TEST 3 Flashcards

Question 1

Q

Which of the following is a system of notation that uses base 16 rather than base 10?

A. Hex
B. Octal
C. Binary
D. CIDR

Question 2

Q

A network administrator would like to collect information from several networking devices using SNMP. Which of the following SNMP options should a network administrator use to ensure the data transferred is confidential?

A. authpriv
B. SHA
C. MD5
D. Authentication passphrase

Answer

A

A. authpriv

Question 3

Q

The IT manager at a small firm is in the process of renegotiating an SLA with the organization’s ISP. As part of the agreement, the organization will agree to a dynamic bandwidth plan to provide 150Mbps of bandwidth. However, if the ISP determines that a host on the organization’s internal network produces malicious traffic, the ISP reserves the right to reduce available bandwidth to 1.5 Mbps. Which of the following policies is being agreed to in the SLA?

A. Session hijacking
B. Blocking
C. Throttling
D. Data usage limits
E. Bandwidth quotas

Answer

A

C. Throttling

Question 4

Q

A network technician has just configured NAC for connections using Cat 6 cables. However, none of the Windows clients can connect to the network.
Which of the following components should the technician check on the Windows workstations? (Choose two.)

A. Start the Wired AutoConfig service in the Services console
B. Enable IEEE 802.1q Authentication in Network Interface Card Properties
C. Enable IEEE 802.1x Authentication in Network Interface Card Properties
D. Start the Wireless AutoConfig service in the Services console
E. Enable IEEE 802.3 Ethernet IPv6 in Network Interface Card Properties

Answer

A

A. Start the Wired AutoConfig service in the Services console
C. Enable IEEE 802.1x Authentication in Network Interface Card Properties

Question 5

Q

The security manager reports that individual systems involved in policy or security violations or incidents cannot be located quickly. The security manager notices the hostnames all appear to be randomly generated characters. Which of the following would BEST assist the security manager identifying systems involved in security incidents?

A. Enforce port security to require system authentication
B. Implement a standardized UNC
C. Label existing systems with current hostnames
D. Forward the DHCP logs to the security manager every day

Answer

A

B. Implement a standardized UNC

Question 6

Q

A building is equipped with light sensors that turn off the fluorescent lights when natural light is above a certain brightness. Users report experiencing network connection issues only during certain hours. The west side of the building experiences connectivity issues in the morning hours and the east side near the end of the day. At night the connectivity issues affect the entire building. Which of the following could be the cause of the connectivity issues?

A. Light sensors are interfering with the network
B. EMI from the lights is interfering with the network cables
C. Network wiring is run perpendicular to electrical conduit
D. Temperature changes are causing attenuation in copper cabling

Answer

A

C. Network wiring is run perpendicular to electrical conduit

Question 7

Q

A network technician configures a firewall’s ACL to allow outgoing traffic for several popular services such as email and web browsing. However, after the firewall’s deployment, users are still unable to retrieve their emails. Which of the following would BEST resolve this issue?

A. Allow the firewall to accept inbound traffic to ports 25, 67, 179, and 3389
B. Allow the firewall to accept inbound traffic to ports 80, 110, 143, and 443
C. Set the firewall to operate in transparent mode
D. Allow the firewall to accept inbound traffic to ports 21, 53, 69, and 123

Answer

A

B. Allow the firewall to accept inbound traffic to ports 80, 110, 143, and 443

Question 8

Q

A network security technician observes multiple attempts to scan network hosts and devices. All the attempts originate from a single host on the network. Which of the following threats is MOST likely involved?

A. Smurf attack
B. Rogue AP
C. Compromised system
D. Unintentional DoS

Answer

A

C. Compromised system

Question 9

Q

Which of the following would be the MOST efficient subnet mask for a point-to-point link?

A. /28
B. /29
C. /31
D. /32

Question 10

Q

An office user cannot access local network drives but has full access to the Internet. A technician troubleshoots the issue and
observes the following output of the ipconfig command:

Windows ip configuation

Ethernet LAN Adapter: 980GTS
Connection-specific DNS Suffix: ... comptia.net
APv4 Address:  .........10.0.5.99
Subnet Mask:    .........255.255.255.0
Default Gateway: .....10.0.5.0

Wireless LAN Adapter:  FastWifi  99
Connection-specific DNS Suffix: ...guestwireless.local
IPv4 Address:  .........172.16.0.5
Subnet Mask:    .........255.255.255.0
Default Gateway: .....172.16.0.254

Which of the following would MOST likely allow the network drives to be accessed?

