Test #1

Question 1

What is the role of port numbers in IP headers?
• Port numbers identify the path of routers between any two hosts that need to communicate with each other.
• Port numbers identify which interfaces on a router should receive data in and which interfaces should forward data out.
• Port numbers identify the sending and receiving processes between two hosts.
• Port numbers identify which connectors on a switch that should receive data in and which should forward data out.

Answer 1

• Port numbers identify the sending and receiving processes between two hosts.

Question 2

What TCP/IP protocol is used to resolve an IP address to a MAC address?
•	DHCP
•	BootP
•	ARP
•	UDP

Answer 2

• ARP

Address Resolution Protocol (ARP) is a TCP/IP protocol that is responsible for resolving an IP address to a MAC address.

Question 3

A technician has been tasked with planning for equipment failures. Which specs will the technician need to review to create a failure plan?
•	MTTR
•	SLA
•	MTTF
•	MTBF

Answer 3

MTTR
MTTF
MTBF
i. Mean Time To Repair (MTTR), Mean Time To Failure (MTTF) and Mean Time Between Failures (MTBF) are all specifications that should be known in planning for inevitable future failures.

Question 4

Which is the default port for NTP?
•	123
•	231
•	321
•	132

Answer 4

123

i. NTP uses port 123

Question 5

Using an ACL in a firewall to block known malicious Web addresses is an example of which of the following?
•	IP filtering
•	MAC filtering
•	Application filtering
•	Port filtering

Answer 5

• IP filtering

i. IP filtering is correct. Filtering prevents access by names and/or IP addresses.

Question 6

Which protocol in the TCP/IP protocol deals with logical addresses for hosts and resides at Layer 3 (Network Layer) of the OSI model?
•	TCP
•	IP
•	UDP
•	PPP

Answer 6

Internet Protocol (IP)
i.	Internet Protocol (IP) is the TCP/IP protocol that deals with logical addresses, commonly know as IP addresses, for host computers.

Question 7

Which of the following is not a packet switching technology?
•	Circuit Switch
•	ATM
•	MPLS
•	Frame Relay

Answer 7

Circuit Switching
i. Circuit switching is the opposite of packet switching – it creates a hard-wired circuit between two communicating nodes

Question 8

Oliver has inherited a network without any labeled ports on the patch panel. What tool will he need to get the patch panel properly labeled?
•	Crossover cable
•	Toner
•	TDR
•	Hardware Loopback

Answer 8

Toner
i. The only tool that will work in this situation is the toner. A toner, which consists of a tone probe and a tone generator, can be used to trace out cables to determine the two ends of each table.

Question 9

Which techniques can a technician use to harden her network? (Choose three.)
• Avoid saving certificates, passwords, and keys in the same location
• Keep account roles separated to avoid conflicts of interest
• Avoid using privileged accounts
• Track hardware and software for patch requirements

Answer 9

• Keep account roles separated to avoid conflicts of interest
• Avoid using privileged accounts
• Track hardware and software for patch requirements

It is not wise to use privileged accounts. Unless it is necessary to perform administrative tasks. Accounts should be role-based and should not be able to perform tasks that would represent a conflict of interest to reduce the potential for abuse.

Question 10

A technician suspects that a virus has infected the network. One of its actions appears to be that it utilizes a large amount of network bandwidth. What is the BEST tool that the technician can use to quickly determine which workstations are infected?
•	Network Sniffer
•	Syslog
•	SNMP
•	Web server

Answer 10

Network Sniffer

i. A sniffer is used to examine network traffic. These are more commonly known as packet sniffers.

Question 11

Network upgrades have been completed, and the network protocols have been modernized. The WINS server was shut down. Since there is no need for NetBIOS traffic, it will no longer be allowed on the network. Which of the following will accomplish this objective?
•	IP filtering
•	Content filtering
•	Port filtering
•	MAC filtering

Answer 11

Port filtering
i. Port filtering, NetBIOS uses three well-known ports. Filter these (137, 139, and 15), and there will not be any more NetBIOS traffic.

Question 12

Which type of fiber optic cable supports longer run lengths?
•	Laser-mode
•	Multi-mode
•	Fractal-mode
•	Single-mode

Answer 12

Single-mode

i. Single-mode cable carries laser pulses the longest distance

Question 13

13.	Scott complains about slow access to the server and asks you to fix it. Which of the following utilities can you use to find the bottleneck on the network?
•	Telnet
•	Ping
•	Tracert
•	Nbtstat

Answer 13

Tracert
i. Tracert traces the route between the host and destination. When it finds a problem, it either shows the slow link with high access times or simply stops.

