Prep test 4

Question 1

Question 1 of 90
Which of the following pairs of networks refer to a circuit-switched and a packet-switched network respectively?
Answers
A.
An Ethernet based data network and an IP-based enterprise network
B.
An IP based enterprise network and the Public Switched Telephone Network
C.
Public Switched Telephone Network and an IP-based enterprise network
D.
An IP-based enterprise network and a Wi-Fi based metropolitan wireless network

Answer 1

C.
Public Switched Telephone Network and an IP-based enterprise network

A circuit-switched network creates a dedicated communication path between the communicating devices which is maintained until the communication ends. The traditional Public Switched Telephone Network (PSTN) is one such network. A packet-switched network is one where data is grouped into packets that are sent individually over a network. Each packet is directed over the network independently based on the addressing information found within its header. Modern IP-based networks are packet-switched networks.

Question 2

Question 3 of 90
You are asked to design a wireless network where security and privacy are of paramount importance. Which of the following protocols would you avoid using and why?
Answers
A.
WPA2 because it uses clear text passwords
B.
EAP-TLS because it provides an open network
C.
WPA2 because it does not provide the strongest encryption
D.
WPA because it uses clear text passwords
E.
WPA because it does not provide the strongest encryption

Answer 2

E.
WPA because it does not provide the strongest encryption

Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) are two security protocols and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks. The Alliance defined these in response to serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP). WPA is no longer considered a secure solution and has been replaced by WPA2 which provides a stronger encryption mechanism using CCMP-AES.

Question 3

Question 14 of 90
You have multiple virtual machines running on your network. Which address conflict can cause the devices to malfunction at Layer 2?
Answers
A.
Duplicate TCP ports
B.
Duplicate MAC addresses
C.
Duplicate physical bit addresses
D.
Duplicate IP addresses

Answer 3

B.
Duplicate MAC addresses

MAC addresses should be unique on all network devices worldwide. However, there is a slight possibility that they may be duplicated especially on equipment that has been procured from more economical and less well-known manufacturers. This may result in a duplicate MAC address on a subnet. This results in ARP tables of hosts and MAC tables of switches continually being updated alternately from frames transmitted by each device.

Question 4

Question 15 of 90
You have installed and configured a Layer 3 switch with multiple VLANs. Which of the following can be accomplished by this switch that a Layer 2 switch cannot perform?
Answers
A.
Use Quality of Service (QoS) feature
B.
Use Simple Network Management Protocol (SNMP)
C.
Configure, manage, and monitor a LAN
D.
Perform routing functions with multiple VLANs

Answer 4

D.
Perform routing functions with multiple VLANs

The configuration of VLANs is inherent to layer two devices, specifically, switches. VLANs however are only configurable on managed switches, as unmanaged switches do not possess the appropriate software and capabilities for such configurations. In this scenario, except for performing routing functions, a Layer 2 switch will be able to perform all functions. Therefore, Layer 3 switch is required to perform a routing function. A router can be an alternate to Layer 3 switch as far as routing is concerned.

Question 5

Question 17 of 90
You are required to set up a new wireless network in your office. One of the key requirements is that the wireless network should support video streaming at a very high throughput rate. Multiple users may stream videos at the same time. Which wireless network will meet your requirement?
Answers
A.
802.11a
B.
802.11g
C.
802.11n
D.
802.11ac
E.
802.11b

Answer 5

D.
802.11ac

IEEE 802.11ac is an amendment that improves upon the previous IEEE 802.11 standards. Characteristics of this standard include the introduction of wider channels (80 or 160 MHz compared to 40 MHz for 802.11n) in the 5 GHz band, more spatial streams (up to eight) and the addition of Multi-user MIMO (MU-MIMO). Out of the given choice, this is the only wireless specification that provides Very High Throughput (VHT) data up to 7 Gbps within the 5.8 GHz ISM band.

Question 6

Question 30 of 90
Which of the following protocols are examples of connection-oriented protocols? [Choose two that apply.]
Answers

    A.
    ICMP
    B.
    NetBEUI
    C.
    MPLS
    D.
    ATM

Answer 6

C.
MPLS
D.
ATM

Connection-less describes a network communication mode where data is individually addressed and routed based on information carried in each unit. Under such a situation, data can be sent from one node to another without any prior arrangement, and without even the sender knowing if the receiver is available or even extant. ATM and MPLS are examples of connection-oriented protocols. ICMP and NetBEUI are connection-less protocols.