A. Update the WLAN adapter driver
B. Disable the WLAN adapter
C. Check the wireless DHCP configuration
D. Disable the LAN adapter

Answer

A

B. Disable the WLAN adapter

Question 11

Q

Ann, a network technician, has just installed a fiber switch in a datacenter. To run the fiber cabling, Ann plans the cable route over the top of the rack using the cable trays, down to the switch, coiling up any excess cable. As Ann configures the switch, she notices several messages in the logging buffer stating the receive signal of the SFP is too weak. Which of the following is MOST likely the cause of the errors in the logging buffer?

A. Bend radius exceeded
B. Fiber cable mismatch
C. Fiber type mismatch
D. Bad fiber switch

Answer

A

A. Bend radius exceeded

Question 12

Q

Which of the following wireless connection types utilize MIMO on non-overlapping channels? (Choose two.)

A. 802.11a
B. 802.11ac
C. 802.11b
D. 802.11g
E. 802.11n

Answer

A

B. 802.11ac

E. 802.11n

Question 13

Q

A network technician is creating a new subnet for 488 host machines. The technician is told to use a class B address scheme when making the subnet and is instructed to leave as much room as possible for additional subnets of the same size. Which of the following subnets would fulfill these requirements?

A. 10.5.4.0/22
B. 10.233.2.0/23
C. 172.16.0.0/22
D. 172.18.0.0/23
E. 192.168.25.0/24

Answer

A

D. 172.18.0.0/23

Question 14

Q

A network engineer is designing a new IDF in an old building. The engineer determines the equipment will fit in a two-post rack, and there is power available for this equipment. Which of the following would be the FIRST issue to remediate?

A. Air flow and cooling
B. UPS capability
C. Circuit labeling
D. Power redundancy

Answer

A

A. Air flow and cooling

Question 15

Q

Which of the following DNS records needs to be configured for SMTP traffic?

A. MX
B. CNAME
C. AAAA
D. PTR

Question 16

Q

In which of the following ways does a DDoS attack differ from a spoofing attack?

A. DDoS attacks target multiple networks
B. Spoofing attacks originate from a single host
C. DDoS attacks are launched from multiple hosts
D. Spoofing attacks require physical presence

Answer

A

C. DDoS attacks are launched from multiple hosts

Question 17

Q

A user checks an IP address using an external website. The address is different than the one the user sees when opening a command prompt and typing in ipconfig/all. The user does not understand why the two tools show different IP addresses. This is BEST explained by the interworking of:

A. network devices
B. packet flow
C. public/private networks
D. traffic-routing protocols

Answer

A

C. public/private networks

Question 18

Q

Which of the following communication media can carry many voice, data, and video channels simultaneously over multiple frequencies?

A. Broadband
B. Baseband
C. Analog modem
D. CSMA

Answer

A

A. Broadband

Question 19

Q

To replace a defective UPS, the network administrator must take the switch offline. The administrator wants to be able to perform maintenance UPS in the future without affecting the availability of the attached switch. Which of the following would BEST allow this to happen?

A. Add a redundant power supply to the switch
B. Implement stacking on the switches in the rack
C. Add a second UPS into the rack
D. Install a power converter for the switch

Answer

A

A. Add a redundant power supply to the switch

Question 20

Q

A forensic first responder arrives at the scene where an employee is suspected to have committed a computer-based crime.
Which of the following should the first responder do FIRST?

A. Document the scene
B. Take pictures upon arrival
C. Secure the area
D. Implement chain of custody

Answer

A

C. Secure the area

Question 21

Q

A small town is attempting to attract tourists who visit larger nearby cities. A network engineer is asked to implement a network encompassing the five-block town center and nearby businesses. The inclusion of smartphones and portable devices is crucial to the plan. Which of the following is the network engineer being asked to implement?