Question 14

What is the value of a baseline performance analysis?
• It causes CPU performance to scale up when more processing power is needed.
• It provides an inventory of all network and computer components.
• It shows the cause of network slowdowns.
• Provides a quantifiable reference to measure against current performance.

Answer 14

Provides a quantifiable reference to measure against current performance.
i. A performance baseline can be used to verify perceived performance slowdowns.

Question 15

Which statements is true of VLANs?
• VLANs use SSH tunnels for cross-VLAN traffic.
• VLANs can only be implemented on specified ports on a router.
• VLANs enable remote station to connect to the LAN from across the Internet.
• VLANs break up broadcast domains into multiple, smaller broadcast domains.

Answer 15

VLANs break up broadcast domains into multiple, smaller broadcast domains.
i. VLANs break up a single broadcast domain into multiple, smaller broadcast domains.

Question 16

What command will assign a drive letter to a network share?
•	Net drive
•	Net assign
•	Net share
•	Net use

Answer 16

Net use

i. The net use command assigns a drive letter in the local computer to a shared folder on another computer.

Question 17

Which statement is not true about 10BaseT
• 10BaseT runs at ten (10) megabits per second
• 10BaseT requires Cat 5a UTP cable
• 10BaseT supports a maximum of 1024 nodes per switch
• The maximum distance between the switch and the node is 100 meters

Answer 17

10BaseT requires Cat 5a UTP cable

i. 10BaseT can run on Cat 3 or higher UTP

Question 18

Doug was troubleshooting in a wiring closet in 2013. The cabling diagrams and document are five years old and have little resemblance to what Doug sees. What configuration management process has fallen behind?
•	Baselining
•	Asset management
•	Change management
•	System logs

Answer 18

• Change management
i. Change management keeps track of all system changes since the last baseline was performed, and it can save lots of time.

Question 19

Which choice is true of a rogue DHCP server?
• A rogue DHCP server increases the speed of the DHCP service.
• A rogue DHCP server can assign incompatible IP addresses to hosts.
• A rogue DHCP server ensures that hosts will get compatible APIPA address.
• A rogue DHCP server increases the pool of available IP addresses.

Answer 19

A rogue DHCP server can assign incompatible IP addresses to hosts.
i. Rogue DHCP servers can assign incompatible IP addresses to hosts on a network, making them unable to communicate with other hosts or the internet.

Question 20

Mesh networks come in two varieties. What are two primary variants? (Select two.)
•	Partial
•	Peer-to-peer
•	Client-server
•	Full

Answer 20

Partial
Full
i. Mesh network topologies can be installed as a partial mesh or full mesh.

Question 21

Which coaxial cables have a characteristic impedance of 50 ohms? (Select two)
•	RG-58
•	RG-6
•	RG-8
•	RG-59

Answer 21

RG-8
RG-58
i. RG-8 and RG-58, known as Thicknet and Thinnet, have 50-ohm impedance and were used in early ethernet installations.

Question 22

Which choices are example of asymmetric encryption?(Choose two.)
•	Rivest-Shamir-Adleman
•	Elliptic Curve Cryptography
•	Blowfish
•	Data Encryption Standard

Answer 22

• Rivest-Shamir-Adleman
• Elliptic Curve Cryptography
i. Elliptic Curve Cryptography (ECC) and Rivest-Shamir-Adleman (RSA) are example of asymmetric encryption.

Question 23

What utility would you use on a UNIX system to help determine where an internet connection is being slowed down?
•	Ping
•	Ifconfig
•	Tracert
•	Traceroute

Answer 23

• Traceroute
i. Traceroute is a UNIX utility that traces out the path of your packets and determines the time it takes for the packet to reach node along the path. This can help determine where the slowdown is occurring.

Question 24

Your company has just purchased 800 new PCs for a roll-out you are about to make. Of the following choices, which should you update accordingly?
•	Wire Schemes
•	Change management
•	Baselines
•	Asset management

Answer 24

Asset management

i. Asset management is the documentation we use to keep track of all the network equipment and assets.

