Test 5

Question 1

501. Company policy dictates that full backups are taken every Sunday evening, and incremental backups occur Monday through Saturday in the evening. If data loss were to occur on a Thursday before the backup window, which of the following is the number of backup sets that would be needed to retrieve the lost data come
     Friday morning?

A. 1
B. 2
C. 3
D. 4
E. 5

Answer 1

C. 3
or
D. 4

Need Sunday, full back up anyway, that’s 1,
Monday then Tuesday incremental backups, that’s now 3. That’s where it stops because Wednesdays backup wouldn’t be included because Thursdays backup never ran! Remember how incremental works, Backs up data from what has changed from the previous day, so there is no backup from Wednesday as Thursday’s hasn’t run yet.

Question 2

502. A network technician is setting up a new web server on the company network. One of the requirements for the web server is to ensure the end users can securely authenticate to the application to perform their job duties. Which of the following ports should the network technician request from the firewall team to comply with this requirement?

A. 22
B. 69
C. 80
D. 389
E. 443

Answer 2

E. 443

E. 443 - is correct
note LDAP tcp/389 is not secure
LDAPS (LDAP Secure) - tcp/636

web server + securely authenticate….I guess they are the keywords. Therefore, 443 = HTTPS

Question 3

503. The network team at a university, which has on-campus residences, recently expanded the WiFi offerings to the dormitories. Each dormitory houses approximately 75 students, who each have multiple wireless devices. The WLAN utilizes an intelligent wireless controller for configuration and management. While the WiFi in academic buildings continues to receive few to no complaints, dormitory complaints are on the rise. Which of the following is MOST likely causing the complaints?

A. Frequency mismatch
B. Crosstalk
C. Interference
D. Channel overlap

Answer 3

B. Crosstalk

The answer is crosstalk. CompTIA’s questions aren’t always going to have a straightforward answer. Any question that use words like, “best”, “most”, or “most likely” you have to use the process of elimination to get the correct answer. Frequency mismatch, channel overlapping and interference aren’t going to be a issue with a “intelligent” wireless controller, leaving crosstalk. This answer is basically seeing if you know the functions of a wireless controller. Yes, crosstalk seems ridiculous but this is how CompTIA format some of their questions.

Question 4

504. A companys server-naming convention is overly complicated. The systems administrator wants to change the naming convention to make it easier for users to remember which hosts they should log into. However, renaming servers is complicated and requires some downtime. Which of the following DNS record types would accomplish this goal without requiring servers to be renamed?

A. TXT
B. A
C. SRV
D. CNAME

Answer 4

D. CNAME

Question 5

505. A network technician is working on a way to set up a new branch office securely. The network manager confirms the company does not have any plans to expand to any other new sites and wants to implement the most cost-effective solution. Which of the following would be the BEST type of VPN to implement?

A. Client-to-site VPN
B. DMVPN
C. Site-to-site VPN
D. MPLS VPN

Answer 5

C. Site-to-site VPN

A site-to-site virtual private network (VPN) is a connection between two or more networks, such as a corporate network and a branch office network. Many organizations use site-to-site VPNs to leverage an internet connection for private traffic as an alternative to using private MPLS circuits.

Site-to-site VPNs are frequently used by companies with multiple offices in different geographic locations that need to access and use the corporate network on an ongoing basis. With a site-to-site VPN, a company can securely connect its corporate network with its remote offices to communicate and share resources with them as a single network.

Question 6

506. A network administrator has noticed many systems on the network have traffic that is anomalous and may be part of a botnet. The administrator wants to implement an access control method that requires a computer to have antivirus software installed before being granted network access. Which of the following should the administrator deploy?

A. 802.1X
B. Captive portal
C. Port security
D. NAC

Answer 6

D. NAC

Network Access Control is an approach to computer security that attempts to unify endpoint security technology, user or system authentication and network security enforcement.

Question 7

507. A network technician is reviewing the following output from a router:

SCR IP SCR PORT DEST IP DEST PORT

Which of the following is this an example of?

A. A vulnerability scan
B. A port scan
C. A traffic log
D. A packet capture

Answer 7

C. A traffic log

Question 8

508. A user claims to have no Internet access but can access local resources. A technician determines the issue is with a configuration because a ping to a working public website shows a response that starts with:
     Ping request could not find host
     Which of the following is the MOST likely misconfiguration?

A. Incorrect netmask
B. DNS
C. DHCP
D. SSL certificate

Answer 8

B. DNS

Question 9

509. A network engineer wants to implement a technology that allows for an all-in-one approach to incoming and outgoing traffic from the Internet. This device should be able to filter content and scan for malicious information in each packet. Which of the following types of devices would be necessary?

A. UTM appliance
B. IDS appliance
C. Proxy server
D. RADIUS server

Answer 9

A. UTM appliance

Unified threat management. A UTM appliance is a hardware device that plugs in to your organization’s network at the network perimeter. It serves as a gateway onto your corporate network, providing all the security services you need to protect your network from malware, unauthorized intrusion, and other security risks.

Question 10

510. An attacker has inserted a hub into a trunk link on the local network in an attempt to access the management subnet to attack the networking devices. Which of the following attacks can be used on a trunk link to provide access to the management subnet?

A. Brute force
B. VLAN hopping
C. Evil twin
D. DNS poisoning

Answer 10

B. VLAN hopping

VLAN hopping is a computer security exploit, a method of attacking networked resources on a virtual LAN. The basic concept behind all VLAN hopping attacks is for an attacking host on a VLAN to gain access to traffic on other VLANs that would normally not be accessible.

Question 11

511. A developer has asked a network engineer for a small network segment of five computers connected via a Layer 1 device, configured in a star topology, and segregated from the corporate network. Which of the following would BEST fulfill the developers request?

