Test Review From Testers

Question 1

What is SNMP

Answer 1

Is an Internet Standard protocol used for managing and monitoring network-connected devices in IP networks.
SNMP is an application-layer protocol that uses UDP port number 161/162 to transmit management data between network devices. It’s widely used for network management, providing a standardized framework for monitoring and managing network devices such as routers, switches, servers, and printers.
Network monitoring, fault detection, configuration management, performance management

Question 2

What is RADIUS

Answer 2

Remote Authentication Dial-In User Service is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users who connect to and use a network service. A client-server protocol that enables remote users to authenticate and gain access to a network. It’s widely used in various environments, including corporate networks, internet service providers, and educational institutions. Authentication: When a user attempts to connect to the network, the RADIUS client the user’s credentials (username and password) to the RADIUS server. Authorization: If the credentials are valid, the RADIUS server checks the user’s permissions and determines what resources the user can access. Accounting: The RADIUS server keeps track of the user’s network usage, such as connection time and data usage, for billing or monitoring purposes. Ensures only authorized users can access the network, managing remote user access to Wi-Fi networks. RADIUS-TLS secured.

Question 3

In a traditional three-tier network architecture, what is the function of the access layer

Answer 3

In a traditional three-tier network architecture, the access layer is the first tier and is crucial for network performance and security. It connects devices like PCs, phones, and wireless access points to the network.
Device Connectivity: It provides the interface for end-user devices to connect to network.
Security: Implements security measures like VLANs, port security, and access control lists (ACLs).
Traffic Management: Manages the traffic from end-user devices to ensure efficient network usage.
QoS: Ensures reliable and consistent network performance by prioritizing certain types of traffic.
Address resolution: Handles ARP (Address Resolution Protocol) to map IP addresses to MAC addresses for device communication.

Question 4

Which routing protocol uses hop count as the primary metric for making routing decisions?

Answer 4

RIP (Routing Information Protocol) is one of the oldest distance-vector routing protocols used in local and wide area networks. Uses hop count as a routing metric to determine the best path between the source and destination network. It operates on the Network layer of the OSI model and uses UDP port 520 for communication.

Question 5

STP

Answer 5

Spanning Tree Protocol is a network protocol that ensures a loop-free topology for Ethernet networks. STP is defined in the IEEE 802.1D standard and is used to prevent loops in network topologies. Loops can cause broadcast storms and multiple frame copies, leading to network congestion and failure. STP uses BPDU (Bridge Protocol Data Units) to exchange information between network devices about their statuses and to maintain network topology information. The port begins to learn MAC addresses to populate the switch’s MAC address table but does not forward frames. The port forwards frames and populates the MAC address table.

Question 6

OSPF

Answer 6

Open Shortest Path First is a dynamic routing protocol used in Internet Protocol (IP) networks. It’s designed to find the best path for data packets between devices in a network. OSPF is an interior gateway protocol (IGP) used within an autonomous system (AS) it’s part of the link-state family of protocols and operates using Dijkstra’s Shortest Path First (SPF) algorithm. OSPF is defined in RFC 2328 and is known for its scalability and rapid convergence. OSPF is a robust and versatile protocol, making it a popular choice for large and dynamic networks. The shortest path tree is used to update the routing table with the best paths to each destination. Used in backbone and internal segments of ISP networks. Deployed in large educational and research institutions for efficient routing.

Question 7

VLAN

Answer 7

Virtual Local Area Network is a logical grouping of devices within a large physical network. It helps segment a network into smaller, isolated sections, improving management, security, and performance. Allows devices on different physical LAN segments to communicate as if they were on the same physical network, even if they’re not directly connected. Devices in different VLANs can’t communicate with each other without a router. Sensitive data can be isolated in specific VLANs, reducing exposure to network threats. Make it easier to manage and configure large networks by logically grouping devices. Broadcast traffic is limited to devices within the same VLAN, reducing unnecessary load on the network. Port-Based, MAC-Based, Protocol-Based VLANs. Isolating departments within an organization to enhance security and manageability. Creating separate VLANs for guest users to provide internet access while keeping the main network secure. With VoIP it isolates voice traffic to ensure quality and performance.

