking standard that supports VLANs and VLAN tagging. VTP is the VLAN Trunk Protocol and carries all VLAN information to all switches in a VTP domain.

Question 22

An administrator has a physical server with a single NIC. The administrator intends to deploy two virtual machines onto a single physical server. Each virtual machine needs two NICs, one that connects to the network, and a second that is a server to server heartbeat connection between the two virtual machines. After deploying the virtual machines, which of the following should the administrator do to meet the requirements?

The administrator should create a virtual switch for each guest; each switch should be configured for inter-switch links and the primary NIC should have a NAT to the corporate network

The administrator should create a virtual switch that is bridged to the corporate network, and a second virtual switch that carries intra-VM communication only

The administrator should create a virtual switch to bridge all of the connections to the network; the virtual heartbeat NICs should be set to addresses in an unused range

The administrator should install a second physical NIC onto the host, and then connect each guest machine’s NICs to a dedicated physical NIC

Answer 22

Explanation
By bridging all of the connections to the network, it allows for faster communication between the virtual machines (hosts). The heartbeat is set on unused address range in order to ensure there is no chance of data collision or loss of signal.

Question 23

A network engineer has been tasked with designing a network for a new branch office with approximately 50 network devices. This branch office will connect to the other offices via a MAN. Many of the other branch offices use off-the-shelf SOHO equipment. It is a requirement that the routing protocol chosen use the least amount of overhead. Additionally, all the computers on the network will be part of a single VLAN. The connection between these computers should produce the highest throughput possible in the most cost effective manner. What devices would be MOST appropriate?

A router should be used as a gateway device, with RIPv2 as the routing protocol. The computers should be connected to one another with a Gigabit Layer 2 switch.
(Correct)

A UTM should be used as a gateway device, with BGP as the routing protocol. The computers should be connected to one another using 1Gb Fibre Channel.

A router should be used as a gateway device, with EIGRP as the routing protocol. The computers should be connected to one another using a single 802.11N MIMO access point.

A router should be used as a gateway device, with OSPF as the routing protocol. The computers should be connected to one another using a Gigabit Layer 3 switch.

Answer 23

Explanation
A Gigabit Layer 2 switch is the cheapest switching solution offering 1Gbps network connectivity between the computers. RIPv2 has a lower overhead as set forth in the requirements.

Question 24

A network administrator wants to increase the speed and fault tolerance of a connection between two network switches. To achieve this, which protocol should the administrator use?

LACP

LLDP

L2TP

LDAP

Answer 24

Explanation
The Link Aggregation Control Protocol (LACP) provides a method to control the bundling of several physical ports together to form a single logical channel. The Link Layer Discovery Protocol (LLDP) is a vendor-neutral link layer protocol used by network devices for advertising their identity, capabilities, and neighbors on an IEEE 802 local area network, principally wired Ethernet. The Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. The Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network.

Question 25

You are currently troubleshooting a network connection error. When you ping the default gateway, you receive no reply. You checked the default gateway and it is functioning properly, but the gateway cannot connect to any of the workstations on the network. At which layer of the OSI model do you believe the issue is occurring?

Presentation

Transport

Session

Physical

Answer 25

Explanation
Ping requests occur at layer 3 (Network layer). Therefore, the problem could exist in layer 1 (physical), layer 2 (data link), or layer 3 (network). Since Physical (layer 1) is the only choice from layers 1-3 given, it must be the correct answer. Also, since the gateway cannot reach any of the other devices on the network, it is most likely a cable (physical) issue between the gateway and the network switch.

Question 26

You are working for a brand new startup company who recently moved into an old office building because the CEO liked the “charm” of the place. You have been tasked with converting a small janitorial closet into an IDF to support the new office network. You measure the closet and determine that you can install a two-post rack inside of it, and all your necessary networking equipment will fit in the two-post rack. You test the power outlet that was installed in the closet, and it is sufficient for your needs. What is the NEXT thing you should be concerned with to ensure this closet can be used as your IDF?

Is there redundant power available?

Can I install a UPS in this closet?

Is there adequate air flow and cooling in the closet?

How will I label the cables during installation?

