Udemy Net+ Practice Test 1 Flashcards

1
Q

You are installing a new LAN in a building your company just purchased. The building is older, but your company has decided to install a brand new Cat 6a network in it before moving in. You are trying to determine whether to purchase plenum or PVC cabling. Which environmental conditions should be considered before making the purchase?

  • Workstation models
  • Floor composition
  • Window Placement
  • Air Duct placement
A

air duct placement

If you have a plenum area in the ceiling containing the air ducts, you will need to use plenum-rated cables in your cable trays to prevent creating a dangerous environment for your users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

Which of the following types of network documentation would provide a drawing of the network cabling imposed over the floorplan for an office building?
- Wiring Diagram
- Logical Network Diagram
- Site Survey Report
- Physical Network Diagram

A

Wiring Diagram

Physical = routers, switches, servers
Logical = flow of data across a network: subnets, network objects, protocols and domains
Wiring = which cables connect to which ports
Site Survey = wireless heatmap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following technologies could be used to ensure that users who log in to a network are physically in the same building as the network they are attempting to authenticate on? (SELECT TWO)

  • Geo-IP
  • NAC
  • GPS Location
  • Port Security
A

NAC
GPS Location

Network Access Control is used to identify an endpoint’s characteristics when conducting network authentication.
The GPS location of the device will provide the longitude and latitude of the user, which could be compared against the GPS coordinates of the building.
Geo-IP only identifies country of origin, and is easily tricked by VPNs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A technician is configuring a computer lab for the students at Dion Training. The computers need to be able to communicate with each other on the internal network, but students using computers should not be able to access the Internet. The current network architecture is segmented using a triple-homed firewall to create the following zones:

ZONE INTERFACE, IP address

PUBLIC, eth0, 66.13.24.16/30

INSTRUCTORS, eth1, 172.16.1.1/24

STUDENTS, eth2, 192.168.1.1/24

What rule on the firewall should the technician configure to prevent students from accessing the Internet?

  • Deny all from eth2 to eth1
  • Deny all from eth1 to eth0
  • Deny all from eth0 to eth2
  • Deny all from eth2 to eth0
A

Deny eth2 to eth0

By denying all traffic from the eth2 to eth0, you will block network traffic from the internal (STUDENT) network to the external (PUBLIC) network over the WAN connection. This will prevent the students from accessing the Internet by blocking all requests to the Internet. For additional security, it would be a good idea to also block all traffic from eth0 to eth2 so that inbound traffic from the internet cannot communicate with the student’s computers. But, since the outbound connections from the students to the internet are being blocked, the student will be unable to access any webpages since they cannot send a request over port 80 or 443. Additionally, by choosing this rule, we have not blocked any network traffic between the instructors and the students.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a common technique used by malicious individuals to perform an on-path attack on a wireless network?

  • Session hijacking
  • ARP Spoofing
  • Evil twin
  • Amplified DNS attacks
A

Evil Twin

ARP spoofing, session hijacking, and amplified DNS attacks are not techniques specific to attacking wireless networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A technician just completed a new external website and set up an access control list on the firewall. After some testing, only users outside the internal network can access the site. The website responds to a ping from the internal network and resolves the proper public address. What can the technician do to fix this issue while causing internal users to route to the website using its internal IP address?

  • Configure the firewall to support dynamic NAT
  • Adjust the ACL on the firewall’s internal interface
  • Place the server in a screened subnet or DMZ
  • Implement a split-horizon or split-view DNS
A

Split DNS

Split DNS is an implementation in which separate DNS servers are provided for security and privacy management for internal and external networks.

Dynamic NAT is a many-to-one mapping of a private IP address or subnets inside a local area network to a public IP address or subnet outside the local area network. The traffic from different zones and subnets over trusted (inside) IP addresses in the LAN segment is sent over a single public (outside) IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A network technician connects three temporary office trailers with a point-to-multipoint microwave radio solution in a wooded area. The microwave radios are up, and the network technician can ping network devices in all of the office trailers. However, users are complaining that they are experiencing sporadic connectivity. What is the MOST likely cause of this issue?

