TEST 3 Flashcards
Which of the following is a system of notation that uses base 16 rather than base 10?
A. Hex
B. Octal
C. Binary
D. CIDR
A. Hex
A network administrator would like to collect information from several networking devices using SNMP. Which of the following SNMP options should a network administrator use to ensure the data transferred is confidential?
A. authpriv
B. SHA
C. MD5
D. Authentication passphrase
A. authpriv
The IT manager at a small firm is in the process of renegotiating an SLA with the organization’s ISP. As part of the agreement, the organization will agree to a dynamic bandwidth plan to provide 150Mbps of bandwidth. However, if the ISP determines that a host on the organization’s internal network produces malicious traffic, the ISP reserves the right to reduce available bandwidth to 1.5 Mbps. Which of the following policies is being agreed to in the SLA?
A. Session hijacking B. Blocking C. Throttling D. Data usage limits E. Bandwidth quotas
C. Throttling
A network technician has just configured NAC for connections using Cat 6 cables. However, none of the Windows clients can connect to the network.
Which of the following components should the technician check on the Windows workstations? (Choose two.)
A. Start the Wired AutoConfig service in the Services console
B. Enable IEEE 802.1q Authentication in Network Interface Card Properties
C. Enable IEEE 802.1x Authentication in Network Interface Card Properties
D. Start the Wireless AutoConfig service in the Services console
E. Enable IEEE 802.3 Ethernet IPv6 in Network Interface Card Properties
A. Start the Wired AutoConfig service in the Services console
C. Enable IEEE 802.1x Authentication in Network Interface Card Properties
The security manager reports that individual systems involved in policy or security violations or incidents cannot be located quickly. The security manager notices the hostnames all appear to be randomly generated characters. Which of the following would BEST assist the security manager identifying systems involved in security incidents?
A. Enforce port security to require system authentication
B. Implement a standardized UNC
C. Label existing systems with current hostnames
D. Forward the DHCP logs to the security manager every day
B. Implement a standardized UNC
A building is equipped with light sensors that turn off the fluorescent lights when natural light is above a certain brightness. Users report experiencing network connection issues only during certain hours. The west side of the building experiences connectivity issues in the morning hours and the east side near the end of the day. At night the connectivity issues affect the entire building. Which of the following could be the cause of the connectivity issues?
A. Light sensors are interfering with the network
B. EMI from the lights is interfering with the network cables
C. Network wiring is run perpendicular to electrical conduit
D. Temperature changes are causing attenuation in copper cabling
C. Network wiring is run perpendicular to electrical conduit
A network technician configures a firewall’s ACL to allow outgoing traffic for several popular services such as email and web browsing. However, after the firewall’s deployment, users are still unable to retrieve their emails. Which of the following would BEST resolve this issue?
A. Allow the firewall to accept inbound traffic to ports 25, 67, 179, and 3389
B. Allow the firewall to accept inbound traffic to ports 80, 110, 143, and 443
C. Set the firewall to operate in transparent mode
D. Allow the firewall to accept inbound traffic to ports 21, 53, 69, and 123
B. Allow the firewall to accept inbound traffic to ports 80, 110, 143, and 443
A network security technician observes multiple attempts to scan network hosts and devices. All the attempts originate from a single host on the network. Which of the following threats is MOST likely involved?
A. Smurf attack
B. Rogue AP
C. Compromised system
D. Unintentional DoS
C. Compromised system
Which of the following would be the MOST efficient subnet mask for a point-to-point link?
A. /28
B. /29
C. /31
D. /32
C. /31
An office user cannot access local network drives but has full access to the Internet. A technician troubleshoots the issue and
observes the following output of the ipconfig command:
Windows ip configuation
Ethernet LAN Adapter: 980GTS Connection-specific DNS Suffix: ... comptia.net APv4 Address: .........10.0.5.99 Subnet Mask: .........255.255.255.0 Default Gateway: .....10.0.5.0
Wireless LAN Adapter: FastWifi 99 Connection-specific DNS Suffix: ...guestwireless.local IPv4 Address: .........172.16.0.5 Subnet Mask: .........255.255.255.0 Default Gateway: .....172.16.0.254
Which of the following would MOST likely allow the network drives to be accessed?