Question 25

Which statement is NOT true of 100 megabit Ethernet?
• Both 100BaseF and 100BaseFX run over multi-mode cable
• Ethernet can run at 100mbps on fiber or copper
• 100BaseTX supports runs of up to 2KM
• Both 100BaseT and 100BaseTXa runs over unshielded twisted pair

Answer 25

100BaseTX supports runs of up to 2KM

i. 100BaseTX only supports runs of up to 100 meters.

Question 26

Which of the following protocol is associated with monitoring devices on a network?
•	RDP
•	SNMP
•	EIGRP
•	SMTP

Answer 26

• SNMP
i. Simple Network Management Protocol (SNMP) is designed to monitor networks, reporting an incredible amount of detail about devices on the network.

Question 27

27.	Which committee governs the standards of Ethernet?
•	ISO 9002
•	ISO 9001
•	IEEE 802.3
•	IEEE 802.11n

Answer 27

• IEEE 802.3

i. IEEE 802.3 manages and maintains Ethernet standards.

Question 28

Which of the following connectors would be found on a fiber-optic cable?
•	BNC
•	RS-232
•	RJ-11
•	MT-RJ

Answer 28

• MT-RJ

Question 29

Which of the following is not a common certificate error or warning?
• Expired certificate
• Certificate not valid for the site
• Self-signed certificate
• Certificate is on the Certificate Revocation List (CRL)

Answer 29

• Certificate is on the Certificate Revocation List (CRL)

i. The CRL is the Certificate Revocation List

Question 30

Some users on a wireless network, but not all, are having trouble accessing certain network resources. Which of the following is the least likely cause?
• TCP and/UDP ports have been blocked by a firewall.
• The wireless access point has lost power.
• Access Control Lists have been changed.
• Server ports have changed to a non-standard port.

Answer 30

• The wireless access point has lost power.

i. If the WAP is unpowered, all users will be affected.

Question 31

A network technician has been tasked with monitoring the network. Which network function is it not necessary for her to monitor?
•	File hash changes
•	Server utilization
•	Bandwidth
•	Error alerts

Answer 31

• File hash changes

i. Changes to file hashes are not typical, real-world thing that requires aggressive or constant monitoring.

Question 32

Your network administrator has just added a small router to connect to the internet, but now you can’t connect to your network server. Your system is configured to obtain an IP address automatically. You ran the ipconfig command to find out your default gateway address, which is 192.168.4.152. You successfully pinged your default gateway. You still cannot connect to your server. What could be causing the problem.
• The network’s router is also running DHCP, causing DHCP conflict
• The cable connecting the switch to your system is bad
• The cable connecting the switch to the router is bad
• Your switch is malfunctioning

Answer 32

• The network’s router is also running DHCP, causing DHCP conflict
i. The network’s router may also be running DHCP, causing a DHCP conflict with the DHCP server.

Question 33

Clark is troubleshooting a user’s PC. They are using their browser to visit Web sites such as PayPal, eBay, and Newegg. They begin seeing SSL certificate mismatch warnings. Which of the following attacks could be happening?
•	Zombie
•	Smurf
•	Honey Pot
•	Man-in-the-middle

Answer 33

• Man-in-the-middle
i. A man-in-the-middle attack is a form of eavesdropping in which the attacker makes a connection with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.

Question 34

What is the quickest and easiest technology available to keep servers and equipment up and running?
•	Battery backup/UPS
•	Disaster recovery plan
•	Business continuity plan
•	RAID array

Answer 34

• Battery backup/UPS

i. A battery backup/UPS on each rack or critical node keeps systems up and running in the event of power failure.

Question 35

Which would be the best solution to make an encrypted tunnel using SSH?
• Set up a tunnel using PPTP
• Piggyback an exiting tunnel program onto SSH
• Set up a tunnel using L2TP/IPsec
• Recode an unencrypted tunneling program to support SSH encryption

Answer 35

• Piggyback an exiting tunnel program onto SSH

i. The only option here that meets the criteria of the question is to piggyback a VPN session over an SSH connection

Question 36

Which best describes a model?
• The expansion of a single process step into multiple steps
• A representation of a real object or process
• A duplicate of a real object or process
• Multiple steps of a process converted into a single step

Answer 36

• A representation of a real object or process

i. A model is a representation of a real-world object or process.

Question 37

Preparation for incidents is a multifaceted process that includes which tasks? (Selected two.)
•	Penetration testing
•	Vulnerability scanning
•	Statement of work
•	Service-level agreement

Answer 37

• Penetration testing
• Vulnerability scanning
i. Vulnerability Scanning and penetration testing show where network resources are exposed to risk. Once known, these resources can be hardened against threats.

