sybex practice test 1a

Question 1

7

Answer 1

C. A multilayer switch is a network connectivity device that functions at both layer 2 and layer 3 of the Open Systems Interconnection (OSI) model. At layer 2, the data link layer, the device functions like a normal switch, providing an individual collision domain to each connected node and enabling you to create multiple VLANs. At layer 3, the network layer, the device also provides routing capabilities by forwarding packets between the VLANs. Virtual routers, load balancers, and broadband routers are strictly layer 3 devices that can route traffic but cannot create VLANs.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 449). Wiley. Kindle Edition.

Question 2

8

Answer 2

B, C, D. Data at-rest is a data loss prevention term that describes data that is currently in storage while not in use. Data in-motion is the term used to describe network traffic. Data-in-use describes endpoint actions. Data on-line is not one of the standard data loss prevention terms.

Question 3

9

Answer 3

C. WiFi Protected Access (WPA) is the wireless security protocol that was designed to replace the increasingly vulnerable Wired Equivalent Privacy (WEP) protocol. WPA added an encryption protocol called Temporal Key Integrity Protocol (TKIP) that was more difficult to penetrate. However, over time, TKIP too became vulnerable, and WPA2 was introduced, which replaced TKIP with the Advanced Encryption Standard protocol (CCMP-AES).

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 449). Wiley. Kindle Edition.

Question 4

12

Answer 4

A, C, D. Port number 1433 is used by SQL Server; port 1521 is used by SQLnet, and port 3306 is used by MySQL. The port number 3389 is used by the Remote Desktop Protocol (RDP) and is not involved in SQL communications.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 449). Wiley. Kindle Edition.

Question 5

13

Answer 5

D. Wireless Local Area Network (WLAN) equipment built to the 802.11a standard can only use the 5 GHz frequency band. However, an 802.11g access point can only use the 2.4 GHz frequency band. Therefore, the network adapters cannot be made to connect to your access point by any means.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 449). Wiley. Kindle Edition.

Question 6

14

Answer 6

C, D. RAID is a technology for storing data on multiple hard disk drives, providing fault tolerance, increased performance, or both. The various RAID levels provide different levels of functionality and have different hardware requirements. RAID 5 and RAID 6 both combine disk striping with distributed storage of parity information. RAID 5 enables recovery from a single disk failure. RAID 6 uses redundant parity to enable recovery from a double disk failure. RAID 1 and RAID 10 both use disk mirroring to provide fault tolerance, which does not require parity data. RAID 0 uses data striping only (blocks written to each disk in turn), which does not provide any form of fault tolerance.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 449). Wiley. Kindle Edition.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 449). Wiley. Kindle Edition.

Question 7

17

Answer 7

C. The Default Gateway setting should contain the address of a router on the workstation’s local network that provides access to other networks, such as the Internet. In this case, therefore, the Default Gateway address should be on the 192.168.23.0 network, but it contains an address on the 192.168.216.0 network, which is not local. Therefore, the user can only access systems on the 192.168.23.0/24 network. The Subnet Mask setting must be correct, or the user would not be able to access any other systems. Unlike the default gateway, the DNS server does not have to be on the workstation’s local network, so the address shown can be correct. DHCP does not have to be enabled for the computer to access the Internet.

Question 8

20

Answer 8

C, D. The solution requires you to create a Virtual Local Area Network (VLAN) on the ADSL router that matches the VLAN the network switch port is using. Therefore, you should create a VLAN4 on the router’s switch module and assign an Ethernet port to it, which will be the port you use to connect the ADSL router to the network switch. There is no need to create a VLAN1 on the network switch because all switches already have a default VLAN called VLAN1. Modifying the VLAN assignments on the network switch is not a good idea, because it might interfere with the existing VLAN strategy in place.

Question 9

21

Answer 9

A, D. Changing the length of the Service Set Identifier (SSID) will be no help in preventing a war driving attack. The SSID is just an identifier; its length has no effect on security. Wired Equivalent Privacy (WEP) is a security protocol that has been found to have serious weaknesses that are easily exploitable. It is not a satisfactory way to avoid attacks. On the other hand, configuring the access point not to broadcast its SSID will prevent a war driving attacker with standard equipment from seeing the network. Configuring your equipment to use WiFi Protected Access II (WPA2) security will make it difficult for a war driver who detects your network to connect to it.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 450). Wiley. Kindle Edition.