A. Connect the five PCs to a hub that is not connected to the corporate network.
B. Connect the five PCs to a switching router and assign the PCs to a separate VLAN.
C. Connect the five PCs to a hardware firewall that is connected to the router.
D. Connect the five PCs to a switch and configure the ports with implicit deny ACLs for outbound traffic.

Answer 11

A. Connect the five PCs to a hub that is not connected to the corporate network.

connected via a Layer 1 device = HUB

Question 12

512. A network engineer wants to change how employees authenticate to the wireless network. Rather than providing a pre-shared key, the engineer wants employees to be able to authenticate with the same unique company user ID and password they use for accessing other services, such as email and document sharing. The engineer also wants to receive daily reports of login attempts on the wireless network. Which of the following should be installed to achieve this goal?

A. LDAP server
B. UTM appliance
C. Multilayer switch
D. AAA/RADIUS server

Answer 12

D. AAA/RADIUS server

Question 13

513. Which of the following provides information about how often some devices fail so the IT department can take proactive measures?

A. MTBF
B. MTTR
C. SLA
D. UPS

Answer 13

A. MTBF

MTBF -> mean time between failure
MTTR -> mean time to resolve

Question 14

514. Which of the following additional capabilities does a next generation firewall provide beyond a standard network firewall? (Choose two.)

A. Application control
B. User identification
C. Network address translation
D. Virtual private networking
E. High availability
F. Access control rules

Answer 14

A. Application control

B. User identification

Question 15

515. First thing on Monday morning, after a maintenance weekend, the help desk receives many calls that no one can access the Internet. Which of the following types of documentation should the on-call network administrator consult FIRST?

A. Firewall configuration documentation
B. Change management documentation
C. Network performance baseline
D. Logical diagram

Answer 15

B. Change management documentation

Question 16

514. Which of the following additional capabilities does a next generation firewall provide beyond a standard network firewall? (Choose two.)

A. Application control
B. User identification
C. Network address translation
D. Virtual private networking
E. High availability
F. Access control rules

Answer 16

A. Application control

B. User identification

Question 17

517. A network team at a large company has received funding for a WiFi refresh. One of the requirements in the RFP is the new WLAN infrastructure must provide APs that support multiple streams of information at the same time. For which of the following WiFi features is the network team looking?

A. MU-MIMO
B. MIMO
C. Channel bonding
D. TDM
E. Automatic channel selection

Answer 17

A. MU-MIMO

Question 18

518. Multiple users are experiencing slow performance when downloading large files from a specific site. Which of the following should the technician do to check the connection to the external site?

A. Check the latency by running a continuous ping to the site.
B. Perform the ipconfig/flushdns command on the affected users PCs.
C. Run a speedtest from a users PC to a site on the Internet.
D. Verify if there is MTU mismatch in the path to the site.

Answer 18

A. Check the latency by running a continuous ping to the site.

Using the “Ping” command via the command prompt can be used as a diagnostic tool to test the communication path between a computer and another network device. The simple “Ping” command sends out four data packets when set to default. However, running the continuous ping command (e.g., ping -t) over time, rather than the default four packets, could better troubleshoot connectivity issues.

I originally thought (C) may be the correct answer. However, upon carefully reading answer (C), it states that a speed test is executed to “a site” on the Internet, which is not necessarily the “specific site” mentioned in the question. So, (C) is not correct. Neither are (B) and (D). Therefore, using the time-honoured process of elimination, that only leaves answer (A) which I suspect is the correct answer after all.

Question 19

519. A user has reported an issue with wireless VoIP phones dropping calls during business hours. When working late or in the evenings, the user does not experience call drops. When the network technician investigates the issue, all WAPs have balanced the number of connections evenly and are not dropping off the network.
     The network technician connects to the wireless network in the users office and starts a continuous ping to an external server. The results show a drastic and varied response time for each packet. Which of the following is the MOST likely cause of the dropped calls?

A. No QoS configured on the network
B. Signal-to-noise ratio
C. Interference from the microwave in the breakroom
D. Rogue AP installed in the office

Answer 19

B. Signal-to-noise ratio

The tech uses Ping and the packets arrive with random latency, so it is not a problem of QoS (since ICMP packets don’t get priority) that means that in general packets arrive in a random way because of an outside disturbanca that is caused by interference (SNR).
Answers are not great…if interference was there (or is it was saying low SNR ) then it would be more clear.

Question 20

520. Which of the following components can be used to manage network traffic to all nodes in a hypervisor?

A. Virtual switch
B. Virtual NIC
C. Media converter
D. Load balancer
E. Multilayer switch

Answer 20

A. Virtual switch

Question 21

521. A network technician is investigating reports of blocked downloads from a firewall. Which of the following should be used to determine which protocols are being blocked?

A. Ping
B. Log review
C. Vulnerability scans
D. Alerts

Answer 21

B. Log review

Question 22

522. Which of the following IPv6 transition methods requires all network devices to support IPv4 and IPv6?

A. 6to4
B. Teredo
C. ISATAP
D. Dual stack

Answer 22

D. Dual stack

Question 23

523. A network administrator is configuring a new Internet connection. The ISP provided a fiber-optic handoff, but the companys firewall only supports copper Ethernet interfaces. The administrator wants to connect the devices as easily as possible. Which of the following would be the BEST way to provide the connectivity needed?

A. Bridge
B. Router
C. Multilayer switch
D. Media converter

Answer 23

D. Media converter

Question 24

524. A network technician is responding to a users trouble ticket. After replacing the network patch cable with a longer cable, the user is no longer connecting to the network. The network administrator tests the patch cable with a tester and confirms the cable is not faulty. Which of the following is the issue with the newly installed cable?

A. The user ordered Cat5e cable instead of Cat3.
B. A crossover cable was installed.
C. The total cable run exceeds the maximum distance.
D. There is a network speed mismatch between the computer and the switch.

