Test 7

Question 1

701. A NGFW is continuously sending alerts regarding traffic from an internal database server. An old DHCP service, which was used before a dedicated server was installed, is still running on the server. Which of the following practices could have prevented this incident?

A. Preventing UDP on the host firewall
B. Enabling DHCP relay
C. Disabling unused services
D. Disabling DHCP spoofing

Answer 1

C. Disabling unused services

Question 2

702. A user is connected to the guest wireless network for a video conference with colleagues. The users computer shows a strong wireless signal, and websites seem to load without issue, but the voice and video have periods of choppiness. Which of the following would BEST identify the issue?

A. Verify the wireless capacity is not exceeded.
B. Check the signal attenuation.
C. Increase the power transmission level.
D. Adjust the antenna placement.

Answer 2

A. Verify the wireless capacity is not exceeded.

Question 3

703. An ISP technician frequently needs to administer a router remotely in the event of a configuration error or WAN outage. Which of the following technologies would facilitate the required connectivity?

A. Remote access VPN
B. Remote file access
C. Out-of-band
D. Secure Shell

Answer 3

D. Secure Shell

I believe the answer should be C Out of Band,
however, since it is a remote connection, CompTIA wants secure remote connection therefore SSH into the router to manage it

The answer IS SSH because the ISP technician is remotely configuring the device and needs secure connection to the device, the connection would already be an OOB connection, but SSH specifies that connection will be a secure one.

Question 4

704. Employees at a company report that they are unable to access the Internet. A network technician notices the workstations are receiving IP addresses that do not follow the IP addressing scheme of the corporate network. Upon further inspection, the technician finds an employee has plugged a rogue wireless router into the corporate network. Which of the following settings would have prevented this situation?

A. DHCP snooping
B. DHCP relay
C. DHCP leasing
D. DHCP options

Answer 4

A. DHCP snooping

In computer networking, DHCP snooping is a series of techniques applied to improve the security of a DHCP infrastructure. DHCP servers allocate IP addresses to clients on a LAN. DHCP snooping can be configured on LAN switches to exclude rogue DHCP servers and remove malicious or malformed DHCP traffic.

Question 5

705. Which of the following protocols operates at the data link layer of the OSI model?

A. IGRP
B. BGP
C. PPP
D. FTP

Answer 5

C. PPP

Examples of data link protocols are Ethernet, Point-to-Point Protocol (PPP), HDLC and ADCCP. In the Internet Protocol Suite (TCP/IP), the data link layer functionality is contained within the link layer, the lowest layer of the descriptive model, which is assumed to be independent of physical infrastructure.

Question 6

706. Several open conference rooms have active wired network connections. To discourage unauthorized users, a network technician wants to require users in the conference rooms to authenticate to the network before gaining access. Which of the following would be the BEST network technology to use?

A. WPA
B. MAC filtering
C. ACLs
D. 802.1X

Answer 6

D. 802.1X

keyword: authenticate

Question 7

707. Which of the following describes the function of Layer 3 of the OSI model?

A. It provides sequencing and acknowledgments for connection-oriented communication.
B. It provides connectionless communication using logical addressing.
C. It provides error detection through the FCS for frames transmitted.
D. It provides encryption and compression for data received.

Answer 7

B. It provides connectionless communication using logical addressing.

Question 8

708. Which of the following ports should be open on a host-based firewall for a user who needs email and file-sharing capabilities? (Choose two.)

A. 21
B. 88
C. 389
D. 445
E. 587
F. 3389

Answer 8

A. 21
E. 587

Answers A and E are the most correct for this scenario. Port 21 is used for file-sharing and Port 587 (SMTP over SSL) is used for email client to email server communicatio

Question 9

709. Which of the following steps follows an implemented solution?

A. Document the findings and actions.
B. Identify potential effects of the solution.
C. Verify full system functionality.
D. Implement preventative measures.

Answer 9

C. Verify full system functionality.

Question 10

710. A network technician receives an update in an RSS feed that a new exploit was released for specific hardware used on the network. After verifying the vulnerability with the vendor, the network technician discovers the vulnerability was patched almost two years ago. Which of the following techniques should be implemented to discover out-of-date firmware in the future?

A. Application fuzzing
B. Malware signature management
C. Network traffic analysis with tcpdump
D. Vulnerability scanning

Answer 10

D. Vulnerability scanning

Question 11

711. A network technician needs a secure way to access a router in another country. Which of the following methods would meet this requirement?

A. SSH connection
B. Device HTTP URL
C. TFTP upload
D. GRE tunnel

Answer 11

A. SSH connection

Question 12

712. A technician needs to connect several computers in close proximity to control manufacturing equipment in a factory. The medium to connect the computers must be cost effective and suitable for short distances. Which of the following mediums should the technician use?

A. RJ11 connector and Cat6 cable
B. ST connector and UTP cable
C. DB-9 connector and plenum cable
D. BNC connector and RG-59 cable

Answer 12

D. BNC connector and RG-59 cable

Process of the elimination: A = telephone connector with a ethernet cable WRONG, B= Fiber connector with ethernet cable WRONG C= coaxial cable connector with a type of fire proof cable WRONG, D was the most logical answer left

Question 13

713. A network technician is troubleshooting a laptop that does not have wireless connectivity. The technician determines the wireless network is functioning as expected. The laptop does not show any SSIDs or allow the technician to modify network settings. Which of the following should the technician check FIRST?