  • Latency
  • Interference
  • Throttling
  • Split Horizon
A

Interference

Microwave is light, it requires direct line of sight between the antennas.
Split horizon is a form of route advertisement that prohibits a router from advertising back a route to the same interface from which it learned it – it prevents loops.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You are performing a high-availability test of a system. As part of the test, you create an interruption on the fiber connection to the network, but the network traffic was not re-routed automatically. Which type of routing is the system utilizing?

  • Distance Vector
  • Hybrid
  • Static
  • Dynamic
A

Static

Static routing is a form of routing that occurs when a router uses a manually configured routing entry, rather than information from dynamic routing traffic. Static routes must be configured and re-routed manually during an issue. Dynamic routing, also called adaptive routing, is a process where a router can forward data via a different route or given destination based on the current conditions of the communication circuits within a system. If dynamic routing was used, the router would have automatically routed the traffic to another link or connection on the network. Hybrid routing is a combination of distance-vector routing. Hybrid routing shares its knowledge of the entire network with its neighbors and link-state routing. If a connection is lost, hybrid routing protocols are dynamic and can adjust the advertised routes automatically. A distance-vector routing protocol requires that a router inform its neighbors of topology changes periodically. A distance-vector protocol is a form of dynamic routing and would automatically adjust when the fiber connection or link is lost.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

An administrator has configured a new 250 Mbps WAN circuit, but a bandwidth speed test shows poor performance when downloading larger files. The download initially reaches close to 250 Mbps but begins to drop and show spikes in the download speeds over time. The administrator checks the interface on the router and sees the following:

DIONRTR01# show interface eth 1/1

GigabitEthernet 1/1 is up, line is up

Hardware is GigabitEthernet, address is 000F.33CC.F13A

Configured speed auto, actual 1Gbit, configured duplex fdx, actual fdx

Member of L2 VLAN 1, port is untagged, port state is forwarding

Which of the following actions should be taken to improve the network performance for this WAN connection?

  • Assign the interface a 802.1q tag to its own VLAN
  • Configure the interface to use full duplex
  • Replace eth1/1 with a 1000Base-T transceiver
  • Shutdown and re-enable this interface
A

Assign the interface a 802.1q tag to its own VLAN

The WAN interface (eth 1/1) is currently untagged and is being assigned to the default VLAN (VLAN 1). If there are numerous devices in the default VLAN, the VLAN may be overloaded or oversubscribed leading to a reduction in the network performance. To solve this issue, you would assign the WAN interface to a VLAN with less traffic or to its own VLAN. By adding an 802.1q tag (VLAN tag) to the interface, you can assign it to its own individual VLAN and eliminate potential overloading or oversubscription issues. The interface is already set to full-duplex (fdx) and it operating in full-duplex (fdx). Therefore, the issue is not a duplexing mismatch. The configuration shows that the interface is already using a GigabitEthernet, so you do not need to replace the transceiver with a 1000Base-T module. Also, the physical layer is working properly and a link is established, as shown by the output “GigabitEthernet 1/1 is up”, showing the current transceiver is functioning properly at 1 Gbps. While issuing the shutdown command and then re-enabling the interface could clear any errors, based on the interface status shown we have no indications that errors are being detected or reported.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Your company is currently using a 5 GHz wireless security system, so your boss has asked you to install a 2.4 GHz wireless network to use for the company’s computer network to prevent interference. Which of the following can NOT be installed to provide a 2.4 GHz wireless network?

  • 802.11n
  • 802.11b
  • 802.11g
  • 802.11ac
A

802.11ac

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Your company wants to create highly available datacenters. Which of the following will allow the company to continue maintaining an Internet presence at all sites if the WAN connection at their own site goes down?