Answer 24

C. The total cable run exceeds the maximum distance.

Im guessing because the question states the connection was tested is why answer B is eliminated. The other answers don’t apply, so, assuming the “longer” cable exceed the maximum length is the correct answer.

Question 25

525. A brokerage firm requires high-speed network connectivity between several buildings in the financial district. Which of the following topologies would BEST meet this requirement?

A. PAN
B. WLAN
C. SAN
D. MAN

Answer 25

D. MAN

Question 26

526. Which of the following is a policy that communicates the guidelines for connecting personal employee devices to the corporate network?

A. Remote access
B. NDA
C. SLA
D. BYOD
E. Incident response

Answer 26

D. BYOD

Question 27

527. A security administrator wants to implement the ability to prevent an authorized user from tailgating into the office building. Which of the following should be implemented?

A. Badge reader
B. Bluetooth reader
C. Cipher lock
D. Mantrap

Answer 27

D. Mantrap

Question 28

528. A network manager notices several outages have occurred due to modifications that were made without being properly tested. Which of the following will the network manager MOST likely implement to prevent future occurrences?

A. Logical diagram
B. Change management
C. IDF documentation
D. Configuration baseline

Answer 28

B. Change management

Question 29

529. Due to an increase in wireless demand, 50 additional access points were installed as part of an expansion project. Each device was configured and managed separately, working with its own configuration. Which of the following network devices would assist the network team with reducing complexity and enforcing policies on the WLAN?

A. Wireless controller
B. Wireless range extender
C. Wireless load balancer
D. Wireless analyzer

Answer 29

A. Wireless controller

Question 30

530. Joe, a user, reports intermittent connectivity issues, but a technician notices that the only time Joe has issues is when he is logged into the database. Losing connection after authenticating to a database, but still having access to network resources such as file/print services and email, would MOST likely be caused by:

A. an incorrect DHCP gateway setting
B. a duplicate IP address
C. NTP synchronization
D. ACL configuration

Answer 30

D. ACL configuration

Correct is Access Control Lists (ACLs) since it Deny or permit traffic

Question 31

531. A server rack was moved from one floor to another. The network engineer needs to determine what physical changes to make on the network to ensure the server rack has connectivity. Which of the following should the network engineer consult?

A. Standard operating procedures
B. Wiring diagram
C. Inventory documentation
D. Network baseline

Answer 31

B. Wiring diagram

because he’ll have to rewire the rack again after changing its place

Question 32

532. An email server, which is called Frederick, has an IPv6 address of 2001::5689:23:ABCD:6A, but most users call it Fred for short. Which of the following DNS entries is needed so the alias Fred can also be used?

A. MX
B. AAAA
C. SRV
D. CNAME
E. TXT
F. NS

Answer 32

D. CNAME

Question 33

533. A network administrator needs to be able to burst datacenter capacity during peak times, but does not want to pay for on-premises hardware that is not used during off-peak times. Which of the following would aid in this scenario?

A. Public cloud
B. SaaS
C. PaaS
D. Hybrid cloud

Answer 33

C. PaaS

PaaS advantages
Other advantages include the following:

Cost Effective: No need to purchase hardware or pay expenses during downtime
Time Savings: No need to spend time setting up/maintaining the core stack
Speed to Market: Speed up the creation of apps
Future-Proof: Access to state-of-the-art data center, hardware and operating systems
Increase Security: PaaS providers invest heavily in security technology and expertise
Dynamically Scale: Rapidly add capacity in peak times and scale down as needed
Custom Solutions: Operational tools in place so developers can create custom software
Flexibility: Allows employees to log in and work on applications from anywhere.

Question 34

534. A user wants to secure a network closet and be able to tell if anyone makes changes in the closet. Which of the following would be the BEST detective physical security devices in this situation? (Choose two.)

A. Anti-tampering
B. Badges
C. Door locks
D. Key fob
E. Motion detection
F. Video surveillance

Answer 34

A. Anti-tampering
F. Video surveillance

Tamper and Video seem the best answers to me based mostly on the wording of the question: “to tell if anyone makes changes in the closet”. Tamper tells you if changes were made and video tells you who/how/when.

Question 35

535. A network technician needs to subnet the network. The marketing department has 28 devices. Which of the following private IP address spaces should be used to ensure the MINIMUM number of unused IP addresses?

A. Gateway: 10.10.10.1 Netmask: 255.255.255.192
B. Gateway: 172.15.18.128 Netmask: 255.255.255.224
C. Gateway: 192.168.1.97 Netmask: 255.255.255.224
D. Gateway: 224.102.113.65 Netmask: 255.255.255.192

Answer 35

C. Gateway: 192.168.1.97 Netmask: 255.255.255.224

private IP address is the clue.

Question 36

536. A company has experienced a major security breach. Which of the following should the network administrator reference to determine the next steps?

A. Non-disclosure policy
B. Data loss prevention policy
C. Acceptable use policy
D. Incident response policy

Answer 36

D. Incident response policy

Question 37

537. A technician restored network connectivity on a users laptop. After validating full system functionality, which of the following steps should the technician take
     NEXT?

A. Duplicate the problem, if possible
B. Determine if anything has changed
C. Test the theory to determine the cause
D. Document the findings, actions, and outcomes

Answer 37

D. Document the findings, actions, and outcomes

Question 38

538. Which of the following is an IPv6 transition mechanism in which network devices utilize IPv4 and IPv6 at the same time?

A. 6to4
B. ISATAP
C. Teredo
D. Dual stack

Answer 38

D. Dual stack

Question 39

539. Which of the following protocols operates at Layer 4 of the OSI model?

A. TCP
B. ARP
C. IMAP
D. POP3

Answer 39

A. TCP

Question 40

540. In the past, users brought personal laptops to the office to bypass some of the security protocols on their desktops. Due to new security initiatives, management has asked that users not be allowed to attach personal devices to the network. Which of the following should a technician use to BEST meet this goal?