A. LAN
B. PAN
C. MAN
D. WAN

Question 22

Q

An employee wishes to use a personal cell phone for work-related purposes, including storage of sensitive company data, during long business trips. Which of the following is needed to protect BOTH the employee and the company?

A. An NDA ensuring work data stored on the personal phone remains confidential
B. An AUP covering how a personal phone may be used for work matters
C. A consent to monitoring policy covering company audits of the personal phone
D. Real-time remote monitoring of the phone’s activity and usage

Answer

A

D. Real-time remote monitoring of the phone’s activity and usage

Question 23

Q

Which of the following protocols can be both connection-oriented and connectionless?

A. 20 FTP
B. 53 DNS
C. 67 DHCP
D. 80 HTTP

Answer

A

B. 53 DNS

Question 24

Q

Which of the following BEST describes the differences between VLAN hopping and session hijacking?

A. VLAN hopping involves the unauthorized transition from one VLAN to another to gain additional access. Session hijacking involves overriding a user’s web connection to execute commands
B. VLAN hopping is a brute force attack executed to gain additional access. Session hijacking involves physically disrupting a network connection
C. VLAN hopping involves overriding a user network connection to execute malicious commands. Session hijacking involves compromising a host to elevate privileges
D. VLAN hopping is the act of exploiting poor VLAN tagging. Session hijacking is a web-based attack aimed at privilege escalation

Answer

A

A. VLAN hopping involves the unauthorized transition from one VLAN to another to gain additional access. Session hijacking involves overriding a user’s web connection to execute commands

Question 25

Q

An analyst is developing a proof of concept of a wireless-based attack as part of a penetration test against an organization’s network. As part of the attack, the analyst launches a fake access point matching the SSID of the organization’s guest access network. When a user connects to the fake access point, the analyst allows the traffic to flow through the access point to the legitimate site while the data traversing the network is logged for latest analysis and exploitation. Which of the following attacks has the analyst successfully performed in this scenario?

A. Bluesnarfing
B. Session hijacking
C. MAC spoofing
D. VLAN hopping
E. Man-in-the-middle

Answer

A

E. Man-in-the-middle

Question 26

Q

A network administrator receives a call from the sales department requesting ports 20 and 21 be opened on the company’s firewall to allow customers to retrieve a large file. Which of the following should the administrator perform BEFORE making the needed changes? (Choose two.)

A. Document the reason for the request
B. Scan the file for malware to protect the sales department’s computers
C. Follow the company’s approval process for the implementation
D. Install a TFTP server for the customers to use for the transfer
E. Create a honeypot to store the file on for the customers to use
F. Write the SLA for the sales department authorizing the change

Answer

A

A. Document the reason for the request

C. Follow the company’s approval process for the implementation

Question 27

Q

A user reports that a laptop cannot connect to the Internet despite the fact the wireless Internet was functioning on it yesterday. The user did not modify the laptop in any way, and the wireless Internet is functional on other users’ laptops. Which of the following issues should be reviewed to help the user to connect to the wireless network?

A. Wireless switch toggled off
B. WAP settings
C. WLAN IP address out of scope
D. Wireless controller misconfiguration

Answer

A

A. Wireless switch toggled off

Question 28

Q

A network administrator wants to increase the confidentiality of the system by hardening the authentication process. Currently, the users log in using usernames and passwords to access the system. Which of the following will increase the authentication factor to three?

A. Adding a fingerprint reader to each workstation and providing a RSA authentication token
B. Adding a fingerprint reader and retina scanner
C. Using a smart card and RSA token
D. Enforcing a stronger password policy and using a hand geometry scan

Answer

A

A. Adding a fingerprint reader to each workstation and providing a RSA authentication token

Question 29

Q

A network technician is building a network for a small office. The office currently has cable TV and now requires access to the Internet without adding any cabling other than what is already in place. Which of the following solutions should the technician install to meet these requirements?

A. DOCSIS modem
B. Wireless router
C. DSL modem
D. Access point

Answer

A

A. DOCSIS modem

Question 30

Q

A network engineer arrives at work and discovers that many users are having problems when attempting to connect to the company network shared drives. The network operations center (NOC) technician just completed server upgrades the night before. To which of the following documents should the NOC technician refer to determine what potentially caused the connectivity problem?