A. Check for overcapacity of the network.
B. Ensure wireless is enabled on the laptop.
C. Confirm the power levels of the WAP.
D. Assess the antenna placement.
E. Verify network drivers are up-to-date.

Answer 13

B. Ensure wireless is enabled on the laptop.

Question 14

714. A network technician is implementing a new IPv6 addressing scheme at a local office. This is a large office, and the network manager would like a solution that saves time and allows for automatic addressing of nodes. Which of the following would BEST accomplish this?

A. APIPA
B. 6to4 tunnel
C. NAT64
D. EUI-64

Answer 14

D. EUI-64

The answer is EUI-64. Explanation:
EUI-64 (Extended Unique Identifier) is a method we can use to automatically configure IPv6 host addresses. An IPv6 device will use the MAC address of its interface to generate a unique 64-bit interface ID. However, a MAC address is 48 bit and the interface ID is 64 bit.

Question 15

715. A network administrator notices that network utilization is extremely high around midnight and wonders if this is normal or if there might be a security issue. Which of the following types of documentation should the administrator consult FIRST?

A. Change management documentation
B. Standard operating procedures
C. Network performance baseline
D. Firewall configuration documentation

Answer 15

A. Change management documentation

A is correct, Network Troubleshooting Methodology.
1. Identify the problem:
• Gather information.
•Duplicate the problem, if possible.
•Question users.
•Identify symptoms.
•Determine if anything has changed. (review change management documents)
•Approach multiple problems individually.

Question 16

716. A network technician needs to dedicate a range of addresses in DHCP for statically assigned servers and network devices. Which of the following should be configured to BEST accomplish this?

A. Static addressing
B. Subnetting
C. Advertisements
D. Exclusions

Answer 16

D. Exclusions

Question 17

717. A network administrator needs to create a network for 4,000 devices while conserving address space. Which of the following subnet masks should be used on this network?

A. 255.254.0.0
B. 255.255.224.0
C. 255.255.240.0
D. 255.255.248.0
E. 255.255.255.240

Answer 17

C. 255.255.240.0

on your subnetting chart, this would be a /20, in your 3rd octet obviously

Question 18

718. A network technician needs to administer the desktop of a Linux-based workstation remotely on the local network. Which of the following remote access methods should the network technician use?

A. VNC
B. RDP
C. SSH
D. VPN

Answer 18

C. SSH

SSH is the correct answer since it asked “to administer” and you’ll likely have putty installed on the Windows pc and you know the Linux IP address.

Question 19

719. A network technician is upgrading the software on a switch, but the switch will no longer boot after the upgrade. Which of the following should the network technician have verified before the upgrade?

A. Unnecessary services disabled
B. Secure protocols in use
C. Firmware file hash
D. Network ports disabled

Answer 19

C. Firmware file hash

Question 20

720. Devices on a network will need to obtain DHCP leases from a server on a different network. Which of the following must the engineer implement for DHCP to forward requests to the designated server?

A. Trunking
B. A forward lookup zone
C. A proxy server
D. An IP helper

Answer 20

D. An IP helper

Question 21

721. A network administrator it concerned about the management traffic between a machine and the corporate router. Which of the following protocols should the administrator use to prevent a security breach?

A. VNC
B. SSH
C. RDP
D. SFTP

Answer 21

B. SSH

Question 22

722. Which of the following BEST describes a VLAN hopping attack?

A. An attacker gains unauthorized access to a network by overflowing the CAM table.
B. An attacker gains unauthorized access to a network by placing a rogue AP on the network.
C. An attacker gains unauthorized access to a network by using double-tagged packets.
D. An attacker gains unauthorized access to a network by scanning and mapping it.

Answer 22

C. An attacker gains unauthorized access to a network by using double-tagged packets.

Question 23

723. A vendor has installed new wireless access points in an office. After completing the installation, users in one area of the office report they cannot connect to the wireless network. A network technician confirms the users in that area cannot see the wireless SSID. Which of the following MOST likely explains the issue?

A. The AP power levels are too low.
B. The wireless network is over capacity.
C. A directional antenna was installed incorrectly.
D. The channels are overlapping.

Answer 23

C. A directional antenna was installed incorrectly.

Question 24

724. A switch at a remote site suddenly appears to be inaccessible. No configuration changes were made. An engineer confirms with the office attendant that the switch is powered on, and there are LEDs showing green and amber colors. However, the SFP for the fiber connection from the switch to the router shows no lighted LED. After replacing the cable and SFP with new ones, the LED still does not light up, and no connection is made. Which of the following is the MOST likely issue?

A. Disabled port
B. Electromagnetic interference
C. Incorrect gateway
D. Hardware failure
E. Wrong cable type
F. Unresponsive service

Answer 24

D. Hardware failure

Question 25

725. A wireless administrator has configured a secure wireless network that can only be associated to specific domain accounts. This was done to help mitigate any ricks associated with the wireless signal propagating outside of the facility. Which of the following has no administrator implemented?

A. NAC
B. Implicit deny
C. WPA2
D. Geofencing

Answer 25

A. NAC
or
C. WPA2

NAC is the answer here, since the wireless signal isn’t contained to the interior of the building, it isn’t geofencing, and since the question made sure to state the network access is tied to domain accounts, NAC would be the only plausible option here.

Remember: NAC is Network Access Control, or Network Administrator Control, and is primarily used in Enterprise networks.