A. Shut down unused ports on switches
B. Upgrade firmware on network devices
C. Allow only secure protocols on the network
D. Disable unnecessary services

Answer 40

C. Allow only secure protocols on the network

A. Shut down unused ports on switches (Users can connect wirelessly and donot need a ethernet connection so this option is kind of useless)
B. Upgrade firmware on network devices (It won’t help)
C. Allow only secure protocols on the network (This is the only option left)
D. Disable unnecessary services (It won’t help)

I would go for “C” because other options will not help in this scenario.

Question 41

541. A technician is installing a SOHO router. Which of the following should be performed on every installation and periodically maintained to prevent unauthorized access? (Choose two.)

A. Disable remote management
B. Update the router firmware
C. Disable port forwarding
D. Use complex passwords
E. Disable the SSID broadcast

Answer 41

B. Update the router firmware

D. Use complex passwords

Question 42

542. A network analyst is providing access to an FTP server that stores files that are needed by external contractors who are working on a project. In which of the following network locations should the FTP server be placed to achieve the MOST secure environment?

A. DMZ network
B. Server network
C. External network
D. Internal network

Answer 42

D. Internal network

Question 43

543. A company is contracting a new third-party organization that will handle storage of the companys critical data. Which of the following policies would ensure the data remains confidential?

A. SLA
B. NDA
C. MOU
D. BYOD

Answer 43

B. NDA

Non-disclosure agreement

Question 44

544. A technician must install and configure a network device in a building with 20 classrooms. Each room must be on a separate subnet and should not be able to see traffic from other subnets. Which of the following is the MOST cost-effective solution?

A. A switch with VLANs created for each segment
B. A router with interfaces connected to a switch in each room
C. A VoIP endpoint connected to a hub for each network
D. A firewall with DHCP pools for each subnet

Answer 44

A. A switch with VLANs created for each segment

Question 45

545. Which of the following WAN transmission mediums is the fastest and can travel the longest distance?

A. Satellite
B. Copper
C. Wireless
D. Fiber

Answer 45

D. Fiber

Question 46

546. The process of grouping network interfaces together to increase throughput is called:

A. VLAN tagging
B. load balancing
C. port aggregation
D. fault tolerance

Answer 46

C. port aggregation

Question 47

547. Which of the following is used to purposely attack a system to exploit vulnerabilities?

A. Honeypot
B. Vulnerability scan
C. Device hardening
D. Penetration testing

Answer 47

D. Penetration testing

Question 48

548. A network technician is adding a 10/100 switch with RJ45 connectors to the company network to accommodate new computers being added to a network segment. There is no auto-MDIX port on the switch that needs to be connected to the existing switch on the segment. Which of the following should the technician use to make the connection?

A. An RG-59 cable with BNC connectors
B. A multi-mode fiber cable
C. A straight-through Cat5 UTP cable
D. A cable with TIA/EIA 568a and 568b on each end

Answer 48

D. A cable with TIA/EIA 568a and 568b on each end

Question 49

549. A company must create a way for partners to access a web portal to update documents for a project. This should be done only via web browser in a transparent way for the users. Which of the following should be used?

A. Site-to-site connection
B. SSL VPN
C. GRE tunnel
D. VNC

Answer 49

B. SSL VPN

Question 50

550. A network technician needs to install the latest firmware on the switch to address a recently discovered vulnerability. Which of the following should the technician do to have a rollback plan in case of issues with the new firmware? (Choose two.)

A. Label the switch with IP address and firmware version
B. Draw the switchport diagram
C. Create a change management document
D. Draw the network rack logical diagram
E. Confirm standard operating procedures documentation
F. Create a performance baseline of the switch

Answer 50

C. Create a change management document
F. Create a performance baseline of the switch

C. Change management

Question 51

551. Which of the following statements about the OSI model is true?

A. The application layer does not need to know what type of network is being used because that is dealt with by a layer below it.
B. The network layer deals with the network cabling and network device interface compatibility.
C. The transport layer deals with how the data is transported from one router to another based on the IP header.
D. The model consists of four layers that describe the requirements a technician follows to troubleshoot and support a network.

Answer 51

A. The application layer does not need to know what type of network is being used because that is dealt with by a layer below it.

Question 52

552. Which of the following storage connection types should be used to allow the consolidation of the physical connections for SAN and LAN in just one Layer 2 protocol?

A. Fibre Channel
B. SCSI
C. T1/E1
D. FCoE

Answer 52

D. FCoE

Fiber Channel protocol over Ethernet(Layer 2). It encapsulates FiberChannel protocol so that it can be transmitted over Ethernet without IP address(Layer3)

Question 53

553. A network administrator is securing the wireless network in a multitenant building. The network uses a passphrase for authentication so it is easy to allow guests onto the wireless network, but management would like to prevent users from outside the office space from accessing the network. Which of the following security mechanisms would BEST meet this requirement?

A. MAC filtering
B. WPA-PSK
C. 802.1X
D. Geofencing

Answer 53

D. Geofencing

Geofencing uses GPS to track devices. If a device is outside of the office it would not be able to authenticate into the wireless network.

Here is the key”management would like to prevent users from outside the office space from accessing the network”. It means management does not want to prevent access to network.instead it wants to prevent users from outside the office space.Hence Geofencing would work the best .

Question 54

554. A technician is asked to provide centralized SSID management across the entire WAN. The BEST solution would be to:

A. use a configuration management server
B. configure a multilayer switch
C. install a wireless controller
D. use a proxy server

Answer 54

C. install a wireless controller

Question 55

555. A network technician is coordinating the upgrade of the companys WAP firmware with all the remote locations. The company has occasionally experienced errors when transferring large files to some of the remote offices. Which of the following should be used to ensure files arrive without modifications?