A. Update the WLAN adapter driver
B. Disable the WLAN adapter
C. Check the wireless DHCP configuration
D. Disable the LAN adapter
B. Disable the WLAN adapter
Ann, a network technician, has just installed a fiber switch in a datacenter. To run the fiber cabling, Ann plans the cable route over the top of the rack using the cable trays, down to the switch, coiling up any excess cable. As Ann configures the switch, she notices several messages in the logging buffer stating the receive signal of the SFP is too weak. Which of the following is MOST likely the cause of the errors in the logging buffer?
A. Bend radius exceeded
B. Fiber cable mismatch
C. Fiber type mismatch
D. Bad fiber switch
A. Bend radius exceeded
Which of the following wireless connection types utilize MIMO on non-overlapping channels? (Choose two.)
A. 802.11a B. 802.11ac C. 802.11b D. 802.11g E. 802.11n
B. 802.11ac
E. 802.11n
A network technician is creating a new subnet for 488 host machines. The technician is told to use a class B address scheme when making the subnet and is instructed to leave as much room as possible for additional subnets of the same size. Which of the following subnets would fulfill these requirements?
A. 10.5.4.0/22 B. 10.233.2.0/23 C. 172.16.0.0/22 D. 172.18.0.0/23 E. 192.168.25.0/24
D. 172.18.0.0/23
A network engineer is designing a new IDF in an old building. The engineer determines the equipment will fit in a two-post rack, and there is power available for this equipment. Which of the following would be the FIRST issue to remediate?
A. Air flow and cooling
B. UPS capability
C. Circuit labeling
D. Power redundancy
A. Air flow and cooling
Which of the following DNS records needs to be configured for SMTP traffic?
A. MX
B. CNAME
C. AAAA
D. PTR
A. MX
In which of the following ways does a DDoS attack differ from a spoofing attack?
A. DDoS attacks target multiple networks
B. Spoofing attacks originate from a single host
C. DDoS attacks are launched from multiple hosts
D. Spoofing attacks require physical presence
C. DDoS attacks are launched from multiple hosts
A user checks an IP address using an external website. The address is different than the one the user sees when opening a command prompt and typing in ipconfig/all. The user does not understand why the two tools show different IP addresses. This is BEST explained by the interworking of:
A. network devices
B. packet flow
C. public/private networks
D. traffic-routing protocols
C. public/private networks
Which of the following communication media can carry many voice, data, and video channels simultaneously over multiple frequencies?
A. Broadband
B. Baseband
C. Analog modem
D. CSMA
A. Broadband
To replace a defective UPS, the network administrator must take the switch offline. The administrator wants to be able to perform maintenance UPS in the future without affecting the availability of the attached switch. Which of the following would BEST allow this to happen?
A. Add a redundant power supply to the switch
B. Implement stacking on the switches in the rack
C. Add a second UPS into the rack
D. Install a power converter for the switch
A. Add a redundant power supply to the switch
A forensic first responder arrives at the scene where an employee is suspected to have committed a computer-based crime.
Which of the following should the first responder do FIRST?
A. Document the scene
B. Take pictures upon arrival
C. Secure the area
D. Implement chain of custody
C. Secure the area
A small town is attempting to attract tourists who visit larger nearby cities. A network engineer is asked to implement a network encompassing the five-block town center and nearby businesses. The inclusion of smartphones and portable devices is crucial to the plan. Which of the following is the network engineer being asked to implement?
A. LAN
B. PAN
C. MAN
D. WAN
C. MAN
An employee wishes to use a personal cell phone for work-related purposes, including storage of sensitive company data, during long business trips. Which of the following is needed to protect BOTH the employee and the company?
A. An NDA ensuring work data stored on the personal phone remains confidential
B. An AUP covering how a personal phone may be used for work matters
C. A consent to monitoring policy covering company audits of the personal phone
D. Real-time remote monitoring of the phone’s activity and usage
D. Real-time remote monitoring of the phone’s activity and usage
Which of the following protocols can be both connection-oriented and connectionless?