Question 26

726. A SaaS provider has decided to leave an unpatched VM available via a public DMZ port. With which of the following concepts is this technique MOST closely associated?

A. Insider threat
B. War driving
C. Evil twin
D. Honeypot

Answer 26

D. Honeypot

Question 27

727. A network administrator is setting up several IoT devices on a new VLAN and wants to accomplish the following:
728. Reduce manual configuration on each system.
729. Assign a specific IP address to each system.
730. Allow devices to move to different switchports on the same VLAN.
     Which of the following should the network administrator do to accomplish these requirements?

A. Set up a reservation for each device.
B. Configure a static IP on each device.
C. Implement private VLANs for each device.
D. Use DHCP exclusions to address each device.

Answer 27

A. Set up a reservation for each device.

DHCP exclusions is when you have a specific set of IP addresses that will not be handed out by the DHCP, whereas DHCP reservations are a specific set of chosen IP addresses which are handed out by the DHCP. Meaning, you’d choose exactly what IP addresses you want in your IoT configuration.

Question 28

728. A company needs to create a new website for the delivery of secure content to and from specific customers. The Chief Information Officer (CIO) states as a requirement the creation of a secure connection between the client’s machine and the website every time the content is accessed. This should be accomplished without requiring the installation of any client software. Which of the following should be used in this scenario?

A. Site-to-site VPN
B. GRE
C. MPLS
D. SSL

Answer 28

D. SSL

web aka http and https. which use ssl and tls, ssl is the answer here

Question 29

729. Joe, an ex-employee from accounting, changed the configurations on several network devices on his last day of work. Which of the following is the MOST likely reason a non-IT employee was able to gain access to network devices?

A. Left virtual ports open
B. Allowed unsecure protocols
C. Left default passwords
D. Allowed unnecessary services

Answer 29

C. Left default passwords

Question 30

730. Which of the following protocols is used during web browsing to resolve website names?

A. HTTP
B. LDAP
C. SNMP
D. DNS

Answer 30

D. DNS

Question 31

731. A company plans to deploy a web server securely on the network to be accessible from the Internet. In which of the following locations should the web server be placed?

A. IDF
B. WAN
C. LAN
D. DMZ

Answer 31

D. DMZ

Question 32

732. A site was hit with ransomware on two occasions in the past month. Which of the following would be the BEST solution for a technician who wants to reduce this frequency?

A. Proxy server
B. UTM appliance
C. RADIUS server
D. Content filter

Answer 32

B. UTM appliance

Unified threat management is an approach to information security where a single hardware or software installation provides multiple security functions.

Question 33

733. Which of the following components should be used to provide interconnectivity between virtual machines in distinct broadcast domains inside the hypervisors environment?

A. Virtual router
B. Virtual switch
C. Virtual NIC
D. Virtual SAN

Answer 33

A. Virtual router

Question 34

734. A network technician is connecting medical-monitoring devices on a personal area network for patients’ phones. Which of the following technologies should be used?

A. Bluetooth
B. RFID
C. NFC
D. IR

Answer 34

A. Bluetooth

Question 35

735. A network engineer needs to connect two network switches with a gigabit link. The proposed route to run the 164ft (50m) cable is directly underneath a large electrical generator. Which of the following cable types would BEST fit the needs of the network engineer?

A. UTP
B. Cat 5 plenum
C. Coaxial
D. STP

Answer 35

D. STP

“STP Cabling is twisted-pair cabling with additional shielding to reduce crosstalk and other forms of electromagnetic interference (EMI). Shielded Twisted-pair Cable. The outer insulating jacket contains an inner braided copper mesh to shield the pairs of twisted cables, which themselves are wrapped in foil.”
STP is the answer.

Question 36

736. Which of the following BEST explains why a firewall would be subject to international export controls?

A. Protected industry
B. IP version incompatibility
C. Differing power standards
D. Encryption technology

Answer 36

D. Encryption technology

Question 37

737. Two buildings are connected with 802.11a wireless bridges using omnidirectional antennas. However, the connection between the two bridges often drops. Which of the following would be the BEST solution?

A. Change the antennas to unidirectional.
B. Conduct a site survey to identify sources of noise.
C. Add a second wireless bridge at each building.
D. Change the bridges to use 802.11g.

Answer 37

A. Change the antennas to unidirectional.

Question 38

738. A network technician is installing a wireless network for a small medical office. The doctors need to download high resolution x-rays quickly with minimal latency.
     Which of the following technologies should be utilized?

A. RFID
B. MIMO
C. CDMA
D. 802.11g

Answer 38

B. MIMO

multiple-input and multiple-output, or MIMO is a method for multiplying the capacity using multiple transmission and receiving antennas to exploit multipath propagation.

Question 39

739. A network technician is troubleshooting a PC that cannot access the Internet. However, the PC responds to ICMP echo requests from the same subset. Which of the following is the MOST likely reason the PC cannot communicate externally?

A. The loopback address is being used.
B. The default gateway is incorrect.
C. The PC does not have an IP reservation.
D. The virtual IP has not been configured.

Answer 39

B. The default gateway is incorrect.

PC responds to ICMP echo requests from the same subset but if gateway is incorrect won’t communicte externally.

Question 40

740. A technician is dispatched to replace an access point that has failed. The device is preconfigured with the correct SSID and passphrase. When the user tries to connect to the SSID, the connection fails. Which of the following is the MOST likely cause of the issue?