Question 8

VLAN trunking

Answer 8

A method used to carry traffic from multiple VLANs over a single network link, typically between switches. It uses tagging to identify and separate the VLANs over a single network link, typically between switches. It uses tagging to identify and separate the VLANs, ensuring that data stays within its designated VLAN while traveling across shared infrastructure. Efficient use of bandwidth, simplified management, scalability, enhanced security.

Question 9

DRP

Answer 9

Disaster Recovery Planning is a structured approach to help organizations recover from catastrophic events such as natural disasters, cyber-attacks, or system failures. A comprehensive document that outlines how an organization will respond to and recover from disruptive incidents. It ensures the availability of data and critical systems, minimizing downtime and financial loses.
Establish a planning group, perform a risk assessment, conduct a business impact analysis, develop recovery strategies, document recovery procedures, assign responsibilities, implement testing and training, and review and update the plan.

Question 10

Hot site in disaster recovery plan

Answer 10

To maintain continuous operations with minimal downtime during a disaster

Question 11

MTTR

Answer 11

Mean Time to Repair is a key performance indicator (KPI) used to measure the average time it takes to repair a system, machine, or equipment after a failure. It’s a crucial metric in maintenance management, IT operations, and incident management. MTTR measures the time from when a failure occurs to when the system or equipment is fully functional again. This includes the time taken to detect the failure, diagnose the issue, and complete the repair.

Question 12

Vulnerability assessments and why we need them

Answer 12

Systematic reviews of security weaknesses in an information system. They evaluate if the system is susceptible to any known vulnerabilities, assign severity levels to those vulnerabilities, and recommend remediation or mitigation if needed. Identification, Evaluation, Prioritization, and remediation.

Question 13

On-Path attack

Answer 13

Also known as man-in-the-middle (MITM) attacks, occur when attacker positions themselves between two parties in a communication process. By doing so, the attacker can intercept, read, and even alter the data being exchanged. Interception, Eavesdropping, Modification.
ARP Spoofing, DNS Spoofing, SSL Stripping. To prevent use encryption like HTTPS. Authentication to identify both parties. Network security measures such as firewalls, IDS, and IPS. Perform regular updates.

Question 14

ACL

Answer 14

Access Control List specifies which users or system processes have access to certain objects, like files or network resources, and what operations they are allowed to perform on those objects. Think of it as a list of permissions attached to an object. Each entry in this list specifies a subject and an operation. A file might have an ACL that allows a specific user to read and write to the file, a group to only read the file, and everyone else to have no access. It’s a critical part of system security, ensuring only authorized entities can perform certain actions.

Question 15

Client-to-site VPN

Answer 15

A secure tunnel between a user’s device (the client) and a remote network (the site), allowing the user to access the network as if they were physically present.
Client: This is usually a device, like a laptop or smartphone, running VPN client software.
Site: This refers to a network, such as a company’s internal network, that the client wants to securely connect to.
Encryption: The data traveling through this tunnel is encrypted, ensuring that it remains private and protected from eavesdropping.
Authentication: Users must authenticate themselves, typically using a username and password, or even multifactor authentication for added security. You can work remotely and still access all the files, applications, and resources you need as if you were at the office, without compromising security.

Question 16

OTDR

Answer 16

Optical Time-Domain Reflectometer is an optoelectronic instrument used to test the integrity of optical fibers. It sends a series of optical pulses into the fiber and measures the light that is reflected back. Measures attenuation (signal loss), reflection (backscattered light), and distance to faults or breaks.

Question 17

Protocol analyzer

Answer 17

a tool (hardware or software) used to capture and analyze signals and data traffic over a communication channel. It helps in monitoring network traffic and analyzing its behavior. It captures data packets traveling across the network. It decodes the captured packets to interpret the data and understand how packets are being transmitted. Used for troubleshooting, detecting security issues, monitoring network performance, and more. Wireshark, Snort, and Omnipeek.

Question 18

Packet Capture

Answer 18

PCAP is the process of intercepting and logging data packets as they travel across a network. This is typically done using software tools that can capture packets in real-time and store them for analysis. Capturing packets at a specific point in the network. Storing the captured packets for a period of time. Analyzing the stored packets to understand network behavior, troubleshooting issues, or detect security threats. Wire shark.