A. Network maps
B. Cable management
C. Release notes
D. Change management

Answer

A

D. Change management

Question 31

Q

Which of the following VPN protocols establishes a secure session that can be initiated using a browser?

A. IPSec
B. SSL VPN
C. PTP
D. PPTP

Answer

A

B. SSL VPN

Question 32

Q

A technician is setting up a public guest network for visitors to access the Internet that must be separate from the corporate network. Which of the following are the BEST steps for the technician to take with minimum overhead configuration? (Choose two.)

A. Enable SSID broadcasting to identify the guest network
B. Configure visitor devices to use static IP addresses
C. Enable two-factor authentication on visitor devices
D. Configure the access point to use WPA2-AES encryption
E. Ensure the access point is not running in mixed mode

Answer

A

A. Enable SSID broadcasting to identify the guest network

B. Configure visitor devices to use static IP addresses

Question 33

Q

When choosing a type of storage that integrates with the existing network infrastructure, the storage must be easily configurable to share files and can communicate with all existing clients over TCP/IP. Which of the following is the BEST technology for the network administrator to implement?

A. iSCSI
B. Fibre Channel
C. NAS
D. DAS

Question 34

Q

A network technician is installing a new network switch is looking for an appropriate fiber optic patch cable. The fiber optic patch panel uses a twist-style connector. The switch uses a SFP module. Which of the following connector types should the fiber patch cable have?

A. LC
B. ST
C. SC
D. MTRJ
E. MTP

Question 35

Q

Which of the following WAN technologies utilizes the concept of virtual circuits and point-multipoint connections?

A. ISDN
B. MPLS
C. PRI
D. Broadband cable
E. Frame relay

Answer

A

E. Frame relay

Question 36

Q

A network administrator wishes to ensure there are no unnecessary open communication paths into a server. Using a port scanner, the administrator finds that ports are reported as closed. Which of the following BEST explains this response?

A. The ports belong to an active system and are denying requests
B. The ports are associated with deprecated services
C. The ports do not belong to a live system
D. The ports replied with a SYN/ACK response

Answer

A

B. The ports are associated with deprecated services

Question 37

Q

Users are reporting issues with slow connection speeds and a loss of connectivity on the newly installed wireless network. The issues are intermittent but seem to occur most often around midday. Which of the following is the MOST likely cause?

A. There is interference from small appliances
B. The signal coverage area is too small
C. Not enough DHCP addresses have been allotted
D. The DNS cache on the users’ computers has become corrupt

Answer

A

C. Not enough DHCP addresses have been allotted

Question 38

Q

A user reports difficulties connecting a PC to a wired network. The PC connects to an IP phone, which is working correctly. A network technician can verify that other devices successfully connect to the phone. At which of the following layers of the OSI model is the problem MOST likely located?

A. Network
B. Physical
C. Transport
D. Application

Answer

A

A. Network

Question 39

Q

Which of the following physical security controls is MOST likely to be susceptible to a false positive?

A. Identification card
B. Biometric device
C. Proximity reader
D. Video camera

Answer

A

C. Proximity reader

Question 40

Q

An assistant systems analyst reports the following findings of an investigation of slow Internet connections in a remote office to the senior systems analyst:
Device CPU utiliz. Memory Utiliz. Link Status
Router 5% 43% Good
Which of the following devices is causing the issue?

A. Router
B. Firewall
C. Switch 1
D. Switch 2

Answer

A

B. Firewall

Question 41

Q

A small business developed an in-house application that is very sensitive to network latency when a communicating between servers. Due to a lack of funds, the business had to build its own network for workstations and servers. Now a network administrator must redesign the network due to performance issues with the application. Which of the following would be the MOST cost effective for the administrator to recommend?

A. Create Ethernet VLANs
B. Disable autonegotiation on the servers
C. Install 10Gb Ethernet NICs in the servers
D. Install Fibre Channel for the server network

Answer

A

C. Install 10Gb Ethernet NICs in the servers

Question 42

Q

A network technician is configuring a firewall access list to secure incoming connections to an email server. The internal address of this email server is 192.168.1.143. The firewall should allow external email servers to send email to the email server. The email server also supports client access via a web browser. Only secure protocols should be used, and only the necessary ports should be open. Which of the following ACL rules should be configured in the firewall’s WAN port? (Choose two.)