Answer 26

Explanation
Since you are converting an old closet into an IDF, you need to ensure you have 3 main things first: Power, Space, and Cooling. You already verified there was adequate power and space, so now you need to determine if there is adequate air flow and cooling to prevent the equipment from overheating. After that, you can then move into determining how to supply backup power (UPS or redundancy).

Question 27

You have been asked to create an allow statement on the firewall’s ACL to allow NTP traffic to pass into the network. Which port should be included?

69

123

143

636

Answer 27

Explanation

The correct port for NTP is 123. Port 69 is used for TFTP. Port 143 is used for IMAP. Port 636 is used for LDAPS.

Question 28

The administrator modifies a rule on the firewall and now all the FTP users cannot access the server any longer. The manager calls the administrator and asks what caused the extreme downtime for the server. In regards to the manager’s inquiry, what did the administrator forget to do first?

Submit a change request

Schedule a maintenance window

Provide notification of change to users

Document the changes

Answer 28

Explanation

A change request should be submitted through the change management process prior to any changes being made.

Question 29

You have just replaced a faulty Ethernet cable in a patch panel. Within a few minutes, you find out that users are experiencing slow or no Internet connectivity all over the building. A broadcast storm has begun to occur. After removing the replacement cable, which of the following should you do NEXT?

Replace the cable during the next maintenance window

Review labeling and logical network diagram documentation

Attempt to isolate the storm to the domain by rebooting the switch

Remove and replace all of the other Ethernet cables on the switch to isolate the issue

Answer 29

Explanation
You most likely have plugged the new cable into the wrong port on the patch panel. By reviewing the documentation and labeling, you might be able to see the domain architecture, the strength of user connections, and the relationships in those connections, thereby making it easy to reassign the patch cables corrected. It is likely that something has been mislabeled, and the replacement of the patch cable was plugged into the wrong port and caused a loop.

Question 30

A network administrator wants to logically separate web servers on the network. Which of the following network device will need to be configured?

IPS

Switch

Hub

HIDS

Answer 30

Explanation

Logical separation of network devices is accomplished using VLANs, which is configured on the network switches.

Question 31

Your local city council is trying to revitalize the old downtown area. One council member believes that if they provided free wireless coverage throughout the entire old downtown area that it will attract more Generation Y and Millennials to the area because they love being constantly connected to the internet. Which type of network geography BEST describes this proposed large scale wireless network?

WAN

MAN

LAN

PAN
Explanation
A metropolitan area network (MAN) is a computer network that interconnects users with computer resources in a geographic area or region larger than that covered by even a large local area network (LAN) but smaller than the area covered by a wide area network (WAN). A MAN usually covers several blocks of a city or metropolitan area, but could be expanded to cover the entire city, as well.

Answer 31

Explanation
A metropolitan area network (MAN) is a computer network that interconnects users with computer resources in a geographic area or region larger than that covered by even a large local area network (LAN) but smaller than the area covered by a wide area network (WAN). A MAN usually covers several blocks of a city or metropolitan area, but could be expanded to cover the entire city, as well.

Question 32

A user is receiving certificate errors in other languages within their web browser when they try to access your company’s website. Which of the following is the MOST likely cause of this issue?

DoS

Reflective DNS

Man-in-the-middle

ARP poisoning

Answer 32

Explanation
A man-in-the-middle attack is a general term for when a perpetrator positions himself in a conversation between a user and an application, either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is occurring. For example, if your user and server are both in the United States (English language), but the attacker performing the MITM is from Russia, then the user may see a certificate error in Russian instead of English.

Question 33

Your company has been asked by a local charity that supports underprivileged youth if they would help to build an internet café for their students. Because the charity doesn’t have any funding for this project, your company has decided to donate their old workstations and networking equipment to create the network. All of the workstations, routers, and switches have been tested prior to installation. To save money, the company has decided to reuse some old network cable to connect the computers to the switches. When you arrive at the new internet cafe, you are told that everything is working except unlucky computer #13 can’t connect to the network. You attempt to plug the network cable into another computer, but then that computer also cannot connect to the network. Confused, you try connecting the cable directly between two computers, and now they can communicate directly between each other. What is wrong with this cable?