Question 19

CIA

Answer 19

is a foundational model in cybersecurity, representing three key principles that guide information security efforts. Confidentiality ensuring that sensitive information is only accessible to authorized individuals, encrypting data to prevent unauthorized access. Integrity: Maintaining the accuracy and reliability of data by protecting it from unauthorized modifications. Using checksums and digital signatures to detect and prevent tampering. Availability: Ensuring that information and resources are accessible to authorized users when needed. Implementing redundant systems and regular backups to authorized users when needed.

Question 20

RADIUS vs TACACS+

Answer 20

both are protocols used for authentication, authorization, and accounting (AAA) in network security. RADIUS encrypts only the passwords and uses UDP for communication. Separates authentication and authorization processes. Commonly used for remote user access, such as VPNs and wireless networks. TACACS+ Encrypts all communication, providing higher security. Uses TCP for communication. Combines Authentication and authorization into a single process. Often used for managing network devices like routers and switches. TACACS+ offers more robust security and finer control over network access.

Question 21

RRAS

Answer 21

Routing and Remote Access Service is a Microsoft service that enables routing and remote access capabilities on Windows Server operating systems. Allows a Windows Server to function as a router, managing the flow of data between different network segments or subnets. It supports both routing and remote access functionalities, making it versatile for various networking needs. It provides remote user or site-to-site connectivity using VPNs or dial-up connections. This allows users to securely access the network from remote locations. Small to Medium networks.

Question 22

Pen test vs Vulnerability testing

Answer 22

Pen testing is more intensive and thorough, while vulnerability testing is less invasive and quicker. Pen testing aims to exploit vulnerabilities, whereas vulnerability testing aims to detect and report them. Pen testing typically requires skilled ethical hackers, while vulnerability testing relies on automated tools. Vulnerability testing helps you understand what weaknesses exist, while pen testing shows how those weaknesses could be exploited in a real-world scenario.

Question 23

DOS vs DDOS

Answer 23

The key difference lies in the number of sources: DoS attacks come from one system, whereas DDoS attacks come from multiple systems. This makes DDoS attacks more potent and harder to defend against.

Question 24

Following a disaster, a network administrator is attempting to prioritize system restores. What should the admin do FIRST?
A. Check the RTO
B. Verify the MTBF
C. Check the MTTR
D. Verify the RPO

Answer 24

A. Check the RTO
The first thing to do is check the RTO (Recovery Time Objective) to prioritize which systems need to be restored quickly to avoid unacceptable consequences.

Question 25

RTO

Answer 25

Recovery Time Objective is a key metric in disaster recovery and business continuity planning. It defines the maximum acceptable amount of time that a system, application, or function can be down after a failure or disaster before the impact on the business becomes unacceptable. In other words, RTO is the target time set for the recovery of IT and business activities after an outage. Minimizes Downtime, Business Continuity, Cost Management. Determine the impact of downtime on different business processes and functions, Prioritize systems by identifying which systems are critical and set appropriate RTOs based on their importance to the business. Plan Recovery by developing and implementing recovery strategies that can meet the defined RTOs.

Question 26

The network technical team needs to configure two network connections working in parallel between a server and a switch to improve available bandwidth. The switch is already configured to support communication. What should the team configure on the server?
A. NIC teaming
B. Load balancing
C. Port aggregation
D. Clustering

Answer 26

NIC Teaming
Allows multiple network interfaces to work together to increase bandwidth and provide redundancy.

Question 27

NIC teaming

Answer 27

Also known as load balancing and failover, LBFO involves combining multiple network interface cards (NICs) into a single logical NIC to improve network performance and provide redundancy. Increased Bandwidth by combining multiple NICs, you can aggregate bandwidth, improving data transfer rates. Redundancy, if one NIC fails, the others can take over, ensuring continuous network availability. Load Balancing distributes network traffic evenly across all NICs, optimizing network resource usage. Configuration, NIC teaming can be configured on the server operating system, where you specify which NICs to team. Modes, Various teaming modes can be set, such as active-active (all NICs are active) or active-standby (one NIC is on standby for failover). Aggregation, the teamed NICs appear as a logical NIC to the network, handling traffic based on the configured mode. Used in servers to ensure high availability and performance and high-traffic environments where bandwidth and redundancy are critical, like data centers or enterprise networks.