  • BGP
  • OSPF
  • Load Balancer
  • VRRP
A

BGP

If a WAN link goes down, BGP will route data through another WAN link if redundant WAN links are available. Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information between autonomous systems (AS) on the Internet. The protocol is often classified as a path vector protocol but is sometimes also classed as a distance-vector routing protocol. Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol (IGP), therefore it will not help be able to reroute the organization’s WAN connections. The Virtual Router Redundancy Protocol (VRRP) is a computer networking protocol that provides for automatic assignment of available Internet Protocol routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork. VRRP is used for your internal clients and will not affect the routing of traffic between WANs or autonomous systems. Load balancing refers to the process of distributing a set of tasks over a set of resources, with the aim of making their overall processing more efficient. Load balancing can optimize the response time and avoid unevenly overloading some compute nodes while other compute nodes are left idle. A load balancer would work at one site, but would not allow routing of the WAN connections at all the other sites since they rely on autonomous systems and BGP is used to route traffic between autonomous systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Dion Training is trying to connect two geographically dispersed offices using a VPN connection. You have been asked to configure their networks to allow VPN traffic into the network. Which device should you configure FIRST?

  • Modem
  • Router
  • Firewall
  • Switch
A

Firewall

It’s the outermost device on the network.

By allowing the VPN connection through the firewall, the two networks can be connected and function as a single intranet (internal network). After configuring the firewall, you will need to verify the router is properly configured to route traffic between the two sites using the site-to-site VPN connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

When a criminal or government investigation is underway, what describes the identification, recovery, or exchange of electronic information relevant to that investigation?

  • eDiscovery
  • Encryption
  • Data transport
  • First Responder
A

eDiscovery

eDiscovery is the term that refers to the process of evidence collection through digital forensics. eDiscovery is conducted during an incident response.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Rick is configuring a Windows computer to act as a jumpbox on his network. He implements static routing to control the networks and systems the jumpbox communicates with. Which of the following commands did he use to configure this on the Windows machine?

  • ip
  • nslookup
  • tracert
  • route
A

route

The route command is used to create, view, or modify manual entries in the network routing tables of a computer or server. The ip command is a suite of tools used for performing network administration tasks, such as displaying the current TCP/IP network configuration, refreshing the DHCP and DNS settings, assigning an IP address, and configuring TCP/IP settings for a given interface. The nslookup command is used to query the domain name system (DNS) to obtain information about host addresses, mail exchanges, nameservers, and related information. The nslookup command has an interactive and non-interactive mode. The tracert command is used on Windows devices to show details about the path that a packet takes from a host to a target and displays information about each hop in the path.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A workstation is connected to the network and receives an APIPA address but cannot reach the VLAN gateway of 10.10.100.254. Other PCs in the VLAN subnet can communicate with the VLAN gateway and access websites on the Internet. Which of the following is the MOST likely the source of this connectivity problem?

  • The workstations OS updates have not been installed
  • APIPA has been misconfigured on the switch
  • The switchport is configured for 802.1q trunking
  • The workstations NIC has a bad SFP module
A

switchport is configured for 802.1q trunking

If the switchport is configured for 802.1q trunking instead of as an access host port, the workstation will be unable to reach the DHCP server through the port and will fall back to using an APIPA address.
APIPA is not configured on the VLAN’s switch, it is configured by default on client and server devices, such as the workstation in this scenario.
A small form-factor pluggable (SFP) transceiver is used on routers as a hot-pluggable network interface module, they are not used in workstations.
The workstation’s OS update status is unlikely to cause the network connectivity issue, but a network interface driver might.
Therefore, the most likely cause of this issue is the switchport was configured as a trunking port instead of an access port.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A technician has finished configuring AAA on a new network device. However, the technician cannot log into the device with LDAP credentials but can with a local user account. What is the MOST likely reason for the problem?

  • Username is misspelled in the device config file
  • Shared secret key is mismatched
  • Group policy has not propogated to the device
  • IDS is blocking RADIUS
A

IDS is blocking RADIUS

AAA through RADIUS uses a Server Secret Key (a shared secret key). A secret key mismatch could cause login problems. A shared secret is a text string that serves as a password between hosts.

16
Q

You are configuring a point-to-point link between two routers and have been assigned an IP of 77.81.12.14/30. What is the network ID associated with this IP assignment?

  • x.x.x.12
  • x.x.x.13
  • x.x.x.14
  • x.x.x.15
A

77.81.12.12

/30, so each subnet will contain 4 IP addresses
0-3
4-7
8-11
12-15 (this is ours)

Network ID is first, so .12
First available (gateway) is .13
Broadcast is last, so .15

17
Q

Andy is a network technician who is preparing to configure a company’s network. He has installed a firewall to segment his network into an internal network, a DMZ or screen subnet, and an external network. No hosts on the internal network should be directly accessible by their IP address from the Internet, but they should be able to reach remote networks if they have been assigned an IP address within the network. Which of the following IP addressing solutions would work for this particular network configuration?