Question 7

Question 33 of 90
Which of the following is a protocol data unit?
Answers
A.
An application layer protocol unit
B.
A transport layer segment
C.
A physical layer encoding method
D.
The sum of the source and destination MAC addresses in a frame
E.
The IP address and port pair of a session

Answer 7

B.
A transport layer segment

A protocol data unit (PDU) is the generic term for the entity of data that is produced at each layer of the OSI model. For example, the PDU of the Datalink layer is called a frame, that of the network layer is called a packet and at the transport layer it is called segment. Some may also call a bit of data the PDU of the physical layer, although that is not as generally accepted as the other PDUs.

Question 8

Question 36 of 90
Which of the following two methods can help prevent a DNS poisoning attack? [Choose all that apply].
Answers

A.
Configure DNS to fetch updates from known authoritative servers
B.
Setting short TTL times
C.
Configure firewall to filter out traffic only from known DNS servers
D.
Clearing the DNS caches of local systems and network devices

Answer 8

B Setting short TTL times
D Clearing the DNS caches of local systems and network devices at regular intervals

DNS poisoning also referred to as DNS spoofing, is a form of computer security hacking in which corrupt DNS data is introduced into the DNS resolver’s cache, causing the name server to return an incorrect IP address. This results in traffic being diverted to another computer, often to the attacker’s computer, where the attacker can attempt to decipher the data sent.

Question 9

Question 39 of 90
Which of the following features of networking are a part of the Datalink layer of the OSI model? [Choose two that apply.]
Answers

    A.
    Type of cable used
    B.
    Hardware addressing
    C.
    Type of connector used
    D.
    Acknowledgements of received data
    E.
    Media Access Control mechanisms

Answer 9

B.
Hardware addressing
D.
Acknowledgements of received data

The Datalink layer of the OSI model provides the means to transfer data between network nodes. It is concerned with media access control methods, hardware addressing and the local delivery of frames between devices on the same network segment.

Question 10

Question 42 of 90
You are provided with an IP address range of 192.168.55.0/24. You are required to perform subnetting so that you provide three address spaces sufficient to accommodate 93, 55 and 42 hosts respectively. Which of the following subnetting schemes will provide for this?
Answers
A.
Subnet 1: 192.168.55.0/25 Subnet 2: 192.168.55.128/26 Subnet3: 192.168.55.192/26
B.
Subnet 1: 192.168.55.0/26 Subnet 2: 192.168.55.64/27 Subnet3: 192.168.128.0/27
C.
Subnet 1: 192.168.55.0/25 Subnet 2: 192.168.55.64/26 Subnet3: 192.168.128.0/26
D.
Subnet 1: 192.168.55.0/26 Subnet 2: 192.168.55.128/27 Subnet3: 192.168.192.0/27

Answer 10

A.
Subnet 1: 192.168.55.0/25 Subnet 2: 192.168.55.128/26 Subnet3: 192.168.55.192/26

The IP address range provides for 256 IP addresses (254 hosts). This range can be subnetted into sizes of 128, 64, 32, 16 and so on. For the sizes required, one 128-address subnet and two 64-address subnets will suffice. These three subnets will take up the whole range of the original address space (128+64+64=256). A 128-address subnet has a subnet mask of 255.255.255.128 or a /25 prefix, so the first subnet is 192.168.55.0/25. This subnet ranges from 192.168.55.0 to 192.168.55.127. The next available network address is 192.168.55.128. A 64-address subnet has a subnet mask of 255.255.255.192 or a /26 prefix, so the second subnet is 192.168.55.128/26. This subnet ranges from 192.168.55.128 to 192.168.55.191. The next available network address is 192.168.55.192. A 64-address subnet has a subnet mask of 255.255.255.192 or a /26 prefix, so the third subnet is 192.168.55.192/26. This subnet ranges from 192.168.55.192

Question 11

Question 48 of 90
When you start your DSL modem to connect to the Internet Service Provider (ISP), which phase does PPPoE initiate?
Answers
A.
Establish
B.
Connect
C.
Search
D.
Discovery

Answer 11

D.
Discovery

The Point-to-Point Protocol over Ethernet (PPPoE) is a network protocol for encapsulating PPP frames inside Ethernet frames. When you start the DSL modem, the PPPoE protocol initiates the Discovery phase in which user session and remote site session learn about each other’s network addresses.