The cable is a Cat 3 cable and should be replaced with a CAT 5e cable

The cable is a rollover cable

The cable is a crossover cable but should be a straight through cable

The cable is a straight through cable but should be a crossover cable

Answer 33

Explanation
Since the cable only worked when connecting two computers directly together, it is a crossover cable. Crossover cables are used to connect two of the same types of devices (computer to computer, or router to router) by switching the transmit and receive pins in the cable’s jack. Since you are trying to connect a computer to a switch, you need to have a straight-through cable instead.

Question 34

The administrator would like to use the strongest encryption level possible using PSK without utilizing an additional authentication server. What encryption type should be implemented?

WPA2 Enterprise

WEP

MAC filtering

WPA personal

Answer 34

Explanation
Since he wishes to use a pre-shared key and not require an authentication server, the most secure choice is WPA personal. If WPA2 Personal was an option, it would be more secure, though. The reason WPA2 Enterprise is incorrect is because the requirement was for a PSK, whereas WPA2 Enterprise requires a RADIUS authentication server to be used.

Question 35

A network technician has received a report that workstations are unable to gain access to the network. During the troubleshooting process, the technician discovers that the switch connecting these workstations has failed. Which of the following is the QUICKEST option to configure a replacement switch?

Baseline

Image

Archive

Syslog

Answer 35

Explanation
The baseline is only to give you an idea on how it works before any changes are made. The archive won’t explain much and syslog is a windows feature. Process of elimination shows that an image would work best. To image a switch, you can make a backup of the configuration and deploy it to a new/different switch.

Question 36

You are trying to connect to another server on the network, but are unable to do so. You have determined that the other server is located on the 10.0.0.1/24 network but your workstation is located on the 192.168.1.1/24 network. Which of the following tools should you use to begin troubleshooting the connection between your workstation and the server?

ifconfig

traceroute

netstat

dig

Answer 36

Explanation
Tracert is a command-line utility that is used to trace the path of an IP packet as it moves from its source to its destination. While using ping will tell you if the remote website is reachable or not, it will not tell you where the connection is broken. Tracert, though, performs a series of ICMP echo requests to determine which device in the connection path is not responding appropriately. This will help to identify if the connectivity issue lies within your workstation and the server since the traffic must be routed between the two networks.

Question 37

A network technician has designed a network consisting of an external Internet connection, a DMZ, an internal private network, and an administrative network. From which network segment should all routers and switches be configured to accept SSH connections?

Internal network since it is private

Administrative network allowing only admin access

DMZ only allowing access from the segment with the servers

Internet connection to allow admin access from anywhere

Answer 37

Explanation
Since the admin network is hidden behind firewalls (surrounding the DMZ), SSH connections from the admin network are inherently secure and therefore should be allowed to communicate with the other three networks.

Question 38

A network technician has been asked to make the connections necessary to add video transported via fiber optics to the LAN within a building. There will be one fiber connector for the Tx port and another connector for the Rx port. Which of the following is the MOST common connector that will be used on the switch to connect the media converter?

FDDI

Fiber coupler

RJ-45

ST
Explanation
Straight Tip (ST) fiber connections are the most common ones used in fiber optic connections in LAN networking applications, therefore this is most likely the correct answer.

Answer 38

Explanation
Straight Tip (ST) fiber connections are the most common ones used in fiber optic connections in LAN networking applications, therefore this is most likely the correct answer.

Question 39

Which media type would employ the DOCSIS standard in a residential Internet installation?

Fiber

DSL

Cable
(Correct)

Cellular

Answer 39

Explanation
Cable uses DOCSIS (Data over Cable Service Interface Specifications). This allows high-speed data transfer over an existing cable TV system.

Question 40

A network technician at a warehouse must implement a solution that will allow a company to track shipments as they enter and leave the facility. The warehouse workers must be able to scan and concurrently upload large images of items to a centralized server. Which of the following technologies should they utilize to meet these requirements?

802.11ac

P2P

Bluetooth

IR

Answer 40

Explanation
802.11ac is a very fast high-speed Wi-Fi network capable of 1 Gbps speeds over a 5 Ghz spectrum – perfect for uploading large image files quickly. Additionally, the warehouse might want to also utilize RFID to allow for the accurate scanning of items using radio frequency tracking tags.