  • APIPA
  • Classless
  • Private
  • Teredo Tunneling
A

Private

Don’t overthink it. A private IP address is an IP address reserved for internal use behind a router, apart from the public.

18
Q

Which of the following type of network models requires the use of specialized computers that utilize networking operating systems to provide services to other networked devices that request services from them over an enterprise network?

  • Peer to peer
  • Client server
  • Hub and spoke
  • Point to point
A

Client server

A client-server network model utilizes specific devices (servers) to provide services to requesters (clients).
A hub and spoke topology is a network topology where a central device (the hub) is connected to multiple other devices (the spokes).
These two sound basically the same, it’s probably that hub and spoke is old and doesn’t require a server as the hub.

19
Q

A company has a secondary datacenter in a remote location. The datacenter staff handles cable management and power management. The building’s security is also handled by the datacenter staff with little oversight from the company. Which of the following should the technician do to follow the best practices?

  • Secure the patch panels
  • Ensure power monitoring is enabled
  • Secure the UPS units
  • Ensure locking cabinets and racks are used
A

Locking cabinets and racks

20
Q

Which of the following levels would an error condition generate?

  • 1
  • 7
  • 5
  • 3
A

3

0 = Emergency
1 = Alert
2 = Critical
3 = Error
4 = Warning
5 = Notice
6 = Information
7 = Debugging

21
Q

Which of the following concepts is the MOST important for a company’s long-term health in the event of a disaster?

  • Vuln scanning
  • UPS
  • Acceptable Use Policy
  • Off-site backups
A

Off-site backups

All of the other options are good, too, but the MOST important is a good backup copy of your company’s data.

22
Q

An additional network segment is urgently needed for QA testing on the external network. A software release could be impacted if this change is not immediate. The request comes directly from management and was just approved through the emergency change management process. Which of the following should the technician do?

  • First document the potential impacts and procedures related to the change
  • Send out a notification to the company about the change
  • Wait until the maintenance window and make the requested change
  • Make the changes, document the requester, and document all requested network changes
A

make the changes, document the requester, and document all requested network changes

It came through the emergency change management process, which means the Emergency Change Approval Board (ECAB) approved the change.

23
Q

Which type of wireless technology are OFDM, QAM, and QPSK examples of?

  • Frequency
  • Spectrum
  • RF Interference
  • Modulation
A

Modulation

Modulation is the process of varying one or more properties of a periodic waveform, called the carrier signal, with a separate signal called the modulation signal that typically contains information to be transmitted. WiFi can use different digital modulation schemes for data transmission. Common types of modulation include Orthogonal frequency-division multiplexing (OFDM), Quadrature Amplitude Modulation (QAM), and Quadrature Phase-shift keying (PSK). Frequency is the number of occurrences of a repeating event per unit of time.

24
Q

What is the lowest layer (bottom layer) of a bare-metal virtualization environment?

  • Physical hardware
  • Guest Operating System
  • Host Operating System
  • Hypervisor
A

Physical hardware

The bottom layer is physical hardware in this environment. It is what sits beneath the hypervisor and controls access to guest operating systems.
A hypervisor is a program used to run and manage one or more virtual machines on a computer.
A host operating system is an operating system that is running the hypervisor. The bare-metal approach doesn’t have a host operating system.

25
Q

Jason is a network manager leading a project to deploy a SAN. He is working with the vendor’s support technician to set up and configure the SAN on the enterprise network to begin SAN I/O optimization. What should Jason provide to the vendor support technician?

  • Baseline documents
  • Access to the data center
  • Asset Management document
  • Network diagrams
A

Network diagrams

A network diagram is a visual representation of network architecture. It maps out the structure of a network with a variety of different symbols and line connections. This information will be important when deploying a Storage Area Network (SAN) on the enterprise network. A baseline is a process for studying the network at regular intervals to ensure that the network is working as designed. Asset management is used to record and track an asset throughout its life cycle, from procurement to disposal. Access to the datacenter will only be required if the vendor’s support technician will be physically working in the datacenter and not performing a remote installation.