Question 28

Which type of backup takes the least time and uses the least amount of disk space?
A. Copy
B. Incremental
C. Differential
D. Full

Answer 28

Incremental
These backups save only the changes made since the last backup, making them quicker and more space-efficient

Question 29

Which DNS resource record type is used to identify and locate web servers in a network?
A. SRV
B. NS
C. MX
D. CNAME

Answer 29

SRV
SRV records identify and locate web servers in a network by providing information about available services and their locations.
Service Record
Is a type of DNS record that specifies the location of servers for specific services. It defines the hostname and port number for services such as SIP, XMPP, LDAP, and more.
Key Components of an SRV record
The name of the service (ex: sip, xmpp)
The transport protocol used (ex: tcp, udp)
Domain: The domain name of the server providing the service
The port number on which the service is running
Priority: Used to determine the order in which the servers should be contacted (lower values have higher priority)
Weight: Used to distribute the load among servers with the same priority (higher values get more traffic)

Question 30

A wireless client reports their VOIP calls are choppy and sometimes drop. What should a network administrator do FIRST to troubleshoot this issue?
A. Install omnidirectional Antennas
B. Add another SSID
C. Reduce EIRP
D. Check the client’s RSSI

Answer 30

Checking the clients RSSI
Checking the client’s Received Signal Strength Indicator helps determine if the signal strength is adequate and if there’s a need for improvement

Question 31

RSSI

Answer 31

Received Signal Strength Indicator is a measurement that indicates the power level of a received radio signal. It helps determine the quality and strength of a wireless signal at a specific location.
Scale: RSSI is usually measured on a scale from 0 to -100 dBm. Closer to 0 indicates a stronger signal, while values farther from 0 (more negative) indicate weaker signals.
Usage: It’s commonly used in Wi-Fi networks, cellular networks, and other wireless communication systems to assess signal quality and troubleshoot connectivity issues.
Interpretation:
-30 to -50 dBm: Excellent signal strength.
-51 dBm to -70 dBm: Good signal strength, typically sufficient for reliable connections.
-71 dBm to -90 dBm: Weak signal, may result in poor performance or connectivity issues.
-91 dBm and below: Very weak signal, likely to cause significant connectivity problems.
RSSI is essential for maintaining and optimizing wireless network performance.

Question 32

A junior network engineer receives a new router to configure. Which two configuration tasks should the engineer perform BEFORE copying a standard configuration template onto the router?

Answer 32

Update the Firmware
Change the default username and password
These foundational steps enhance security and ensure compatibility with the configuration template.

Question 33

A network administrator needs to ensure network availability by sending status, diagnostic, and event information from network nodes to a centralized server. Which technology should the administrator use?
A. Syslog
B. Nmap
C. RADIUS
D. FHRP

Answer 33

Syslog
Syslog is used for sending status, diagnostics, and event information from network nodes to a centralized server for monitoring and maintaining network availability.

Question 34

Syslog

Answer 34

Is a standard for logging program messages. It’s widely used in computing to collect and store log data from various devices and applications in a central location. This makes it easier to monitor, troubleshoot, and analyze system events.
Syslog messages are categorized by facility codes (indicating the type of system generating the message) and severity levels (indicating the importance of the message). It’s a versatile protocol that supports different transport methods, including UDP and TCP.

Question 35

UDP

Answer 35

User Datagram Protocol
Connectionless: Doesn’t establish a connection before sending data; simply sends data packets.
Faster: Minimal latency due to the absence of connection setup.
Unreliable: No guarantee that packets will arrive in order or at all; no error-checking or recovery.
Use cases: Ideal for applications requiring fast transmission, such as live streaming, online gaming and VOIP.

Question 36

TCP

Answer 36

Transmission Control Protocol
Connection-oriented: Establishes a connection before data transmission, ensuring both parties are ready to communicate.
Reliable: Guarantees the delivery of packets in the correct order, using error-checking and recovery mechanisms.
Slower: Higher latency due to connection setup and error handling.
Use cases: Suitable for applications needing accurate and reliable data delivery, such as web browsing, email, and file transfer.

Question 37

The marketing team uses a SaaS service to store raw video files. The team reports slow access to some resources on the SaaS platform. What should the network team do?
A. Deploy a SAN network
B. Verify the ACL on the firewall
C. Migrate all users to a PaaS solution
D. Check the bandwidth

Answer 37

Check the bandwidth
Slow access could be due to insufficient bandwidth, so analyzing bandwidth usage can help determine if there’s a bottleneck and allow for optimization.