A. File hash
B. Encryption
C. FCS
D. Compression

Answer 55

A. File hash

Question 56

556. A network administrator needs to implement a new IP subnet containing 29 hosts. It is possible that the number of hosts in that subnet could eventually double.
     The company only has a single, unused public IP network left to work with: 164.10.12.0/24. Which of the following would be the BEST way to divide this network without wasting addresses?

A. 164.10.12.0/24
B. 164.10.12.64/29
C. 164.10.12.128/26
D. 164.10.12.191/28

Answer 56

C. 164.10.12.128/26

The question states “It is possible that the number of hosts in that subnet could eventually double.” So, you have to allow for as many as 58 hosts. The four possible /26 networks/subnets, beginning at 164.10.12.0 would be:
164.10.12.0/26
164.10.12.64/26
164.10.12.128/26
164.10.12.192/26
Each with 62 usable host addresses - just what you need.

Question 57

557. A network technician is reviewing the company phone system to make the necessary changes to a firewall configuration. Which of the following protocols are used in VoIP communication? (Choose two.)

A. SIP
B. NTP
C. H.323
D. SNMP
E. IMAP
F. SMB
G. CSMA

Answer 57

A. SIP

C. H.323

Question 58

558. A school is implementing a wireless network and wants to ensure there is adequate coverage. The gymnasium has thick cinder-block walls, and there are several offices adjacent to it. Which of the following should the network technician recommend to ensure full coverage while minimizing the total number of APs purchased?

A. Deploy two APs to the gymnasium with the maximum power level transmitting to cover the adjacent offices.
B. Deploy a single AP to each adjacent office set to transmit at maximum power.
C. Use a high-gain antenna on the AP in the gymnasium and install an AP in every other adjacent office.
D. Use a spectrum analyzer to generate a heat map of the gymnasium to pinpoint AP placement.

Answer 58

D. Use a spectrum analyzer to generate a heat map of the gymnasium to pinpoint AP placement.

Question 59

559. Which of the following BEST describe the differences between an IDS and an IPS? (Choose two.)

A. An IDS will detect traffic anomalies and a predefined signature pattern, alert and log them, and allow them through the network.
B. An IDS will detect traffic anomalies, alert and log them, and block the traffic.
C. An IDS will detect previously unknown traffic anomalies, alert and log them, and block the traffic.
D. An IPS will detect traffic anomalies, alert and log them, and allow them through the network.
E. An IPS will detect previously unknown traffic signatures, and alert and log them.
F. An IPS will detect traffic anomalies and a predefined signature pattern, alert and log them, and block the traffic.

Answer 59

A. An IDS will detect traffic anomalies and a predefined signature pattern, alert and log them, and allow them through the network.
F. An IPS will detect traffic anomalies and a predefined signature pattern, alert and log them, and block the traffic.

Question 60

560. A technician is required to install a new DOCSIS-based Internet connection. Which of the following medium types does this use?

A. Cat6a
B. RG-6
C. UTP
D. Multimode
E. Single mode

Answer 60

B. RG-6

The RG-6 is primarily used for cable and satellite signal transmission for residential or commercial installations. This coax cable is thin and easy to bend for wall or ceiling installations and remains the preferred choice to relay cable television signals.

Question 61

561. HOTSPOT - SIM QUESTION
Corporate headquarters provided your office a portion of their class B subnet to use at a new office location.

Range Given: 172.30.232.0/24 -
✑ Sales 57 devices
✑ HR 23 devices
✑ IT 12 devices
✑ Finance 32 devices
✑ Marketing 9 devices

INSTRUCTIONS -
Allocate the minimum number of addresses (using CIDR notation) needed to accommodate each department.
After accommodating each department, identify the unused portion of the subnet by responding to the question on the graphic.
All drop downs must be filled.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer 61

Sales network /26 This will provide up to 62 usable IP addresses (64-2 for subnet and broadcast IP)

HR network /27 This will provide for up to 30 usable IP (32-2)

IT - /28 This will provide for up to 14 usable IPs (16-2)

Finance - /26 Note that a /27 is 32 IP addresses but 2 of those are reserved for the network and broadcast IPs and cant be used for hosts.

Marketing - /28 -
If we add up how many IP blocks are used that is 64+32+16+64+16=192.

A /24 contains 256 IP addresses, so 256-192=64.
So the last unused box should be a /26, which equates to 64 addresses

Question 62

562. SIMULATION -
     You have been tasked with setting up a wireless network in an office. The network will consist of 3 Access Points and a single switch. The network must meet the following parameters:
     ✑ The SSIDs need to be configured as CorpNet with a key of S3cr3t!
     ✑ The wireless signals should not interfere with each other.
     ✑ The subnet the Access Points and switch are on should only support 30 devices maximum.
     ✑ The Access Points should be configured to only support TKIP clients at a maximum speed.

INSTRUCTIONS -
Click on the devices to review their information and adjust the settings of the APs to meet the given requirements.
If any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer 62

Correct Answer: See explanation below.
On the first exhibit, the layout should be as follows

Access Point Name AP1 -

IP Address 192.168.1.3 -

Gateway 192.168.1.2 -

SSID corpnet -

SSID Broadcast yes -

Mode G -

Channel 1 -

Speed Auto -

Duplex Auto -

WPA -
Passphrase S3cr3t!

Exhibit 2 as follows -

Access Point Name AP2 -

IP Address 192.168.1.4 -

Gateway 192.168.1.2 -

SSID corpnet -

SSID Broadcast yes -

Mode G -

Channel 6 -

Speed Auto -

Duplex Auto -

WPA -
Passphrase S3cr3t!

Exhibit 3 as follows -

Access Point Name AP3 -

IP Address 192.168.1.5 -

Gateway 192.168.1.2 -

SSID corpnet -

SSID Broadcast yes -

Mode G -

Channel 11 -

Speed Auto -

Duplex Auto -

WPA -
Passphrase S3cr3t!