Question 10

22

Answer 10

A, D. Infrastructure as a Service (IaaS) provides consumers with processing, storage, and networking resources that they can use to install and run operating systems and other software of their choice. In the public cloud model, one organization functions as the provider, and another organization—in this case, you—consumes the services of the provider. Platform as a Service (PaaS) provides consumers with the ability to install applications of their choice on a server furnished by the provider. Software as a Service (SaaS) provides consumers with access to a specific application running on the provider’s servers, but the consumers have no control over the operating system, the servers, or the underlying resources. In a private cloud, the same organization that uses the cloud services is also the sole owner of the infrastructure that provides those services. A hybrid cloud is a combination of public and private infrastructure so that the consumer organization is only a partial owner of the infrastructure.

Question 11

24

Answer 11

B. The default port for the Post Office Protocol 3 (POP3) is 110, but that is used for incoming mail. Outgoing mail uses the Simple Mail Transfer Protocol (SMTP), which uses the well-known port number 25 by default. Port number 143 is the default port for the Internet Message Access Protocol (IMAP), a different email mailbox protocol that clients never use with POP3. Port number 80 is the default port for the Hypertext Transfer Protocol (HTTP), which is not used by email clients.

Question 12

25

Answer 12

B. The cable type used for thin Ethernet segments is a coaxial cable called RG-58. RG-8 coaxial is used exclusively on thick Ethernet segments. RJ45 is a type of connector used in twisted pair cabling for data networks. RJ11 is a connector type used in twisted-pair cabling for telecommunications networks.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 451). Wiley. Kindle Edition.

Question 13

26

Answer 13

A. A rollover cable is a type of null modem cable, usually flat and light blue in color, with the pinouts reversed on either end, to enable a terminal to communicate with a router or switch through the device’s dedicated console port. It cannot connect a workstation to the network. A straight-through cable is the standard network cable used to connect a workstation or other device to an Ethernet network. A crossover cable is designed to connect network adapters to each other directly, creating a two-node network. A plenum cable is a type of cable intended for use within air spaces that has an outer sheath that does not produce toxic fumes when it burns. A shielded cable is intended to protect signals from electromagnetic interference. Both plenum and shielded cables can connect a workstation to a network.

Question 14

27

Answer 14

A. Authentication Header (AH) is a protocol in the TCP/IP suite that provides digital integrity services, in the form of a digital signature, which ensures that an incoming packet actually originated from its stated source. Encapsulating Security Protocol (ESP) provides encryption services for IPSec. Secure Sockets Layer (SSL) is a security protocol that provides encrypted communications between web browsers and servers. Remote Desktop Protocol (RDP) is a component of Remote Desktop Services, a Windows mechanism that enables a client program to connect to a server and control it remotely.

Question 15

30

Answer 15

A, B, C, D. A cable modem must function as a broadband router to provide access to the cable provider’s network. Many cable modems are also Wireless Access Points (WAPs), enabling users to construct a Local Area Network (LAN) without a cable installation. Many cable modems have switched Ethernet ports for connections to wired devices, such as printers and computers. Most cable modems use Dynamic Host Configuration Protocol (DHCP) to assign IP addresses to devices on the home network. Cable modems for home use typically do not function as proxy servers or Remote Authentication Dial-In User Service (RADIUS) servers, which are devices generally used on large networks.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 452). Wiley. Kindle Edition.

Question 16

31

Answer 16

A. Like A and AAAA records, which are used for forward name resolution, Pointer (PTR) records contain hostnames and IP addresses. However, PTR records are used only for reverse name resolution—that is, resolving IP addresses into hostnames. A Mail Exchange (MX) record specifies the mail server that the domain should use. Canonical Name (CNAME) records specify aliases for a given hostname. An AAAA resource record maps a hostname to an IPv6 address for name resolution purposes. All of these records except PTR are used for forward name resolution.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 452). Wiley. Kindle Edition.