A. Interference
B. Channel overlap
C. Distance limitations
c

Answer 40

D. Security type mismatch

Question 41

741. A technician receives a report that Joe, an existing user, is unable to access the network. Joe confirms that he had full access the previous day. The change log is reviewed, and there have been no changes on Joe’s computer or any network changes in the last week. The technician moves the connection to an adjacent location on the switch, and Joe is able to access the network. Which of the following is the MOST likely cause of this issue?

A. Incorrect pin-out
B. Bad port
C. Transceiver mismatch
D. Incorrect cable type

Answer 41

B. Bad port

moving Joe to a different port fixed the problem.

Question 42

A network administrator plans to install network connectivity at a new remote office location. The administrator is concerned about how to troubleshoot network connectivity issues and reconfigure the remote router. The technician should use __________.

A. an SD card with a backup configuration.
B. a TFTP server on the main network for backup configurations.
C. a modem using POTS.
D. a second Ethernet interface for remote access.

Answer 42

C. a modem using POTS.

From my understanding, for him to work on a remote router with the wan possibly being down would require a modem using pots. The tech wouldn’t be able to remote in using ssh since no internet, but a modem using pots would allow him to establish an alternative connection.

Question 43

743. A consultant is designing a new network for a company that will be hosting its own email and web servers. The company wants to ensure there are separate devices to protect the internal network from the DMZ and the DMZ from the Internet. Which of the following would provide this protection?

A. The installation of a firewall with multiple interfaces for the Internet to the DMZ and the LAN.
B. The in-line installation of two firewalls to divide the Internet to the DMZ and the DMZ to the LAN.
C. The installation of two switches to divide the Internet from the LAN and the LAN to the DMZ.
D. The installation of a switch from the Internet to the DMZ and a firewall between the DMZ and the LAN.

Answer 43

B. The in-line installation of two firewalls to divide the Internet to the DMZ and the DMZ to the LAN.

Your keywords here are “separate devices to protect”, so determine which devices protect out of the choices provided. There is only one answer provided that gives you two separate firewalls, using a single firewall with multiple interfaces is redundant because you’d only have to break through one firewall to penetrate the network and DMZ. Having separate firewalls with different standards is best.

Question 44

744. Which of the following BEST explains why a network engineer would use a wireless mesh network when connecting sensors to a sensor gateway?

A. It creates various paths to a particular destination.
B. It increases the overall throughput of the links connecting the devices.
C. It provides redundancy if the sensor network experiences broad wireless interference.
D. It allows autonomous communication if the sensor network goes down.

Answer 44

A. It creates various paths to a particular destination.

Question 45

745. A network technician is assisting a user who cannot connect to a wireless connection. The user is connecting to the correct SSID and has the correct pre-shared key. The technician verifies the WAP is working, and other clients are connected to it from the same location. Which of the following should the technician investigate?

A. Channel overlap
B. Wireless frequency
C. AP power levels
D. Encryption type

Answer 45

D. Encryption type

The key is just the password to for the connection, not the encryption standard being used, i.e. WEP, WPA, WP2, etc

Question 46

746. A network administrator has been directed to present the network alerts from the past week to the companyגs executive staff. Which of the following will provide the BEST collection and presentation of this data?

A. A port scan printout
B. A consolidated report of various network devices
C. A report from the SIEM tool
D. A report from a vulnerability scan done yesterday

Answer 46

C. A report from the SIEM tool

Question 47

747. As part of a new datacenter upgrade project, the security manager has asked for additional physical security to prevent asset theft. Which of the following technologies should be implemented?

A. Video surveillance
B. Motion detection alarms
C. Asset tracking tags
D. Locks on devices

Answer 47

D. Locks on devices

Question 48

748. SIM HOTSPOT -
     Workstations are unable to access the Internet after a recent power outage. Configure the appropriate devices to ensure All workstations have Internet connectivity.

Instructions -
All ports can be enabled (fill) or disabled (no fill).
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Hot Area:

Answer 48

ENABLE ALL

The switches are not connected properly. Connect Switch 1 to switch three on the last port and then connect the last port of the switch 3 to the first port of switch 2. In this way the switches will be connected properly. Click Enable All to enable the switched

Question 49

749. A new employee is learning how to use multiple company applications. Upon logging in to one application, the employee notices the other applications do not require authentication. Which of the following explains the reason why this is happening?

A. Kerberos is being used to authenticate.
B. The employee logged in to a captive portal.
C. Single sign-on is being used.
D. Local authentication was performed.

Answer 49

C. Single sign-on is being used.

Question 50

750. A network technician is investigating an issue with handheld devices in a warehouse. Devices have not been connecting to the nearest APs, but they have been connecting to an AP on the far side of the warehouse. Which of the following is the MOST likely cause of this issue?

A. The nearest APs are configured for 802.11g.
B. An incorrect channel assignment is on the nearest APs.
C. The power level is too high for the AP on the far side.
D. Interference exists around the AP on the far side.

Answer 50

B. An incorrect channel assignment is on the nearest APs.

Question 51

751. Which of the following VPN technologies should a network technician utilize to tunnel IPv6 traffic and multicast over an IPv4 WAN link?

A. AH
B. DTLS
C. SSL
D. GRE

Answer 51

D. GRE

Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links or point-to-multipoint links over an Internet Protocol network.

Question 52

752. Which of the following technologies would allow a technician to install and run multiple guest operating systems on host hardware?