Question 63

563. SIMULATION -
     After recent changes to the pictured network, several users are unable to access the servers. Only PC1, PC2, PC3, and PC4 are clickable and will give you access to the command prompt and the adapter configuration tabs.

INSTRUCTIONS -
Verify the settings by using the command prompt, after making any system changes.
Next, restore connectivity by making the appropriate changes to the infrastructure.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer 63

Correct Answer: See explanation below.
On PC3, change the subnet mask to 255.255.255.0. When it is set to 255.255.255.128, then the PC with a .129 address will not be on the same subnet as the default gateway which is .1 On PC4, change the default gateway to 10.0.2.1. It has been incorrectly set as 10.1.2.1.

Question 64

564. While reviewing switch logs, a network analyst notices many failed logon attempts followed by a successful logon from an unknown IP address. Which of the following hardening techniques should be utilized to prevent unauthorized access?

A. Avoiding common passwords
B. File hashing
C. Disabling unused IP ports
D. Using secure protocols

Answer 64

A. Avoiding common passwords

Question 65

565. A small business utilizes a SOHO router and wishes to secure its existing wireless infrastructure. The business has fewer than ten devices, which are a mixture of old and new machines. Due to the varying ages of the machines, the latest wireless encryption methods may not be supported on all devices. Which of the following would be the MOST cost-effective method to add a layer of security while allowing all machines to connect?

A. WPA2
B. EAP-FAST
C. MAC filtering
D. 802.1X

Answer 65

A. WPA2

WPA2 is backward compatible to wireless legacy devices. Also, WPA2 has an encryption that uses either of 64 or 128 bit. Unlike Mac Filtering it uses only 48 bit that can be easily hacked through brute force attack.

Question 66

566. Which of the following routing conventions is known as a link-state protocol?

A. RIP
B. BGP
C. EIGRP
D. OSPF

Answer 66

D. OSPF

Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol (IGP).

Question 67

567. A technician is making the population of routers more secure. Which of the following are the BEST options for making authentication more secure? (Choose two.)

A. Add a login banner.
B. Disable unused services.
C. Upgrade the firmware.
D. Disable Telnet.
E. Implement AAA.
F. Disable SSH.

Answer 67

D. Disable Telnet.

E. Implement AAA.

Question 68

568. A network administrator has signed up for service with a new ISP. The administrator was given the IP address of 172.17.10.254/30 to use on the external interface of the Internet-facing router. However, the network administrator cannot reach the Internet using that address. Which of the following is the MOST likely explanation?

A. The address provided by the ISP has a mask that is too small to be used and needs a larger mask.
B. The address provided by the ISP is a private IP address space and is not routable on the Internet.
C. The address provided by the ISP is the wrong one; they should be using 172.17.10.252/30.
D. The address provided by the ISP is part of the reserved loopback address space and cannot be used.

Answer 68

B. The address provided by the ISP is a private IP address space and is not routable on the Internet.

The organizations that distribute IP addresses to the world reserves a range of IP addresses for private networks.

192. 168.0.0 - 192.168.255.255 (65,536 IP addresses)
193. 16.0.0 - 172.31.255.255 (1,048,576 IP addresses)
194. 0.0.0 - 10.255.255.255 (16,777,216 IP addresses)

Question 69

569. A technician is installing six PCs and six VoIP telephones on a small office LAN. The VoIP telephones require QoS to be configured for proper operation. The customer router does not have QoS capability. Which of the following network devices should the technician purchase and install at this office?

A. Managed PoE switch
B. Load balancer
C. Layer 3 switch
D. Unmanaged PoE switch

Answer 69

A. Managed PoE switch

Question 70

570. A company deploys many workers in the field who remotely access files from a server at headquarters. Leadership is concerned about the risks posed when field workers update these files from unsecured networks. Which of the following policy changes can the company make to MOST improve the confidentiality of connections when connecting remotely? (Choose two.)

A. Implement SSL VPN connections from the remote devices to headquarters.
B. Change file access protocols from SFTP to FTP on the remote devices.
C. Utilize HTTPS to access the company intranet from remote devices.
D. Configure WPA2 on the wireless networks at headquarters.
E. Configure IMAP over port 143 for email access on remote devices.

Answer 70

A. Implement SSL VPN connections from the remote devices to headquarters.
C. Utilize HTTPS to access the company intranet from remote devices.

Question 71

571. A manufacturing company has signed an agreement with another company to collaborate on an upcoming project. Both companies require secure and persistent access to resources on each other’s networks. Which of the following remote access technologies should the companies implement to satisfy their requirements?

A. Out-of-band management
B. Site-to-site VPN
C. DMZ networks
D. SFTP site

Answer 71

B. Site-to-site VPN

Question 72

572. A security administrator wants to implement the ability to prevent an unauthorized user from tailgating into the office building. Which of the following should be implemented?

A. Badge reader
B. Bluetooth reader
C. Cipher lock
D. Mantrap

Answer 72

D. Mantrap

Question 73

573. Joe, a technician, was able to copy data at a site with no network equipment between two new laptops, featuring gigabit Ethernet ports, by using a regular straight- through patch cable. Joe then unsuccessfully tried to accomplish the same thing at a different site from his laptop with a gigabit Ethernet port to an older customer unit, which had a 10/100 network port. Which of the following is the cause of this?

A. The customer’s laptop does not support auto-MDIX.
B. Joe’s laptop does not support auto-MDIX.
C. Straight-through patch cables are prone to crosstalk.
D. The customer’s laptop NIC does not support full duplex.

Answer 73

A. The customer’s laptop does not support auto-MDIX.

Question 74

574. A network engineer has connected the storefront with the maintenance shed on the other side of a golf course using 802.11 wireless bridges and omnidirectional antennas. However, the signal strength is too weak. Which of the following is the MOST efficient and cost-effective solution to solve the issue?