Question 41

Mallory is very unhappy at her job at a large beverage company. She decides to steal sensitive information about the company’s proprietary formula for a new energy drink. She installs a keylogger onto some of the product team’s workstations, which then emails out the information to her personal email account each evening so she can post the information to WikiLeaks. How would you best classify Mallory and her actions?

Social engineering

Insider threat

Logic bomb

DoS

Answer 41

Explanation
Mallory is considered an insider threat in this scenario. An insider threat is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization’s security practices, data, and computer systems. Regardless of her method of stealing the information, the key to this question resides in the fact that she is an employee of the company doing something malicious.

Question 42

When two or more links are needed to pass network traffic as if they were one physical link, which of the following technologies should be used to satisfy the requirement?

802. 11af
803. 1w

LACP
(Correct)

VTP

Answer 42

Explanation
The Link Aggregation Control Protocol (LACP) enables you to assign multiple physical links to a logical interface that will appear as a single link to a route processor.

Question 43

A network technician has downloaded the latest operating system of a particular vendor’s switch. This update includes new features and enhancements. What should the technician perform FIRST when updating the switch’s operating systems?

Backup the current configuration for each switch

Install during non-business hours to test the system

Test the O/S on one of the production switches

Power cycle the company’s border router

Answer 43

Explanation
A preventive method is always to backup the current configuration to the NVRAM (SW# copy run start) in case the newly-downloaded Operating System doesn’t work properly. This would allow the technician to restore the switch from the previous backup.

Question 44

A company has had several virus infections over the past few months. The infections were caused by vulnerabilities in the application versions that are being used. What should an administrator implement to prevent future outbreaks?

Host-based intrusion detection systems

Acceptable use policies

Incident response team

Patch management

Answer 44

Explanation
Since the viruses exploited known vulnerabilities, there should be patches available from the manufacturer/vendor. Based on this, proper patch management would prevent future outbreaks.

Question 45

A network technician must allow the use of HTTP traffic from the Internet over port 80 to an internal server running HTTP over port 81. Which of the following is this an example of?

Dynamic DNS

Virtual Private Networking (VPN)

Dynamic NAT

Port Forwarding

Answer 45

Explanation
Port forwarding is an application of network address translation (NAT) that redirects a communication request from one address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall.

Question 46

Dion Training wants to purchase an email marketing solution to better communicate with their students. A promising new startup has a new offering to provide access to their product from a central location rather than requiring Dion Training to internally host the product on their own network. Dion Training wants to ensure that their sensitive corporate information is not accessible by any of the startup’s other clients. Which type of cloud server should Dion Training look to purchase to meet these needs?

Public SaaS

Private SaaS

Hybrid IaaS

Community IaaS

Answer 46

Explanation
SaaS (Software as a Service) is a cloud model whereby a service provider provides a software service and makes the service available to customers over the Internet. Examples of Saas include Microsoft Office 365, Microsoft Exchange Online, and Google Docs. Because of the concerns with sensitive corporate information being processed by the SaaS, Dion Training should ensure a Private SaaS is chosen. A private cloud is a particular model of cloud computing that involves a distinct and secure cloud based environment in which only the specified client (Dion Training in this case) can operate.

Question 47

A network engineer is designing a wireless network that uses multiple access points for complete coverage. Which of the following channel selections would result in the LEAST amount of interference between each access point?

Adjacent access point should be assigned channels 1, 6, and 11 with a 20MHz channel width.

Adjacent access points should be assigned channels 2, 6, and 10 with a 20MHz channel width.

Adjacent access points should be assigned channels 7 and 11 with a 40MHz channel width.

Adjacent access points should be assigned channels 8 and 11 with a 40MHz channel width

Answer 47

Explanation
Because the overlapping signals are from access points that come from unrelated non-overlapping channels, the access points are least likely to interfere with each other. For Wireless B and G networks, you should always use channels 1, 6, and 11.

Question 48

You are installing a network for a new law firm in your area. They have stated that they must have a guaranteed throughput rate on their Internet connection. Based on this requirement, what type of WAN connection should you recommend?