A. Permit 192.168.1.143.25
B. Permit 192.168.1.143.80
C. Permit 192.168.1.143.110
D. Permit 192.168.1.143.143
E. Permit 192.168.1.143.443
F. Permit 192.168.1.143.587

Answer

A

E. Permit 192.168.1.143.443

F. Permit 192.168.1.143.587

Question 43

Q

A network administrator is testing connectivity at a new corporate site. The site has a wireless guest as well as a wired employee network. After verifying connectivity, the administrator checks link speeds by using a speed testing website. The speed testing website shows lower download and upload speeds for the wired network than the wireless network. Which of the following is the MOST likely explanation?

A. There is less local congestion on the wireless network
B. The testing server for the wired network was farther away
C. The firewall is configured to throttle traffic to specific websites
D. The wireless access points were misconfigured

Answer

A

B. The testing server for the wired network was farther away

Question 44

Q

A technician replaces a failed router with a spare that has been in inventory for some time. After attempting to enable HTTPS on the spare router, the technician discovers the feature is unavailable. The support office was able to connect to the previous router. Which of the following actions should the technician perform to enable HTTPS access for the support team?

A. Reboot the router
B. Enable HTTP on the router
C. Update the firmware of the spare router
D. Perform a factory reset on the router

Answer

A

C. Update the firmware of the spare router

Question 45

Q

A technician is trying to configure a previously owned WAP. The technician successfully logs into the administrative console and attempts to input the IP address on the WAP. However, the WAP is not accepting the command. Which of the following is causing the problem?

A. The WAP antenna is damaged
B. The WAP transmitter light is dim
C. The terminal emulation software is misconfigured
D. The LWAPP image is installed on the WAP

Answer

A

C. The terminal emulation software is misconfigured

Question 46

Q

A technician has installed a Linux server in the tax office. The server can access most of the resources on the network, but it cannot connect to another server that has a share for backup. The technician learns that the target server is on a different subnet. Which of the following tools should the technician use to ensure the Linux server can reach the backup location?

A. netstat
B. traceroute
C. route
D. dig
E. ifconfig

Answer

A

B. traceroute

Question 47

Q

Which of the following WAN technologies provides a guaranteed throughput rate?

A. DSL
B. T-1
C. Cable broadband
D. Dial-up

Question 48

Q

Which of the following is the SHORTEST way to write 2001:0000:0d58:0000:0000:0095:7565:0001 in proper IPv6 shorthand?

A. 2001::d58::95:7565:1
B. 2001:0:d58:0:0:95:7565:1
C. 2001:0:d58::95:7565:1
D. 2001:0:0d58::95:7565:1

Answer

A

C. 2001:0:d58::95:7565:1

Question 49

Q

A network administrator needs to transmit traffic to geographically diverse sites to improve performance. Which of the following devices would BEST direct traffic to the remote sites?

A. Hub
B. Bridge
C. Switch
D. Router

Answer

A

D. Router

Question 50

Q

Which of the following should a technician investigate when using a network baseline to troubleshoot?

A. Tracing a network wire connectivity issue from the datacenter to a host.
B. Determining if the server performance is degraded.
C. Changes that have been made to the network configuration.
D. Location of networking equipment in a rack.

Answer

A

B. Determining if the server performance is degraded.

Question 51

Q

A technician needs to upgrade a SOHO wireless router’s firmware. The technician resets the router to factory settings and installs the new firmware. The technician enters the DHCP information and sets the SSID. Which of the following configurations would provide the MOST protection from advance hackers?

A. Disable the broadcasting of the SSID.
B. Enable WPA2 authentication for all hosts.
C. Use private addressing for the DHCP scope.
D. Install unidirectional antennas.

Answer

A

B. Enable WPA2 authentication for all hosts.

Question 52

Q

A technician notices clients are receiving a 169.254.x.x IP address following the upgrade of a server. Which of the following ports should the technician check on the local server firewall?

A. ports 20 and 21
B. ports 67 and 68
C. ports 80 and 443
D. port 123 and 8080

Answer

A

B. ports 67 and 68

Question 53

Q

Which of the following datacenter security methodologies is MOST likely to remain usable during a network outage?