A. Replace the omnidirectional antennas with unidirectional antennas.
B. Put protective enclosures around the omnidirectional antennas to prevent damage from golf balls.
C. Replace the 802.11 wireless standard and use GSM instead.
D. Replace the wireless bridges with wireless routers.

Answer 74

A. Replace the omnidirectional antennas with unidirectional antennas.

Question 75

575. Which of the following would block access to an untagged port when connected to a Layer 2 device?

A. BPDU guard
B. Spanning tree
C. Flood guard
D. Root guard

Answer 75

B. Spanning tree

A, B and D are relative to a redundant network implemented through STP. Flood Guard purpose is to block access just based on the MAC Address available on the new access. BPDU is a feature of STP

Question 76

576. Which of the following OSI layers contains the LLC function?

A. Network
B. Data link
C. Session
D. Transport

Answer 76

B. Data link

In the IEEE 802 reference model of computer networking, the logical link control (LLC) data communication protocol layer is the upper sublayer of the data link layer (layer 2) of the seven-layer OSI model.

LLC and MAC addresses are in layer 2.
LLC Logical Link Control is the interface between MAC sublayer and layer 3.

Question 77

577. Which of the following BEST describes the RADIUS authentication service protocol?

A. A protocol that sends passwords to the authentication server
B. A protocol that sends encrypted tickets from the authentication server
C. A protocol that sends X.500 service requests to the authentication server
D. A protocol that sends configuration information from the authentication server

Answer 77

D. A protocol that sends configuration information from the authentication server.

RADIUS typically sends config information back to the client. RADIUS carries authentication from a Network Access Server (NAS) to a AAA server. When the authentication request is sent to a AAA server, the AAA client expects to have the
authorization result (config) sent back in reply

Question 78

578. A company needs a secure way to provide building blueprints to an engineering partner frequently. The Chief Information Officer (CIO) states that a secure protocol must be used for transfer, and the partner needs to initiate a secure connection to the company’s router. Which of the following would BEST meet the requirements? (Choose two.)

A. Site-to-site VPN
B. Client-to-site VPN
C. RDP
D. SSH
E. SFTP
F. Captive portal

Answer 78

B. Client-to-site VPN
E. SFTP

In a Client-to-Site Virtual Private Network (VPN) connection, clients from the Internet can connect to the server to access the corporate network or Local Area Network (LAN) behind the server but still maintains the security of the network and its resources.
SSH is used for connecting to a device securely , secure form of tenet, while SFTP is secure File transfer protocol to transfer files securely.

Question 79

579. A network technician is installing a new PTZ camera for the security department. The camera is capable of being powered via the Ethernet cable, but it is not powering on. The network technician has tested the cable and received positive results. Which of the following is MOST likely the issue?

A. The camera requires PoE+, but the switch is delivering only PoE.
B. A straight-through cable is being used, but the camera requires a crossover cable.
C. The camera is configured for the wrong segmented network.
D. The cable has a bad pinout and needs to be reterminated.

Answer 79

A. The camera requires PoE+, but the switch is delivering only PoE.

PoE is 802.3af, while PoE+ is 802.3at. Currently, the max amount of power provided over Cat5 cabling is 15.4 watts for PoE and 25.5 watts for PoE+

Question 80

580. A network technician attempts to limit access to a wireless network by using WPA2 and a pre-shared key; however, employees have been sharing this key with others. Which of the following methods should the technician configure on the wireless access point to ensure only corporate systems can connect using the least amount of effort?

A. RADIUS
B. EAP-TLS
C. Port security
D. MAC filtering

Answer 80

D. MAC filtering

I think the key is “least amount of effort”, surely you have an inventory list of corporate devices and their mac addresses, so import that list into the mac filter and voilà!, then i go with D.

Question 81

581. A technician purchasing equipment for a company has determined that several new employees will require new wired workstations. Which of the following is the network technician likely to recommend to add the employees to the existing infrastructure?

A. Bridge
B. WAP
C. Hub
D. Switch

Answer 81

D. Switch

Question 82

582. Which of the following would be BEST for continually monitoring and alerting of possible attacks on a network?

A. Conducting daily vulnerability scans
B. Performing daily port scans
C. Utilizing a protocol analyzer
D. Using a SIEM
E. Reviewing daily logs

Answer 82

D. Using a SIEM

Question 83

583. A home user has contacted the help desk to transfer files from an old smartphone to a new one. The help desk analyst informs the home user this can be completed using Bluetooth. Which of the following types of topologies is this called?

A. PAN
B. LAN
C. SAN
D. WAN

Answer 83

A. PAN

Question 84

584. A technician installed a new fiber optic cable to connect two sites. Although there is a link light on the port at each site, the customer reports traffic is dropping intermittently. Which of the following should the technician do NEXT to troubleshoot the issue?

A. Check the interfaces for CRC errors.
B. Check for a VLAN mismatch.
C. Check for a TX/RX reverse on the connector.
D. Check that the pinout is correct.

Answer 84

A. Check the interfaces for CRC errors.

Cyclic Redundancy Check (CRC) Error indicates when data is corrupted. Calculating from all data, CRC validates packets of information sent by devices and verifies it against the data extracted, ensuring its accuracy.

Question 85

585. A new technician has been tasked with checking the status of a switchport. The technician needs to find the information quickly without the use of command-line utilities. Which of the following remote management methods would help the technician?

A. SSH
B. VNC
C. RDP
D. HTTPS

Answer 85

A. SSH

I think I found why SSH is the solution:
Some command-line tools require the user to have administrator-level privileges on source and/or target computers.

arp
ipconfig
ping
tracert
pathping
netstat
nbtstat

So all of the above are examples of command line utilities. You don’t need these to get port information on a switch. You need ssh to get into the machine and then give commands to get the information you need.