Dial-up

Cable broadband

T-1

DSL

Answer 48

Explanation
A T-1 connection provides a guaranteed 1.544 mbps of throughput. Dial-up, DSL, and cable broadband do not provide a guaranteed throughput rate. Instead, these services provide a variable throughput rate based on network conditions and demand in the area of your business.

Question 49

You run the command IPCONFIG on your laptop and see that you have been assigned an IP address of 169.254.0.1. Which category of IPv4 address is this?

APIPA

Private

Static

Public

Answer 49

Explanation
APIPA stands for Automatic Private IP Addressing and is a feature of Windows operating systems. When a client computer is configured to use automatic addressing (DHCP), APIPA assigns a class B IP address from 169.254.0.0 to 169.254.255.255 to the client when a DHCP server is unavailable.

Question 50

A network administrator is configuring one distribution and five access switches which will be installed in a new building. Which of the following is the BEST physical location for the equipment?

The distribution switch in the IDF and the access switches in the MDF

The distribution switch in the MDF and the access switches in the IDF

All switches should be placed in the IDF to leave room in the MDF for servers

All switches should be placed in the MDF to leave room in the IDF for servers

Answer 50

Explanation
Distribution switches should be placed in the Main Distribution Facility (MDF) and the access switches would be placed in the IDF closer to the end users.

Question 51

You are setting up uplink ports for multiple switches to communicate with one another. All of the VLANs should communicate from the designated server switch. Which of the following should be set on the uplink ports if VLAN 1 is not the management VLAN?

STP

802.1q

Port security

802.1x

Answer 51

Explanation

Setting STP on the uplink ports will ensure that loops are not created.

Question 52

Which parameter must be adjusted to enable a jumbo frame on a network device?

MTU

TTL

Duplex

Speed

Answer 52

Explanation
A jumbo frame is an Ethernet frame with a payload greater than the standard maximum transmission unit (MTU) of 1,500 bytes. Jumbo frames are used on local area networks that support at least 1 Gbps and can be as large as 9,000 bytes. By adjusting the MTU on a given network device’s interface, you can enable or prevent jumbo frames from being used in the network.

Question 53

What benefit does network segmentation provide?

Security through isolation

Link aggregation

Packet flooding through all ports

High availability through redundancy

Answer 53

Explanation
Network segmentation in computer networking is the act of splitting a computer network into subnetworks, each being a network segment. Advantages of such splitting are primarily for boosting performance and improving security through isolation.

Question 54

Max is a network technician who just terminated the ends on a new copper cable used between two legacy switches. When he connects the two switches together using the cable, they fail to establish a connection. What is MOST likely the issue?

The cable has exceeded bend radius limitations

The cable is a straight-through cable

The cable is a crossover cable

The cable has RJ-11 connectors instead of RJ-45

Answer 54

Explanation
There are two types of cable, Straight-through and Crossover. In this instance, a crossover cable would need to be used to communicate with legacy switches since they won’t support

Question 55

A technician is troubleshooting a PC that is having intermittent connectivity issues. The technician notices that the STP cables pairs are not completely twisted near the connector. Which of the following issues may be experienced due to this?

Cross-talk

568A/568B mismatch

Tx/Rx reverse

Split Pairs

Answer 55

Explanation
Cross-talk can occur if the twisted pairs are not twisted sufficiently. The cable should be trimmed down and reterminated to prevent this issue.

Question 56

An organization wants to improve its ability to detect infiltration of servers in a DMZ. IPS/IDS solutions are currently located on the edge between DMZ and Untrust, and DMZ and Trust. Which of the following could increase visibility inside the DMZ?

Layer 7 firewall

Honeypot

NAC server

Host-based firewalls in the DMZ

Answer 56

Explanation
Layer 7 firewalls are at the application layer. They allow you to choose your security at a more granular (almost undetectable) level.

Question 57

A wireless technician wants to configure a wireless network to identify itself to visitors by including the word “Guest” in the name. This wireless network needs to provide coverage to the entire building and will require 3 wireless access points working together to accomplish this level of coverage. What would allow users to identify the wireless network by its displayed name as a single network?