Question 12

Question 49 of 90
You create a five-meter T-568A standard straight cable to connect a user PC to the wall jack. After connecting the PC, you notice that the PC does not have connectivity. After basic troubleshooting, you decide to test the cable using the cable tester. If the test fails, which of the following wires in the cable is likely to be causing the problem?
Answers
A.
White blue
B.
White orange
C.
Blue
D.
White green

Answer 12

D.
White green

A cable tester is a device used to test Ethernet cable connections as well as telephony cable connections. When you test a cable and it fails the test, it is most likely that the White green is responsible for this failure

Question 13

Question 50 of 90
You have several servers in your server room that are running different operating systems including several flavors of Linux and several versions of Windows. You want to ensure that you can obtain a remote desktop connection to these systems. You want to minimize the administrative overhead by using multiple applications. Which of the following should help you achieve your goal?
Answers
A.
VNC
B.
RDP
C.
SSH
D.
FreeRemote
E.
Telnet

Answer 13

A.
VNC

Virtual Network Computing (VNC) is a platform independent graphical desktop sharing system that allows one computer to remotely control another. It transmits the keyboard and mouse events from one computer to another, relaying the graphical screen updates back in the other direction, over a network.

Question 14

Question 51 of 90
After testing some copper UTP cabling for possible connectivity problems, you use a cable tester and notice that all eight conductors are functioning except for one. You examine the pins on each of the two RJ-45 connectors and observe no problems. Which of the following has most likely occurred to this cable?
Answers
A.
Incorrect pin-out
B.
A transceiver mismatch
C.
An open circuit
D.
A short circuit

Answer 14

C.
An open circuit

A short circuit, sometimes abbreviated to short, is an electrical circuit that allows a current to travel along an unintended path with no or a very low electrical impedance. In UTP cabling, this will cause signals intended to travel on one wire to freely travel on another thus adding the two signals together. This results in an unintelligible signal that produces errors and in most cases, disrupt communication completely. The opposite of a short circuit is an “open circuit”, which is an infinite resistance (essentially a break in the conductor) between two nodes.

Question 15

Question 59 of 90
You need to design a new wireless network for a client. At present, travel to the client location is not feasible for you. Since you are not getting paid for this survey, you also want lower efforts to be involved. The client has also said that they want the estimated number of access points and the calculation need not be exact but close the real number required. To be able to meet these criteria, which of the following type of survey would be suitable for this scenario?
Answers
A.
Active site survey
B.
RF spectrum site survey
C.
Passive site survey
D.
Predictive site survey
Assistance

Answer 15

D.
Predictive site survey
Assistance

Question 16

Question 60 of 90
Identify the Mean Time Between Failures (MTBF) based on the given values:

Total production time (up time + down time): 100
Total down time: 40
Number of breakdowns: 16

Answers
A.
10 hours
B.
48hours
C.
2 hours
D.
4 hours

Answer 16

D.
4 hours

Failures (MTBF) is the predicted elapsed time between inherent failures of a network device, during normal system operation. MTBF is calculated based on the following formula:Mean Time Between Failures = (Total up time) / (number of breakdowns) .

Question 17

Question 64 of 90
When implementing Carrier Sense Multiple Access/Collision Detection using copper cabling, how does a device recognize a collision on the medium?
Answers
A.
The detected voltage on the medium is lower than expected.
B.
The value of the back off timer indicates the presence of a collision.
C.
The detected voltage on the medium is higher than expected.
D.
A jamming signal sent by the offending device.

Answer 17

C.
The detected voltage on the medium is higher than expected.

Signaling on a copper medium is transmitted using fluctuating voltage levels. These levels are very specific. When a collision occurs, the signals of two or more devices are added on the medium which results in voltage levels that are often twice as high as expected.

Question 18

Question 66 of 90
Identify the correct incidents that may be reported as per the Incident Response Policy of an organization:

Intrusion attempts
Loss of hardware
Security Breach
System crash

Answers
A.
1, 2, 3
B.
1, 3, 4
C.
2, 3, 4
D.
1, 2, 3, 4

Answer 18

A.
1, 2, 3

An incident response policy is a documented procedure that is to be followed in the event of an incident that has occurred that may affect the normal operation of a network. Specific steps are defined within this policy that guides the responsible personnel and allows them to respond appropriately and rapidly to developing incidents. As per the incident response policy, the common security incidents are: 1. Intrusion attempts 2. Loss of hardware 3. Security Breach

Question 19

Question 71 of 90
You are setting up a wireless network in your organization and want to prevent it from wardriving attack. Which of the following method should you use to meet this goal? [Choose three that apply.]
Answers

    A.
    Do not broadcast SSID
    B.
    Enable WEP encryption
    C.
    Encrypt your wireless communication with WPA2 + AES
    D.
    Set up and configure MAC filtering
    E.
    Activate Wi-Fi Protected Setup (WPS)