A. PXE
B. Clustering
C. Hypervisor
D. SAN

Answer 52

C. Hypervisor

Question 53

753. A network administrator is configuring a link-state routing protocol for traffic. Which of the following routing protocols should be implemented?

A. RIPv2
B. BGP
C. EIGRP
D. OSPF

Answer 53

D. OSPF

BGP, boarder gateway protocol
OSPF, open shortest path first

The OSPF protocol is a link-state routing protocol, which means that the routers exchange topology information with their nearest neighbors. … The main advantage of a link state routing protocol like OSPF is that the complete knowledge of topology allows routers to calculate routes that satisfy particular criteria.

Question 54

754. A customer wants a technician to implement a solution that will allow its critical on-site servers to continue to function in the event of an extended power outage.
     Which of the following should the technician recommend?

A. Warm site
B. Load balancer
C. Power generator
D. Hot site

Answer 54

C. Power generator

Question 55

755. Which of the following would an organization MOST likely have employees sign before granting access to confidential data?

A. An AUP
B. A BYOD policy
C. An NDA
D. A PUA

Answer 55

C. An NDA

Non-disclosure agreement
It is a contract through which the parties agree not to disclose any information covered by the agreement.

Question 56

756. A user from a remote office is reporting slow file transfers. Which of the following tools will an engineer MOST likely use to get detailed measurement data?

A. Packet capture
B. iPerf
C. NetFlow analyzer
D. Internet speed test

Answer 56

B. iPerf

perf is a tool for network performance measurement and tuning. It is a cross-platform tool that can produce standardized performance measurements for any network. Iperf has client and server functionality and can create data streams to measure the throughput between the two ends in one or both directions.

Question 57

757. A network technician needs to implement a network security control on a switch. The solution needs to be non-invasive and prevent guests and unauthorized users from accessing the company’s network. Which of the following would BEST meet these requirements?

A. Upgrading the firmware
B. Disabling unused ports
C. Reconfiguring the router access list
D. Patching and updating

Answer 57

B. Disabling unused ports

Question 58

758. A network administrator needs to bring a new building online that houses multiple departments. The departments vary in size, with the smallest having 25 hosts and the largest having 140 hosts. When designing the addressing scheme for the new building, which of the following should the network administrator use to limit the number of wasted IP addresses?

A. Public IPs
B. Private IPs
C. DHCP
D. VLSM
E. Reserved IPs

Answer 58

D. VLSM

Variable-Length Subnet Masking (VLSM) amounts to “subnetting subnets,” which means that VLSM allows network engineers to divide an IP address space into a hierarchy of subnets of different sizes, making it possible to create subnets with very different host counts without wasting large numbers of addresses.

Question 59

759. A software company is hosting a seminar at a local conference centre to unveil its latest software release. As the clients begin to arrive and connect their mobile devices to the wireless network, users begin to report connectivity and throughput issues. Which of the following should the network technicians do to resolve the reported issues quickly?

A. Call the ISP to increase the bandwidth.
B. Provision and deploy additional WAPs.
C. Run Cat 6 cable to each of the WAPs.
D. Upgrade the wireless network to the newest standard.

Answer 59

A. Call the ISP to increase the bandwidth.

“Which of the following should the network technicians do to resolve the reported issues quickly?”

This is the quickest solution, especially considering there’s an event, you’re not going to install and config new network equipment in that type of scenario, you’re going to call the ISP and come to an agreement on speed.
The keyword here is “quickly”

Question 60

760. A client utilizes mobile tablets to view high-resolution images and videos via WiFi within a corporate office building. The previous administrator installed multiple high-density APs with WiFi 5, providing maximum coverage, but the measured performance is still below expected levels. Which of the following would provide the
     BEST solution?

A. Channel bonding
B. EIRP power settings
C. Antenna polarization
D. A directional antenna

Answer 60

A. Channel bonding

Channel bonding is when a cable modem combines multiple channels to increase the amount of traffic that it can comfortably support. The best example for how channel bonding works is to look at a highway with heavy traffic. … On a highway, there are multiple lanes to allow traffic through to reduce traffic jams.

Question 61

761. A rural municipality has built an external public WiFi meshed network using omnidirectional antennas. After the initial build, the performance meets expectations, and the municipality enters a six-month pilot program in the fall. By the end of the pilot program in the spring, the performance has fallen dramatically. The pilot has a static number of users with no increases in usage from beginning to end. Which of the following would be the MOST likely reason for the performance issues?

A. Too many users in the pilot creating overcapacity issues
B. Buildings creating reflection issues
C. Omnidirectional antennas being insufficient for outdoor use
D. Foliage creating absorption issues

Answer 61

D. Foliage creating absorption issues

Keyword, spring, when plants bloom

Foliage = plants/trees bloom creating WIFI absortion

Question 62

762. Which of the following should a technician use to keep the STP topology predictable and consistent?

A. Root guard
B. Flood guard
C. Dynamic ARP inspection
D. Ingress ACLs

Answer 62

A. Root guard

RootGuard is a spanning-tree feature that prevents another switch to become root bridge.

Question 63

763. A malicious user sent double-tagged frames on an 802.1Q-enabled port and immediately gained access to additional network resources. Which of the following attacks did the malicious user successfully execute?

A. Evil twin
B. Man-in-the-middle
C. DNS poisoning
D. VLAN hopping

Answer 63

D. VLAN hopping

VLAN hopping (virtual local area network hopping) is a method of attacking a network by sending packets to a port that is not normally accessible from a given end system.