26
Q

Which of the following terms represents the maximum amount of data, as measured in time, that an organization is willing to lose during an outage?

  • MTBF
  • RPO
  • RTO
  • MTTR
A

RPO

The recovery point objective (RPO) is the interval of time that might pass during a disruption before the quantity of data lost during that period exceeds the Business Continuity Plan’s maximum allowable threshold or tolerance.
The recovery time objective (RTO) is the duration of time and a service level within which a business process must be restored after a disaster to avoid unacceptable consequences associated with a break in continuity.
The mean time to repair (MTTR) measures the average time it takes to repair a network device when it breaks.
The mean time between failures (MTBF) measures the average time between when failures occur on a device.

27
Q

A home user reports to a network technician that the Internet is slow when they attempt to use their smartphone or laptop with their Wi-Fi network. The network administrator logs into the admin area of the user’s access point and discovers that multiple unknown devices are connected to it. What is MOST likely the cause of this issue?

  • connected to a botnet
  • evil twin
  • ARP poisoning
  • WPS attack
A

WPS attack

Wi-Fi Protected Setup (WPS) allows users to configure a wireless network without typing in the passphrase. Instead, users can configure devices by pressing buttons or by entering a short personal identification number (PIN). Unfortunately, WPS is fairly easy to hack and unknown devices can then connect to your network without permission. This is the most likely cause of the issue described in the question.

If it was an evil twin, the technician would not have been able to log in to the admin area of the device to see the connected devices.
ARP poisoning consists of abusing the weaknesses in ARP to corrupt the MAC-to-IP mappings of other devices on the network. This would not affect the number of devices connected to the access point, though, only the switching of their traffic once they connect.
A botnet is a collection of internet-connected devices infected by malware that allow hackers to control them. From the description in the question, there is no evidence that the user’s laptop or smartphone are infected with malware. Even if one was infected, it is unlikely they both would be infected with the same malware since laptops and smartphones run different operating systems.

28
Q

You work for Dion Training as a physical security manager. You are concerned that the physical security at the entrance to the company is not sufficient. To increase your security, you are determined to prevent piggybacking. What technique should you implement first?

  • CCTV to monitor the entrance
  • RFID badge reader
  • Require all employees to wear badges when entering
  • Access control vestibule
A

Install an access control vestibule

An access control vestibule, or mantrap, is a device that only allows a single person to enter per authentication. This authentication can be done by RFID, a PIN, or other methods. Once verified, the mantrap lets a single person enter through a system, such as a turnstile or rotating door. CCTV will not stop piggybacking, but it could be used as a detective control after an occurrence. Wearing security badges is useful, but it won’t stop piggybacking by a skilled social engineer. RFID badges may be used as part of your entry requirements, but it won’t stop a determined piggyback who follows an employee into the building after their authenticated RFID access has been performed.

29
Q

An offsite tape backup storage facility is involved with a forensic investigation. The facility has been told they cannot recycle their outdated tapes until the conclusion of the investigation. Which of the following is the MOST likely reason for this?
* chain of custody breach
* process of discovery
* notice of legal hold
* data transport request

A

notice of legal hold

A legal hold is a process that an organization uses to preserve all forms of relevant information when litigation is reasonably anticipated. If a legal hold notice has been given to the backup service, they will not destroy the old backup tapes until the hold is lifted.
The process of discovery is the formal process of exchanging information between the parties about the witnesses and evidence they will present at trial.
The chain of custody is the chronological documentation or paper trail that records the sequence of custody, control, transfer, analysis, and disposition of materials, including physical or electronic evidence.
A data transport request is a formalized request to initiate a data transfer by establishing a circuit or connection between two networks.