Answer 19

A.
    Do not broadcast SSID
C.
    Encrypt your wireless communication with WPA2 + AES
D.
    Set up and configure MAC filtering

Wardriving is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle, using a laptop or smartphone. Software for wardriving is freely available on the Internet. The purpose of wardriving is to associate specific wi-fi networks with their geographical location. Accumulated data can be uploaded to websites where the information is processed into maps.To protect your wireless network from wardriving is to use the following methods:Do not broadcast SSIDEncrypt your wireless communication with WPA2 + AESSet up and configure MAC filtering

Question 20

Question 74 of 90
Within which two key layers of the OSI model does a multilayer switch operate? [Choose two that apply.]
Answers

    A.
    Network
    B.
    Application
    C.
    Session
    D.
    Datalink

Answer 20

A.
Network
D.
Datalink

A switch is inherently a Layer 2 device and directs traffic only based on MAC addresses. A router is inherently a Layer 3 device and routes traffic based on IP addresses. A multilayer switch is essentially a switch that can perform basic Layer 3 functions such as static routing, dynamic routing and access list implementation. It can perform inter-VLAN routing, allowing communication between the VLANs configured within it. A multilayer switch primarily operates in the Datalink and Network layers of the OSI model.

Question 21

Question 76 of 90
Which of the following addresses is considered a private address?
Answers
A.
172.15.66.2
B.
192.68.1.1
C.
172.30.0.3
D.
11.10.10.1

Answer 21

C.
172.30.0.3

RFC 1918 defines the ranges of IPv4 addresses that should be used when implementing private IP networks. According to the RFC, the following IP ranges are considered private IPv4 addresses: 10.0.0.0 – 10.255.255.255, 172.16.0.0 – 172.31.255.255 and 192.168.0.0 – 192.168.255.255.

Question 22

Question 80 of 90
Whenever portfast is enabled on a switch port, which of the following should also be enabled to mitigate switch spoofing attacks?
Answers
A.
STP guard
B.
BPDU guard
C.
Root guard
D.
Flood guard
.

Answer 22

B.
BPDU guard

Portfast is a configuration on a switch port that can be applied to ports that connect to user end equipment. It allows a port to immediately start forwarding traffic rather than waiting a predefined time that STP requires. These ports should never connect to a switch. It is best practice to implement BPDU guard on such ports to mitigate the possibility of a malicious attacker or a well-meaning employee from installing a switch on one of these ports and causing havoc with STP

Question 23

Question 86 of 90
When installing a new network device, which of the following actions is considered part of the procedure of device hardening? [Choose three that apply.]
Answers

    A.
    Change native VLAN
    B.
    Disable password history
    C.
    Disable unused services
    D.
    Change default passwords
    E.
    Change default MAC address

Answer 23

A.
    Change native VLAN
C
   Disable unused services
 D.
    Change default passwords

In networking, hardening is the process of securing a system by reducing its vulnerability to attacks, which is greater when a system performs more functions. In principle a single-function system is more secure than a multipurpose one. Reducing available ways of attack typically includes changing default passwords, the removal of unnecessary software, unnecessary usernames or logins, and the disabling or removal of unnecessary services.Changing the default MAC address does not help in device hardening. It is always good to enable password history so that users cannot re-use a specific number of passwords.

Question 24

Question 87 of 90
Which of the following concepts allows a user to use the same credentials for multiple network resources by leveraging protocols such as LDAP?
Answers
A.
RADIUS
B.
SSO
C.
Kerberos
D.
AAA
E.
TACACS+

Answer 24

B.
SSO

Single sign-on (SSO) is a property of access control of multiple related, yet independent, software systems. With this property, a user logs in with a single ID and password to gain access to a connected system or systems without using different usernames or passwords, or in some configurations seamlessly sign on at each system. This is typically accomplished using the Lightweight Directory Access Protocol (LDAP) and stored LDAP database on servers.

Question 25

Question 90 of 90
You have a Voice over IP (VoIP) system that is configured to run over a wireless network. When you attempt to make a call, the voice of the receiver is broken, and you are not able to hear the words clearly. Which of the following issue is being faced in this scenario?
Answers
A.
Latency
B.
Jitter
C.
Refraction
D.
Attenuation

Answer 25

B.
Jitter

Jitter occurs when a wireless access point is unable to handle the traffic load resulting in dropped packets. The end result for a VOIP call is the voice of the speaker is broken up causing a choppy conversation.