Question 17

32

Answer 17

C, D. Protocol analyzers capture packets from the network and interpret their contents, which can include displaying the application layer payload. Depending on the application, the payload can conceivably include confidential information, such as passwords. Protocol analyzers also display the IP addresses of the systems involved in packet transmissions. Although this in itself might not be a great security threat, intruders might use the IP address information to launch other types of attacks. Protocol analyzers cannot decrypt the protected information they find in captured packets. Vulnerability scanners detect open ports and launch attacks against them; protocol analyzers do not do this.

Question 18

33

Answer 18

B, D, E. A Remote Authentication Dial-In User Service (RADIUS) server, also known as an AAA server, provides centralized authentication, authorization, and accounting for other network services. Assistance and attenuation are not functions provided by RADIUS or AAA servers.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 452). Wiley. Kindle Edition.

Question 19

35

Answer 19

B. Proxy servers provide network users with access to Internet services, and the unregistered IP addresses on the client computers protect them from unauthorized access by users on the Internet, which satisfies the primary objective. The proxy servers also make it possible for network administrators to monitor and regulate users’ access to the Internet, which satisfies one of the two secondary objectives. However, proxy servers are not capable of assigning IP addresses to the client computers, and the proposal makes no mention of a Dynamic Host Configuration Protocol (DHCP) server or any another automatic TCP/IP configuration mechanism. Therefore, the proposal does not satisfy the other secondary objective.

Question 20

38

Answer 20

C. The first step in the troubleshooting protocol involves identifying the problem by questioning the user and creating a trouble ticket. You complete the other steps in the troubleshooting protocol after the trouble ticket has been created and prioritized.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 453). Wiley. Kindle Edition.

Question 21

40

Answer 21

B, C. The word asymmetric in Asymmetric Digital Subscriber Line (ADSL) means that the service provides different amounts of bandwidth in each direction. In nearly all cases, asymmetric WAN services provide more downstream bandwidth than upstream. Cable television (CATV) networks are also asymmetrical. The word symmetric in Symmetric Digital Subscriber Line (SDSL) means that the service provides equal amounts of bandwidth in both directions. Fibre Channel over Ethernet (FCoE) is also symmetrical.

Question 22

41

Answer 22

B, C. A large enterprise network will—at minimum—have demarcation points for telephone services and a connection to an Internet Service Provider’s (ISP’s) network. In many cases, these services enter the building in the same equipment room that houses the backbone switch, which enables all the devices on the network to access those resources. This room is then called the Main Distribution Frame (MDF). An Intermediate Distribution Frame (IDF) is a place where localized telecommunications equipment, such as the interface between the horizontal cabling and the backbone, is located. For example, an enterprise network housed in a single building might have its MDF in the basement and an IDF on each floor. Mean Time Between Failures (MTBF) and Remote Desktop Protocol (RDP) are not network cabling locations.

Question 23

43

Answer 23

D. Clustering refers to the combination of multiple servers—not network adapters—into a single unit to enhance performance and provide fault tolerance. Bonding, link aggregation, port aggregation, and NIC teaming are all terms for the same basic technology, in which the bandwidth of multiple network adapter connections is joined to speed up transmissions. The technology also enables the network communication to continue if one of the adapters fails or is disconnected.

Question 24

44

Answer 24

C, D. Secure Shell (SSH) and Telnet are both remote terminal programs, but Telnet clients pass instructions (including passwords) to the target server in clear text, whereas SSH uses encrypted transmissions. In the same way, Hypertext Transfer Protocol Secure (HTTPS) is the encrypted version of HTTP. In both of these cases, the substitute is more secure and should be suggested to the director. However, Temporal Key Integrity Protocol (TKIP) provides encryption that is less secure than Advanced Encryption Standard (AES), and Wired Equivalent Protocol (WEP) is less secure than WiFi Protected Access II (WPA2).

Question 25

48

Answer 25

D. RDP is a component of Remote Desktop Services, a Windows mechanism that enables a client program to connect to a server and control it remotely. RDP does not carry actual application data; it just transfers keystrokes, mouse movements, and graphic display information.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 455). Wiley. Kindle Edition.