ESSID broadcast

ARP broadcast

BSSID broadcast

DHCP broadcast

Answer 57

Explanation
With an ESSID (Extended Service Set), a wireless network can utilize multiple wireless access points (WAPs) that can broadcast a single network name for access by the clients. A BSSID (Basic Service Set) can only utilize a single WAP in each wireless network.

Question 58

Your office is located in a small office park and you are installing a new wireless network access point for your employees. The companies in the adjacent offices are using Wireless B/G/N routers in the 2.4 Ghz spectrum. Your security system is using the 5 Ghz spectrum, so you have purchased a 2.4 Ghz wireless access point to ensure you don’t interfere with the security system. To maximize the distance between channels, which set of channels should you configure your WAP to use?

1, 7, 13

3, 6, 9

2, 6, 10

1, 6, 11

Answer 58

Explanation
Wireless access points should always be configured with channels 1, 6, or 11 to maximize the distance between channels and prevent overlaps.

Question 59

After installing some new switches in your network, you notice that a looping problem has begun to occur. You contact the manufacturer’s technical support for the switches you purchased and they recommended that you enable 802.1d. Which of the following BEST represents why the manufacturer suggested this?

It is a version of spanning tree that uses BPDU to detect problems

It is a regular version of port mirroring that uses hello packets to detect loops

It is a simple version of port mirroring tree that uses BPDU to detect problems

It is a rapid version or port mirroring that uses BPDU to detect problems

Answer 59

Explanation
The IEEE 802.1d standard refers to the Spanning Tree Protocol (STP). The main purpose of STP is to ensure that you do not create loops when you have redundant paths in your network. The other options are focused on port mirroring, which is not covered by this question.

Question 60

What is true concerning jumbo frames?

They are commonly used on a SAN

Their MTU size is less than 1500

They are commonly used with a NAS

They are commonly used with DHCP

Answer 60

Explanation
Jumbo frames are Ethernet frames whose MTU is greater than 1500. To increase performance, you should use jumbo frames only when you have a dedicated network or VLAN, and you can configure an MTU of 9000 on all equipment. Because of this, jumbo frames are most commonly used in a separate SAN (storage area network).

Question 61

A technician has attempted to optimize the network but some segments are still reporting poor performance. What issue should the technician look at?

Switch incorrectly set to full duplex

Conflicting IP addresses

Packet bottlenecks

IP address scope depletion

Answer 61

Explanation
A bottleneck occurs when bandwidth is unable to accommodate large amounts of system data at designated data transfer rate speed, typically caused by TCP/IP data interruption or other performance issues.

Question 62

You are working as a network technician and have been asked to troubleshoot an issue with a workstation. You have just established a theory of probable cause. Which of the following steps should you perform NEXT?

Identify the problem

Verify full system functionality

Test the theory to determine cause

Implement the solution or escalate as necessary

Answer 62

Explanation
There are 7 steps to the troubleshooting methodology used in Network+. (1) Identify the problem. (2) Establish a theory of probable cause. (3) Test the theory to determine the cause. (4) Establish a plan of action to resolve the problem and identify potential effects. (5) Implement the solution or escalate as necessary. (6) Verify full system functionality and if applicable implement preventative measures. (7) Document findings, actions, and outcomes.

Question 63

You are installing a new LAN in a building your company just purchased. The building is older, but your company has decided to install a brand new Cat6a network in it before moving in. You are trying to determine whether to purchase plenum or PVC cabling. Which environment condition should be considered prior to making the purchase?

Workstation models

Window placement

Floor composition

Ceiling air flow condition

Answer 63

Explanation
In a large building, the ‘plenum’ is the space between floors used to circulate the air conditioning ductwork, piping, electrical, and network cables throughout the building. This space is also an ideal place to run computer network cabling. However, in the event of fire in the building, the network cables can be very hazardous as they create a noxious gas when burnt. If you have a plenum area in the ceiling with excellent airflow, you may be able to use PVC cables instead (which are cheaper). Generally, though, if you are going to run your cables in a plenum area (as opposed to open cable trays), then you want to use plenum rated cables.

Question 64

Which type of a security measure is used to control access to an area by using a retina scan?