Question 64

764. A network technician is installing a new fiber-optic connection between two buildings on a campus network. When the network technician connects the fiber at the second location, the interface link light does not light up. Which of the following should the technician do NEXT?

A. Reverse the fiber pair.
B. Check the duplex on each interface.
C. Install a fiber distribution panel.
D. Configure a media converter for each switch.

Answer 64

A. Reverse the fiber pair.

Polarity in its most basic form is making sure that transmit talks to receive (a simple analogy: the mouth always talks to the ear). It sounds simple, but failure to fully understand polarity has often led to the “apathy” method of just “flipping” a pair of simplex connectors around as needed.

Question 65

765. A network engineer is surveying the existing wireless infrastructure to propose additional changes to increase throughput. The SSID is already on an uncongested 5GHz frequency. Which of the following should the engineer configure?

A. Channel bonding
B. 802.11a
C. Dual-band frequency
D. An omnidirectional antenna

Answer 65

A. Channel bonding

Channel bonding is when a cable modem combines multiple channels to increase the amount of traffic that it can comfortably support. The best example for how channel bonding works is to look at a highway with heavy traffic. … On a highway, there are multiple lanes to allow traffic through to reduce traffic jams.

Question 66

766. A junior technician deployed new computers in a company, and users are reporting issues with file transfers to network shares being slower than with the previous computers. The network administrator verifies the switch’s gigabit ports are set to auto-negotiate. Which of the following should the administrator perform NEXT to determine the issue?

A. Change the default gateway on the new computers.
B. Update the drivers for the NIC cards.
C. Move the computers to a different VLAN.
D. Determine if the NIC speed on the computers is configured correctly.

Answer 66

D. Determine if the NIC speed on the computers is configured correctly.

The answer wouldn’t be B because the technician already deployed the computers, meaning all the drivers are most likely already updated. The only answer it could be is the NIC speed

Question 67

767. A customer has requested Ethernet cabling for a new office building. A technician is dispatched to perform a site survey and does not note any special considerations for the installation. Which of the following cable types will the technician MOST likely recommend for this installation?

A. Metallic sheathed
B. Fiber optic
C. Unshielded twisted pair
D. Coaxial

Answer 67

C. Unshielded twisted pair

Most common cable used.

Question 68

768. Branch users are experiencing issues with videoconferencing. Which of the following will the company MOST likely configure to improve performance for these applications?

A. Link Aggregation Control Protocol
B. Dynamic routing
C. Quality of service
D. Network load balancer
E. Static IP addresses

Answer 68

C. Quality of service

Question 69

769. A technician is called to a customer site because the modem has failed and needs to be replaced. The technician connects the existing firewall to a modem taken from another customer site and ensures the users can reach the Internet. That night, a remote vendor tries to transfer a file to the customer’s server using FTP but is unable to make the connection. There were no issues the previous night. Which of the following is the MOST likely cause of the problem?

A. The firewall rules in the router were not reconfigured for use with the newer ISP protocols.
B. The modern may have its own built-in firewall that is interfering with the communications.
C. The ISP cannot route traffic from the new modern because it came from another ISP.
D. The NAT that converts the public IP to the internal private IP of the server is using an incorrect port.

Answer 69

B. The modern may have its own built-in firewall that is interfering with the communications.

Question 70

770. A new application is being deployed. The application team has asked the network team to monitor network performance and create alerts if fluctuations in the round-trip time for that traffic occur. Which of the following should the network team monitor to meet this requirement?

A. Bandwidth
B. Latency
C. Loss
D. Jitter

Answer 70

D. Jitter

Latency Vs Jitter:
In a nutshell, latency is a term used to outline the amount of time it takes for a packet to transfer to its destination. In contrast, jitter is the delay that varies over time when the signal wanes or jitters.
From what I have seen in these practice questions is that
*fluctuations are mentioned, Comptia wants Jitter as the answer.
*When a delay is mentioned, the answer is Latency
This might clarify it a little more:
Jittering’ is essentially the fluctuation or variation of latency over time. Simply put, if every information packet takes the same amount of time to travel from point A to point B, then there is no jitter. However, if the packet delivery times are inconsistent, then there is ‘jitter’.

Question 71

771. A network technician is required to install a network device to provide service to an office area. The office area has 23 users and two printers that must be able to connect to the file server in a different building. Which of the following network devices should the technician use?

A. Media converter
B. Switch
C. Bridge
D. Wireless range extender

Answer 71

B. Switch

Question 72

772. A company has multiple site-to-site VPN connections using a pre-shared key. The Chief Information Security Officer (CISO) is concerned about the long-term security of the tunnels and has asked the network technicians to develop a plan to ensure the best security of the tunnels. Which of the following should the network technicians implement?

A. Purchase dedicated MPLS circuits between each of the sites.
B. Request a change of IP addresses from the ISP semiannually.
C. Perform annual key rotations on the site-to-site VPNs.
D. Terminate tunnels when they are not actively being used.

Answer 72

C. Perform annual key rotations on the site-to-site VPNs.

Question 73

773. A network engineer is adding a second router to the company’s topology to connect a new wing of the building. The second router will be in the same server room as the first router and does not support auto-MDX. Which of the following describes how the routers should be connected to each other?