Question 26

49

Answer 26

D, F. Of the options shown, only the 802.11n and 802.11ax standards define WLAN devices that can support both the 2.4 GHz and 5 GHz frequencies. The 802.11a and 802.11ac standards support only 5 GHz, and the 802.11b and 802.11g standards support only 2.4 GHz.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 455). Wiley. Kindle Edition.

Question 27

51

Answer 27

A, C. Secure Hash Algorithm (SHA) and Message Digest 5 (MD5) are file hashing algorithms used to test data integrity by calculating a hash value before transmitting a file over the network. After the transmission, the receiving system performs the same calculation. If the values match, then the data is intact. RC4 and Advanced Encryption Standard (AES) are both cryptographic algorithms, but they are not used for file hashing.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 455). Wiley. Kindle Edition.

Question 28

55

Answer 28

D. All of these occurrences are malfunctions on a full-duplex Ethernet network, but collisions are normal and expected on a half-duplex network. Runt frames occur when a network interface generates packets that are smaller than the 64-byte minimum allowable length. Giants occur when frames are larger than the 1518-byte maximum allowable length. Late collisions occur when network cables are too long, and frames collide after leaving the sending system.

Question 29

56

Answer 29

B. The Unix/Linux tcpdump utility is a protocol analyzer. It is a command-line tool that captures network packets and displays their contents. The iptables, nmap, and pathping utilities cannot capture and analyze packets. iptables manages Unix/Linux kernel firewall rules, nmap is a port scanner, and pathping is a Windows route tracing tool.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 456). Wiley. Kindle Edition.

Question 30

57

Answer 30

A, B. NAS devices are self-contained file servers that connect directly to a standard IP network. A NAS device provides file-level access to its storage devices, and it includes an operating system and a filesystem. NAS devices are typically not iSCSI targets. SANs provide block-level storage and typically function as iSCSI targets, but they do not include an operating system or filesystem.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 456). Wiley. Kindle Edition.

Question 31

61

Answer 31

A, B, C. Layer 2 Tunneling Protocol (L2TP), Internet Protocol Security (IPSec), and Multipoint Generic Routing Encapsulation (MGRE) are all protocols that encapsulate packets in an encrypted form within another protocol to secure their contents. Network Address Translation (NAT) enables workstations on private networks to access the Internet by substituting a public IP address in packets generated with private addresses. NAT does not use tunneling.

Question 32

64

Answer 32

D. For the link pulse LED on the switch port to light up, there must be an active connection between the switch and a functioning network device at the other end. Plugging a running computer into the wall plate will enable the Ethernet adapters at both ends of the connection to communicate, causing the LED to light. None of the other options will cause the LED to light.

Question 33

66

Answer 33

C. The Cisco symbol shown in the figure is used in network diagrams to represent a router, as symbolized by the arrows pointing both in and out. This symbol is not used to represent a hub, a switch, or a gateway.

Question 34

67

Answer 34

B, D. By inserting modified entries into a device’s ARP cache, an attacker can cause traffic to be diverted from the correct destination to a system controlled by the attacker. This can enable the attacker to intercept traffic intended for another destination. In a man-in-the-middle attack, the attacker can read the intercepted traffic and even modify it before sending it on to the correct destination. In a session hijacking attack, the attacker can use the intercepted traffic to obtain authentication information, including passwords. Neither of the other two options is facilitated by ARP poisoning. An evil twin is a fraudulent access point on a wireless network. Social engineering is a form of attack in which an innocent user is persuaded by an attacker to provide sensitive information via email or telephone.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 457). Wiley. Kindle Edition.

Question 35

70

Answer 35

D. A port scanner examines a system for open ports or endpoints that are accessible from the network using the TCP or UDP protocol, which intruders can conceivably exploit to gain access to the system. Port scanners do not list user processes, hardware ports, numbers of packets, or IP addresses.

Zacker, Craig. CompTIA Network+ Practice Tests: Exam N10-008 (p. 458). Wiley. Kindle Edition.