Two-factor authentication

Biometric

Cipher locks

Optical reader

Answer 64

Explanation
Retina scans are considered a biometric control. Other biometric controls contains fingerprint readers and facial scanners.

Question 65

A network technician must replace a network interface card on a server. The server currently uses a multimode fiber to uplink a fiber switch. Which of the following types of NICs should the technician install on the server?

1000base-LR

1000Base-FX

1000Base-T

10GBase-SR

Answer 65

Explanation
10Gbase-SR is a 10 Gigabit Ethernet LAN standard for operation over multi-mode fiber optic cable and short wavelength signaling. Remember, for the exam, “S is not single”, meaning the ones that has a Base-S as part of its name designates it as a multimode fiber cable.

Question 66

As part of unified communications services, QoS must be implemented to provide support for DSCP and CoS. Which of the following OSI layers does QoS operate within?

Layer 1

Layer 2

Layer 4

Layer 5

Answer 66

Explanation
DSCP is a layer 3 packet and it is the most commonly used value for QoS of an IP packet (as it gives lots of flexibility). CoS, on the other hand, is a layer 2 packet. Based on the options given, only Layer 2 is correct.

Question 67

Your company wants to create highly-available data centers. Which of the following will allow the company to continue to maintain an Internet presence at all sites in the event that the WAN connection at their own site goes down?

Load balancer

VRRP

OSPF

BGP
(Correct)

Answer 67

Explanation

If a WAN link goes down, BGP will route data through another WAN link if redundant WAN links are available.

Question 68

You have been asked by a client to provide their local office with the BEST solution for a wireless network based on their requirements. The client has stated that their users will need a wireless network that provides a maximum of 54 Mbps of bandwidth and operates in the 2.4Ghz frequency band. Which of the following types of wireless network should you install to meet their needs?

802. 11a
803. 11b
804. 11g
805. 11ac

Answer 68

Explanation
802.11g provides transmission over short distances at up to 54 Mbps in the 2.4 GHz band. It’s also backwards compatible with 802.11b (which only operates at 11 Mbps). While a 802.11ac network would be the faster solution, it does not operate in the 2.4 Ghz frequency band. 802.11a operates in the 5 GHz frequency band at up to 54 Mbps.

Question 69

What is used to define how much bandwidth can be used by various protocols on the network?

Traffic shaping

High availability

Load balancing

Fault tolerance

Answer 69

Explanation
Traffic shaping, also known as packet shaping, is the manipulation and prioritization of network traffic to reduce the impact of heavy users or machines from affecting other users.
Question 74: Skipped
You are troubleshooting a SQL server on the network. It has been unable to perform an uncompressed backup of the database because it needs several terabytes of disk space available. Which of the following devices should you install in order to have the MOST cost efficient backup solution?

Question 70

You are troubleshooting a SQL server on the network. It has been unable to perform an uncompressed backup of the database because it needs several terabytes of disk space available. Which of the following devices should you install in order to have the MOST cost efficient backup solution?

iSCSI scan

FCoE SAN

NAS

USB flash drive

Answer 70

Explanation
A NAS is a Network Attached Storage device, typically a bunch of cheap hard disks and usually arranged in a RAID consisting of either SAS (serial attached SCSI) or SATA disks just like the ones in most desktops.

Question 71

An administrator has configured a new 100Mbps WAN circuit, but speed testing shows poor performance when downloading large files. The download initially reaches close to 100Mbps but begins to drop and show spikes in the download speeds over time. The administrator checks the router interface and sees the following: Router01# show interface eth1/1 GigabitEthernet1/1 is up, line is up Hardware is GigabitEthernet, address is FF12.CDEA.1426 Configured speed auto, actual 1Gbit, configured duplex fdx, actual fdx Member of L2 VLAN 1, port is untagged, port state is forwarding Which of the following is the best solution to resolve this issue?

Shutdown and then re-enable this interface

Reset the statistics counter for this interface

Remove default 802.1q tag and set to server VLAN

Apply egress port rate-shaping

Answer 71

Explanation
Since the VLAN port is untagged, it can be slowing down performance. It is recommended to remove the default VLAN tag and setup a server VLAN to increase performance.