A. 20 FTP
B. 53 DNS
C. 67 DHCP
D. 80 HTTP
B. 53 DNS
Which of the following BEST describes the differences between VLAN hopping and session hijacking?
A. VLAN hopping involves the unauthorized transition from one VLAN to another to gain additional access. Session hijacking involves overriding a user’s web connection to execute commands
B. VLAN hopping is a brute force attack executed to gain additional access. Session hijacking involves physically disrupting a network connection
C. VLAN hopping involves overriding a user network connection to execute malicious commands. Session hijacking involves compromising a host to elevate privileges
D. VLAN hopping is the act of exploiting poor VLAN tagging. Session hijacking is a web-based attack aimed at privilege escalation
A. VLAN hopping involves the unauthorized transition from one VLAN to another to gain additional access. Session hijacking involves overriding a user’s web connection to execute commands
An analyst is developing a proof of concept of a wireless-based attack as part of a penetration test against an organization’s network. As part of the attack, the analyst launches a fake access point matching the SSID of the organization’s guest access network. When a user connects to the fake access point, the analyst allows the traffic to flow through the access point to the legitimate site while the data traversing the network is logged for latest analysis and exploitation. Which of the following attacks has the analyst successfully performed in this scenario?
A. Bluesnarfing B. Session hijacking C. MAC spoofing D. VLAN hopping E. Man-in-the-middle
E. Man-in-the-middle
A network administrator receives a call from the sales department requesting ports 20 and 21 be opened on the company’s firewall to allow customers to retrieve a large file. Which of the following should the administrator perform BEFORE making the needed changes? (Choose two.)
A. Document the reason for the request
B. Scan the file for malware to protect the sales department’s computers
C. Follow the company’s approval process for the implementation
D. Install a TFTP server for the customers to use for the transfer
E. Create a honeypot to store the file on for the customers to use
F. Write the SLA for the sales department authorizing the change
A. Document the reason for the request
C. Follow the company’s approval process for the implementation
A user reports that a laptop cannot connect to the Internet despite the fact the wireless Internet was functioning on it yesterday. The user did not modify the laptop in any way, and the wireless Internet is functional on other users’ laptops. Which of the following issues should be reviewed to help the user to connect to the wireless network?
A. Wireless switch toggled off
B. WAP settings
C. WLAN IP address out of scope
D. Wireless controller misconfiguration
A. Wireless switch toggled off
A network administrator wants to increase the confidentiality of the system by hardening the authentication process. Currently, the users log in using usernames and passwords to access the system. Which of the following will increase the authentication factor to three?
A. Adding a fingerprint reader to each workstation and providing a RSA authentication token
B. Adding a fingerprint reader and retina scanner
C. Using a smart card and RSA token
D. Enforcing a stronger password policy and using a hand geometry scan
A. Adding a fingerprint reader to each workstation and providing a RSA authentication token
A network technician is building a network for a small office. The office currently has cable TV and now requires access to the Internet without adding any cabling other than what is already in place. Which of the following solutions should the technician install to meet these requirements?
A. DOCSIS modem
B. Wireless router
C. DSL modem
D. Access point
A. DOCSIS modem
A network engineer arrives at work and discovers that many users are having problems when attempting to connect to the company network shared drives. The network operations center (NOC) technician just completed server upgrades the night before. To which of the following documents should the NOC technician refer to determine what potentially caused the connectivity problem?
A. Network maps
B. Cable management
C. Release notes
D. Change management
D. Change management
Which of the following VPN protocols establishes a secure session that can be initiated using a browser?
A. IPSec
B. SSL VPN
C. PTP
D. PPTP
B. SSL VPN
A technician is setting up a public guest network for visitors to access the Internet that must be separate from the corporate network. Which of the following are the BEST steps for the technician to take with minimum overhead configuration? (Choose two.)
A. Enable SSID broadcasting to identify the guest network
B. Configure visitor devices to use static IP addresses
C. Enable two-factor authentication on visitor devices
D. Configure the access point to use WPA2-AES encryption
E. Ensure the access point is not running in mixed mode
A. Enable SSID broadcasting to identify the guest network
B. Configure visitor devices to use static IP addresses