A. Connect the second router to the first router with a crossover cable.
B. Use a straight-through cable to connect the two routers together.
C. Connect the two routers with vendor-specific console cables.
D. Connect the AUX ports directly between the two routers.

Answer 73

A. Connect the second router to the first router with a crossover cable.

Question 74

774. Which of the following technologies provides a failover mechanism for the default gateway?

A. FHRP
B. LACP
C. OSPF
D. STP

Answer 74

A. FHRP

FHRP - designed to protect the default gateway used on a subnetwork by allowing two or more routers to provide backup for that address;

Question 75

775. A technician is troubleshooting a client’s report about poor wireless performance. Using a client monitor, the technician notes the following information:

channels displayed: 9,10,11,6
Which of the following is MOST likely the cause of the issue?

A. Channel overlap
B. Poor signal
C. Incorrect power settings
D. Wrong antenna type

Answer 75

A. Channel overlap

Question 76

776. A hydroelectric company wants to manage sensors at a dam remotely. The control station at this dam is several miles off the main road in a densely forested area.
     Which of the following should the company implement to connect remotely to the sensors?

A. Cable broadband
B. DSL Internet
C. Cellular modem
D. ISDN Internet

Answer 76

C. Cellular modem

Question 77

777. Which of the following is the physical topology for an Ethernet LAN?

A. Bus
B. Ring
C. Mesh
D. Star

Answer 77

A. Bus

physical topology for an Ethernet LAN”
Did they mention router or switch or even a hub ?
it’s simply bus topology
physical bus, logical star

What is the physical topology of Ethernet?
A physical topology is how they are actually interconnected with wires and cables. For example, in a shared Ethernet network that uses hubs rather than switches, the logical topology appears as if every node is connected to a common bus that runs from node to node.

Question 78

778. Which of the following can be used to decrease latency during periods of high utilization of a firewall?

A. Hot site
B. NIC teaming
C. HA pair
D. VRRP

Answer 78

B. NIC teaming

NIC Teaming - The major benefits of NIC teaming are load balancing (redistributing traffic over networks) and failover (ensuring network continuity in the event of system hardware failure) without the need for multiple physical connections

Question 79

779. At which of the following OSI model layers does the Layer 2 Tunneling Protocol operate?

A. Application
B. Session
C. Transport
D. Data link

Answer 79

D. Data link

Question 80

780. A network technician has just implemented a new wireless network that requires clients to use a WEP key for access. The technician is now required to make changes to ensure the network uses the strongest encryption available. After the changes are implemented, several users report being unable to connect. Which of the following is the MOST likely cause?

A. RADIUS server failure
B. Security type mismatch
C. Wrong passphrase
D. Incorrect SSID

Answer 80

B. Security type mismatch

Question 81

781. A network technician wants to ensure the backup configuration files for the network devices are not being altered after they are stored. Which of the following tasks should the network technician perform to achieve this goal?

A. Compute the checksum of the backup file and document it separately.
B. Store the backup files on a thumb drive and keep it in a desk drawer.
C. Encrypt the drive the files are stored on using AES-256.
D. Upload the backup files to a cloud storage service.

Answer 81

A. Compute the checksum of the backup file and document it separately.

Question 82

782. A network technician has been asked to provide daily reports on network saturation. Which of the following would BEST reflect these statistics?

A. Average bandwidth usage
B. Error rate on trunk ports
C. Packet drops to the ISP
D. Processor utilization for the Internet router

Answer 82

A. Average bandwidth usage

Question 83

783. A large metropolitan city is looking to standardize the ability for police department laptops to connect to the city government’s VPN. The city would like a wireless solution that provides the largest coverage across the city with a minimal number of transmission towers. Latency and overall bandwidth needs are not high priorities. Which of the following would BEST meet the city’s needs?

A. 5G
B. LTE
C. WiFi 4
D. WiFi 5
E. WiFi 6

Answer 83

B. LTE

Question 84

784. A network administrator is installing a new IDS device that will collect logs and alert the administrator of breaches.
     >The network infrastructure includes a modem, a firewall, and core and access switches.
     >The modem is ISP provided and only forwards packets from the data circuit.
     >The firewall handles stateful packet inspection, the ACL, and application layer filtering.
     Which of the following describes where the administrator should install the IDS device on the network to collect the MOST relevant information?

A. In front of the modem and firewall
B. Between the modem and firewall
C. Behind the firewall on the core switch
D. After the access switch

Answer 84

A. In front of the modem and firewall

“IDS device that will collect logs and alert the administrator of breaches”
It’s especially best to have your IDS in front of your modem and even in front of your firewall so you are notified of breaches before they happen. The IDS does not prevent breaches, it detects them. Before a breach happens, you’d want to know about it to have time to react.

Question 85

785. A network technician needs to extend a Cat 6a connection. A device is being moved to another building that is too far away for the existing cable to reach. There is dark fiber between the buildings, and the devices must be directly connected to each other using RJ45 terminations. Which of the following is needed to ensure the connection?

A. A media converter
B. A crossover cable
C. A patch panel
D. A switch

Answer 85

A. A media converter

Question 86

786. A network administrator walks into a datacenter and notices an unknown person is following closely. The administrator stops and directs the person to the security desk. Which of the following attacks did the network administrator prevent?

A. Evil twin
B. Tailgating
C. Piggybacking
D. Shoulder surfing

Answer 86

B. Tailgating

Question 87

787. A user has just received a call from someone claiming to be from the company help desk and asking for password information to assist the user with a password reset. Company policy, however, states the help desk will not ask for password information. Which of the following has the user just experienced?