A. biometric scanners
B. door locks
C. video surveillance
D. motion detectors

Answer

A

B. door locks

Question 54

Q

A network technician is implementing a solution on the network to hide the workstation internal IP addresses across a WAN. Which of the following is the technician configuring?

A. QoS
B. DMZ
C. RIP
D. NAT

Question 55

Q

Employees want the ability to use personal devices on the guest network while working out at the company gym. In order to meet the request, which of the following policies requires employee adherence?

A. AUP
B. SLA
C. NDA
D. MOU

Question 56

Q

Which of the following BEST describes the BGP routing protocol?

A. distance vector
B. hybrid
C. static
D. link state

Answer

A

B. hybrid

Question 57

Q

A customer is reporting difficulty connecting some devices after replacing a wireless router with a new wireless 802.11ac router. The SSID, encryption and password are the same as the previous router. A technician goes on-site and notices the devices that are no longer connecting appear to be several years ago. Which of the following is MOST likely the problem?

A. the password needs to be re-entered.
B. there is a security type mismatch.
C. there is insufficient antenna power.
D. there is a frequency mismatch.
E. the channel has changed.

Answer

A

D. there is a frequency mismatch.

Question 58

Q

Which of the following should be performed to verify that unnecessary services are disabled on all switches in an environment?

A. Packet capturing
B. Port scanning
C. Log scanning
D. Baseline review

Answer

A

B. Port scanning

Question 59

Q

A technician is sent to a remote office to set up a device to connect to the Internet. The company standards document requires stateful inspection. Which of the following should the technician install?

A. Router
B. Multiplayer switch
C. Firewall
D. Bridge

Answer

A

C. Firewall

Question 60

Q

A technician is assigned to secure a basic wireless network. Which of the following authentication protocols should the technician use to perform this task? (Choose two.)

A. RDP
B. SNMP
C. WPA2
D. EAP
E. SSL

Answer

A

C. WPA2

D. EAP

Question 61

Q

Which of the following should a first responder perform when arriving at a site to perform a basic forensic investigation?

A. Isolate the area and block radio transmissions to the device.
B. Search for hidden storage devices and duplicate them on site.
C. Power off all computers and devices to stop them from erasing data.
D. Utilize a strong magnet to secure all data on drives from being erased.

Answer

A

B. Search for hidden storage devices and duplicate them on site.

Question 62

Q

A technician wants to configure the inbound port of a router to prevent FTP traffic from leaving the LAN.
Which of the following should be placed on the router interface to accomplish this goal?

A. Static routes for all port 80 traffic
B. DHCP reservations for all /24 subnets
C. ACL for ports 20 and 21
D. MAC filtering using wildcards

Answer

A

C. ACL for ports 20 and 21

Question 63

Q

A technician has replaced the Internet gateway router, and now no users can reach the Internet. The technician can ping the router Ethernet port but not the ISP’s router IP address. Which of the following is the MOST likely problem?

A. Faulty crossover cable
B. DNS server is down
C. Switching loop
D. Outside interface shutdown

Answer

A

D. Outside interface shutdown

Question 64

Q

Which of the following commands will display the associated IP address of a network adapter in Windows and Linux environments? (Select TWO).

A. dig
B. nslookup
C. nbstat
D. ifconfig
E. ipconfig

Answer

A

D. ifconfig

E. ipconfig

Answer 56

A

D. 3ffe:1900:4545:3:200:f8ff:fe21:67cf

Answer 57

A

D. AllowICMP to pass through the Router

Answer 58

A

B. Content filter

Answer 59

A

C. Implicit deny is blocking all traffic.

Answer 60

A

B. Network

Answer 61

A

A. Determine if anything has changed

Answer 62

A

C. Private

Answer 63

A

B. Protocol analyzer

Answer 64

A

D. 802.1x

Answer 65

A

A. Whaling

Answer 66

A

D. Packet sniffing

Answer 67

A

A. Anti-spam

Answer 68

A

A. Mandatory access control

Answer 69

A

B. Identification

Answer 70

A

D. Individual accountability

Brainscape's Knowledge GenomeTM

TEST 3 Flashcards

Brainscape's Knowledge Genome^TM