SSH is command line
Vnc is a remote viewer for desktops
Rdp is only for Windows

HTTPS will give you the GUI to the switch or router

Question 86

586. Which of the following manages the delegation of physical equipment to the virtual components?

A. Virtual router
B. Hypervisor
C. Virtual switch
D. Network card

Answer 86

B. Hypervisor

Question 87

587. Some users are reporting a high response time to access network resources after a new network router was installed. Which of the following documents should be updated every time a change is implemented on the network to have information about the metrics that represents how the network behaves during the normal scenarios?

A. Logical diagram
B. Performance baseline
C. Change management documentation
D. IDF/MDF documentation

Answer 87

C. Change management documentation

Question 88

588. A new DSL circuit was installed to replace the cable service and is not functioning. A network administrator needs to create a cable to connect the circuit. Which of the following connector types should the network administrator use on the cable?

A. RJ11
B. RJ45
C. DB-25
D. BNC

Answer 88

A. RJ11

Question 89

589. Ann, a network technician, has relocated a rack that contains the networking and server equipment from the third floor to the sixth floor. To connect the rack- mounted router to the media converter in the first-floor MDF, she extended the length of the original 197ft (60m) Cat5e cable to 395ft (120m) by attaching another
     197ft (60m) cable with an RJ45 coupler. After the move, users report intermittent connectivity to external websites, although connectivity to internal hosts has not changed. Which of the following is a network performance issue that is MOST likely causing this issue?

A. Attenuation
B. Jitter
C. Crosstalk
D. Transceiver mismatch

Answer 89

A. Attenuation

Question 90

590. A company will be hosting a large workshop for local business leaders, and management wants to provide an easy-to-connect-to guest wireless network for them to access while on site. The network will be disabled after the workshop. The current wireless network has the option to enable a segmented guest network that has not been implemented. Which of the following authentication methods should be used to make the network EASIEST for guests to access?

A. Pre-shared key
B. Open
C. EAP-TLS
D. WPA2

Answer 90

B. Open

Question 91

591. Which of the following allows for file-level network storage?

A. SAN
B. iSCSI
C. FCoE
D. NAS

Answer 91

D. NAS

NAS file-level network storage
SAN block level

Question 92

592. A network technician needs to upgrade a production Windows server to the latest service pack. In which of the following should the work plan and recovery procedure be documented?

A. IDF/MDF
B. Change management
C. SOPs
D. Inventory management

Answer 92

C. SOPs

The given answer is correct simply because of the key word that was slipped in, “Procedure”. If this word was not included, then i would definitely assume Change Management.

Question 93

593. A corporation has been the target of hackers who exploited TCP port 80. The network administrator is tasked with securing connections to the web server. Which of the following protocols should be implemented to BEST secure the web server? (Choose two.)

A. HTTPS
B. SSH
C. TLS
D. VNC
E. RDP
F. SFTP

Answer 93

A. HTTPS

C. TLS

Question 94

594. A network technician is installing a wireless solution. The solution needs to support new and legacy wireless network clients at the maximum possible speed.
     Which of the following wireless standards should the technician install?

A. 802.11a
B. 802.11ac
C. 802.11b
D. 802.11g
E. 802.11n

Answer 94

E. 802.11n

802.11n, which supports both 2.4 GHz and 5Ghz. It would be the fastest protocol that would support newer and older network clients, out of the options.

Question 95

595. A network technician needs to create separate networks for several classrooms and administrative offices. They have been provided with the network address
     192.168.1.0/24. They will need five classrooms of 25 hosts, two classrooms of 14 hosts, six admin hosts on the network, and three subnets for router connections.
     Which of the following IP concepts would need to be deployed?

A. VLSM
B. Class B private network
C. EUI-64
D. IPv6

Answer 95

A. VLSM

Variable-Length Subnet Masking (VLSM) amounts to “subnetting subnets,” which means that VLSM allows network engineers to divide an IP address space into a hierarchy of subnets of different sizes, making it possible to create subnets with very different host counts without wasting large numbers of addresses.

Question 96

596. Which of the following components acts as an intermediary device between the internal users PC and external web servers to provide caching services that save on Internet bandwidth resources?

A. Firewall
B. Proxy server
C. IDS
D. Load balancer

Answer 96

B. Proxy server

Question 97

597. Which of the following should a network administrator deploy to control all preventive security measures?

A. UTM
B. Firewall
C. IDS
D. Proxy

Answer 97

A. UTM

Question 98

598. Which of the following steps is a network technician MOST likely to take to secure a new network printer? (Choose two.)

A. Change the default credentials.
B. Disable unnecessary services.
C. Secure the physical access.
D. Generate new encryption keys.
E. Enable HTTPS access.
F. Turn on WPS.

Answer 98

A. Change the default credentials.
B. Disable unnecessary services.

When you connect your printer to the network, you have the ability to log into the printer using the default credentials so you can adjust ip information and such.
As far as disabling unnecessary services, many times printers come with features that are unneeded, so you should disable them so they cant be exploited by an attacker.

Question 99

599. A network administrator is deploying a new switch in an existing IDF. The current switch has only copper Ethernet ports available to use for the trunk ports. Which of the following cable types should the network administrator deploy?

A. Straight-through
B. Console
C. Rollover
D. Crossover

Answer 99

D. Crossover

Question 100

600.A switch is being configured for installation into a new building. The network design is such that the only DHCP server resides in the datacenter. A traditional three-layer network hierarchy is being used, and all buildings have a Layer 3 connection back to the core. Which of the following should the technician configure to get DHCP working properly in the new building?

A. The SMTP relays in the datacenter
B. The MAC address reservations
C. The IP helper address on the switch
D. The ARP forwarding on the switch

Answer 100

C. The IP helper address on the switch