A. Logic bomb
B. Social engineering
C. Phishing
D. Insider threat

Answer 87

B. Social engineering

Question 88

788. A network engineer is deploying a new PBX for a customer. Although all new phones will be IP-based, the office will still use a few POTS-based phones and a fax line. Which of the following will be needed to connect the fax line?

A. RJ11
B. RJ45
C. DB-9
D. F-type

Answer 88

A. RJ11

Question 89

789. A network technician is installing a new SOHO wireless router for a client. After configuring and securing the wireless network, the technician begins hardening the wireless router. Which of the following should the network technician do FIRST?

A. Enable content filtering
B. Back up the configuration of the device.
C. Configure an ACL for managing the device.
D. Filter MAC addresses.

Answer 89

B. Back up the configuration of the device.

Question 90

790. A network technician is configuring a new web server at the company office. The network manager has instructed the technician to implement it in such a way so it is isolated from the local network and still able to be reached from an external network. Which of the following BEST describes where the technician should set up the new server?

A. Private VLAN
B. IDF
C. DMZ
D. Native VLAN

Answer 90

C. DMZ

Question 91

791. A company has decided to move its datacenter to an IaaS provider. The company stakeholders are concerned about their ISP being a single point of failure.
     Which of the following will the network administrator MOST likely recommend to mitigate this risk?

A. Adopt a multicloud strategy to ensure access in case of an outage.
B. Contract a secondary ISP to provide another connection.
C. Lease additional office space for use in the event of a disaster.
D. Get an additional Internet connection from the current ISP.

Answer 91

B. Contract a secondary ISP to provide another connection.

Question 92

792. A network engineer is provisioning a new Linux server in a public cloud. Which of the following types of cloud service should be utilized?

A. PaaS
B. SaaS
C. DaaS
D. IaaS

Answer 92

A. PaaS

Question 93

793. A workstation is configured with the following network details:

Software on the workstation needs to send a query to the local subnet broadcast address. To which of the following addresses should the software be configured to send the query?

A. 10.1.2.0
B. 10.1.2.1
C. 10.1.2.23
D. 10.1.2.255
E. 10.1.2.31

Answer 93

E. 10.1.2.31

/27 gives you 32 total hosts. 10.1.2.23 is in the IP range of 10.1.2.0-10.1.2.31. Broadcast ID is 10.1.2.31. E is correct

Question 94

794. Which of the following technologies relies on circuit switching?

A. DMVPN
B. MPLS
C. PPPoE
D. DOCSIS

Answer 94

C. PPPoE

The Point-to-Point Protocol over Ethernet (PPPoE) is a network protocol for encapsulating Point-to-Point Protocol (PPP) frames inside Ethernet frames.

Question 95

795. Which of the following is the LARGEST MTU for a standard Ethernet frame?

A. 1452
B. 1492
C. 1500
D. 2304

Answer 95

C. 1500

Question 96

796. The security department is looking to install a new IP-based camera. Plugging the camera into the available Ethernet jack does not power on the camera. Upon further investigation, the cable tests fine, and it does provide power to a VoIP phone. Which of the following is MOST likely causing the issue?

A. The brown pair UTP has a short.
B. The camera requires 802.3at power.
C. The camera requires Cat 7 cabling.
D. The switchport has PoE disabled.

Answer 96

B. The camera requires 802.3at power.

What is the difference between 802.3 AF and 802.3 at?
The big difference between 802.3af (PoE) and 802.3at (PoE+) is the amount of power delivered over each standard.
802.3af (PoE) can deliver 15.4 watts over Cat5 cables. 802.3at (PoE+) can deliver up to 30 watts over Cat 5 cables with 25.5 watts available to devices

Question 97

797. A network technician recently installed a new Layer 2 switch. After scanning the device, the network administrator mentions there is traffic on port 23. Which of the following should the network technician have done during the installation?

A. Disabled Telnet and enabled SSH
B. Created an ACL to block port 23
C. Disabled DHCP snooping
D. Changes the native VLAN

Answer 97

A. Disabled Telnet and enabled SSH

Question 98

798. Which of the following IEEE standards explains the characteristics of how PoE should operate in a switched network?

A. 802.11ac
B. 802.1q
C. 802.1X
D. 802.3af

Answer 98

D. 802.3af

What is the difference between 802.3 AF and 802.3 at?
The big difference between 802.3af (PoE) and 802.3at (PoE+) is the amount of power delivered over each standard.
802.3af (PoE) can deliver 15.4 watts over Cat5 cables. 802.3at (PoE+) can deliver up to 30 watts over Cat 5 cables with 25.5 watts available to devices

Question 99

799. A network administrator is configuring a server to be placed on the network. The end users will be accessing an application via a web browser that requires them to log into the application. Which of the following protocols would allow a secure connection?

A. SCP
B. SSH
C. HTTPS
D. SFTP

Answer 99

C. HTTPS

Question 100

800. The following instructions were published about the proper network configuration for a videoconferencing device:
     “Configure a valid static RFC1918 address accordingly to your network. Check the option to use a connection over NAT”.
     Which of the following is a valid IP address configuration for the device?

A. FE80::1
B. 100.64.0.1
C. 169.254.1.2
D. 172.19.0.2
E. 224.0.0.12

Answer 100

D. 172.19.0.2