Question 38

In what folder is the HOSTS file located on a Windows computer?
•	C:\Windows\System32\Drivers\etc
•	C:\etc
•	C:\Windows\etc
•	C:\Windows\System32\etc

Answer 38

• C:\Windows\System32\etc

i. In a Windows-based computer, the HOSTS file is found in the C:\Windows\System32\etc

Question 39

A company has subnetted its Class C network address into four subnets with a /26 subnet mask. What are the addresses of the four subnets?
•	0, 64, 128, 192
•	1, 2, 4, 8
•	128, 64, 32, 16
•	0, 1, 2, 3

Answer 39

• 0, 64,128, 192
i. 0, 64, 128, 192 represent all of the possible values of 1s and 0s in the first two columns of the fourth octet in a Class C address 0 0, 0 1, 1 0, and 11. Place those values under a 128 and 64 column and calculate the results.

Question 40

What is a chunk of data that has been sent of out a NIC called?
•	MAC
•	Frame
•	Segment
•	Packet

Answer 40

• Frame

i. Network interface cards generate and receive frames.

Question 41

Which choice is not found in a change request?
•	Type of change
•	Configuration procedures
•	Rollback process
•	Notification
•	Cost of implementation
•	Potential impact

Answer 41

• Cost of implementation
i. The cost is not included in a change request. Cost is evaluated by the change-management team and approved or denied by management.

Question 42

Which of the following is not a DDoS attack profile?
•	Protocol Attack
•	Certificate attack
•	Volume attack
•	Application attack

Answer 42

• Certificate attack

i. Certificate attack is made-up term

Question 43

Which of the following is not an element of risk management?
•	Security Policies
•	Security Procedures
•	Security Controls
•	Secure infrastructure from threats

Answer 43

• Secure infrastructure from threats

i. While it is important to secure a network’s infrastructure, it is not an element of risk management

Question 44

Which choice is not true about protocol analyzers such as Wireshark?
• Protocol analyzers can capture packets.
• Protocol analyzers can show the contents of packets and frames.
• Protocol analyzers can filter packets and frames
• Protocol analyzers can generate packets and frames

Answer 44

Protocol analyzers can generate packets and frames

i. Protocol analyzers cannot create packets and frames. They can only capture and display them

Question 45

Which protocol maps IP addresses to Layer 2 (Data Link Layer) addresses?
•	Ping
•	ARP
•	Netstat
•	TCP

Answer 45

• ARP
i. ARP is the protocol used to resolve an IP address into a MAC address, which functions at Layer 2 (Data Link Layer) of the OSI 70layer model.

Question 46

DHCP servers pull IP addresses from a pool of IP addresses. This pool is called the: 
•	DHCP lease
•	DHCP scope
•	DHCP pool
•	DHCP array

Answer 46

• DHCP scope

i. The pool of IP addresses available for the DHCP server to hand out is called the DHCP scope.

Question 47

Which network solution provides at least 50Mbps of bandwidth and supports full-duplex communication?
•	10/100 layer 2 switch
•	10Base2 Ethernet
•	5.0 GHz 802.11a
•	2.4GHz 802.11g

Answer 47

• 10/100 layer 2 switch
i. 10/100 layer 2 switch is correct. Switches are usually configured to be full-duplex, and the 100 part of the label means that the switch supports 100Mbps.

Question 48

Which techniques should a technician utilize to achieve HA (High Availability)? (Choose 3)
•	Redundant Systems
•	Back up server drives
•	Aggregate links
•	Install RAID

Answer 48

• Redundant Systems
• Aggregate links
• Install RAID
i. Backups don’t keep systems running, they make it easy to recover. High availability is achieved with tools such as RAID arrays, Link Aggregation, of multiple NICs and redundant systems. Redundant system may include power supplies, routers, etc. will help keep systems running in the event of a failure.

Question 49

Which choices are characteristic of an IP address? (Select Two)
• IP addresses are physical addresses.
• IP networks are connected with routers.
• IP addresses are logical addresses.
• IP networks are connected with switches

Answer 49

• IP networks are connected with routers.
• IP addresses are logical addresses.
i. IP addresses are logically assigned to hosts; they are not fixed values and so can be changed or re-assigned. IP networks (not hosts) are connected with routers.