Question 38

Bandwidth

Answer 38

Is the maximum rate at which data can be transmitted over a network. Think of it as width of a highway: the wider it is, the more cars can travel on it at once. Similarly, higher bandwidth allows more data to be sent or received simultaneously.
UDP and TCP Bandwidth Use
UDP is like a fast car speeding down the highway. It’s quick but doesn’t worry about checking the route or making route or making sure all the passengers (data packets) arrive safely. This can be more efficient in terms of bandwidth, especially for real-time applications where speed is crucial.
TCP, on the other hand, is like a well-organized convoy. It ensures every car follows the rules of the road, double-checks the route, and makes sure every passenger reaches the destination in order. This process uses more bandwidth due to the additional data overhead, such as error-checking and acknowledgement packets.

Question 39

A company wants to configure a site-to-site VPN link between two offices. Users in each office should have access to resources in the other office, including shared folders and network services. What type of VPN should the company use?
A. PPTP VPN
B. IPSec VPN
C. TLS VPN
D. SSL VPN

Answer 39

IPSec VPN
These are ideal for securing communication between networks, providing encryption and authentication for site-to-site connections

Question 40

IPSec VPN

Answer 40

Internet Protocol Security Virtual Private Network is a type of VPN that uses the IPSec protocol to create a secure, encrypted tunnel over the internet. This tunnel ensures that data transmitted between devices or networks is protected from eavesdropping and tampering.
Tunneling: Data is encapsulated within an IP packet, creating a “tunnel” that encrypts the data as it travels over the internet.
Authentication: IPSec verifies the identity of the communicating parties to ensure that data is being sent and received by trusted sources.
Encryption: Data is encrypted to protect it from unauthorized access. This ensures that even if data is intercepted, it cannot be read without the decryption key.
Tunnel Mode: Encapsulates the entire IP packet, making it suitable for gateway-to-gateway or host-to-gateway connections.
Transport Mode: Only encrypts the payload of the IP packet, used for end-to-end communication between two hosts.
Provides robust encryption and authentication, ensuring data integrity and confidentiality.
Can be used for site-to-site VPNs (connecting two networks) or remote access VPNs (connecting individual users to a network).
Works with various network types and devices, making it a versatile solution for secure communication.

Question 41

Which network device uses ASICs to handle the packet switching for inter-VLAN communication?
A. L2 switch
B. L4 router
C. L3 switch
D. Firewall

Answer 41

L3 switch
Use Application-Specific Integrated Circuits (ASICs) to handle packet switching for inter-VLAN communication efficiently

Question 42

L3 switch

Answer 42

Layer 3 Switch is a network device that combines the functionalities of both a router and a traditional Layer 2 switch. This means it can perform switching (Layer 2) and routing (Layer 3) operations.
Key Features of a Layer 3 switch
Routing Capabilities: Unlike Layer 2 switches, L3 switches can route traffic between different subnets, making them ideal for larger and more complex networks.
VLAN Support: They can route traffic between VLANs without needing an additional router.
High Performance: L3 switches offer faster data processing and lower latency compared to traditional routers because they operate at Layer 2 for switching and Layer 3 for routing.
Cost-Effective: By combining routing and switching in one device, L3 switches can reduce the need for multiple devices, leading to cost savings.
Inter-VLAN Routing: Facilitates communication between VLANs with an organization.
Network Segmentation: Helps in segmenting a network into smaller, more manageable parts for better performance and security.
Redundancy and Load Balancing: Can be used to implement redundancy and load balancing in a network to improve reliability and efficiency.

Question 43

A user reports odd behavior when attempting to access network resources from their Windows laptop. While reviewing the laptop’s configuration, a network technician discovers that the hosts file has been modified. Which type of attack has the security administrator likely uncovered?
A. DNS poisoning
B. MAC spoofing
C. Domain hijacking
D. On-path attack

Answer 43

DNS poisoning
Modifying the hosts file a common tactic in DNS poisoning to redirect traffic to malicious sites

Question 44

A network administrator is troubleshooting poor wireless performance used for a building-to-building backhaul and suspects the WAP antenna needs to be replaced. Which antenna type should the administrator deploy to maximize gain?
A. Parabolic dish
B. Omnidirectional
C. Yagi
D. Directional

Answer 44

Parabolic dish
These antennas are highly directional and provide high gain, making them ideal for long-distance, point-to point wireless links