30
Q

Tamera just purchased a Wi-Fi-enabled Nest Thermostat for her home. She has hired you to install it, but she is worried about a hacker breaking into the thermostat since it is an IoT device. Which of the following is the BEST thing to do to mitigate Tamera’s security concerns? (Select TWO)

  • WPA2 encryption and long, strong password
  • Disable wireless connectivity to ensure a hacker cannot access it
  • put it on a screened subnet
  • WEP encryption
  • upgrade firmware to latest version
  • 2FA on device website
A
  • WPA2 encryption and long, strong password
  • put it on a screened subnet

The BEST options are to configure the thermostat to use the WPA2 encryption standard (if supported) and place any Internet of Things (IoT) devices into a DMZ/screened subnet to segregate them from the production network.
While enabling two-factor authentication on the device’s website is a good practice, it will not increase the IoT device’s security.
While disabling the wireless connectivity to the thermostat will ensure it cannot be hacked, it also will make the device ineffective for the customer’s normal operational needs.
WEP is considered a weak encryption scheme, so you should use WPA2 over WEP whenever possible.
Finally, upgrading the wireless access point’s firmware is good for security, but it isn’t specific to the IoT device’s security. Therefore, it is not one of the two BEST options.

31
Q

You are configuring a network to utilize SNMPv3 to send information from your network devices back to an SNMP manager. Which of the following SNMP options should you enable to ensure the data is transferred confidentially?

  • authNoPriv
  • authPriv
  • authProtect
  • authEncrypt
A

authPriv

In SNMPv3, the authPriv option ensures that the communications are sent with authentication and privacy. This uses MD5 and SHA for authentication and DES and AES for privacy and encryption.

32
Q

Michael, a system administrator, is troubleshooting an issue remotely accessing a new Windows server on the local area network using its hostname. He cannot remotely access the new server, but he can access another Windows server using its hostname on the same subnet. Which of the following commands should he enter on his workstation to resolve this connectivity issue?

  • nslooklup
  • ipconfig /flushdns
  • nbtstat -R
  • route print
A

nbtstat -R

NetBIOS stores hostname to IP address info, so we need to reload the NetBIOS cache with nbtstat -R.
Flush DNS is basically the same idea but with FQDN to IP address.

33
Q

Which of the following technologies combines the functionality of a firewall, malware scanner, and other security appliances into one device?

  • UTM
  • Syslog
  • IDS
  • IPS
A

UTM (UNIFIED THREAT MANAGEMENT)

OBJ-2.1: A Unified Threat Management (UTM) appliance enforces a variety of security-related measures, combining the work of a firewall, malware scanner, and intrusion detection/prevention. A UTM centralizes the threat management service, providing simpler configuration and reporting than isolated applications spread across several servers or devices. An intrusion detection system (IDS) is a device or software application that monitors a network or system for malicious activity or policy violations. Any malicious activity or violation is typically reported to an administrator or collected centrally using a security information and event management system. Unlike an IPS, which can stop malicious activity or policy violations, an IDS can only log these issues and not stop them. An intrusion prevention system (IPS) conducts the same functions as an IDS but can also block or take actions against malicious events. A Syslog server is a server that collects diagnostic and monitoring data from the hosts and network devices across a given network.

34
Q

The UPS that provides backup power to your server is malfunctioning because its internal battery has died. To replace the battery, you must shut down the server, unplug it from the UPS, and unplug the UPS from its power source (the wall outlet). You perform these actions but think that there has to be a better way to increase the server’s availability in the future. Which of the following recommendations would BEST increase the server’s availability based on your experience with this UPS battery replacement?

  • Replace the UPS with a generator
  • Add a redundant power supply to the server
  • Install a surge protector instead
  • Install a second UPS in the rack
A

add redundant power supply to the server

The BEST recommendation would be to install a redundant power supply in the server. Adding a second UPS would not solve the problem if the server still only has one power supply available. Switching from a UPS to a generator will not solve this issue, either, because generators also require scheduled maintenance and downtimes. Finally, adding a surge protector won’t provide power when you need to power off a UPS for a battery replacement.

35
Q

A system administrator wants to verify that external IP addresses cannot collect software versioning from servers on the network. Which of the following should the system administrator do to confirm the network is protected?

  • Review the id3 logs
  • use netstat to locate active connections
  • use Nmap to query known ports
  • analyze packet captures
A

analyze packet captures

Packet captures contain every packet that is sent and received by the network. By using a program like Wireshark to analyze the packet captures, you can see what kind of information and metadata is contained within the packets. By conducting this type of packet analysis, an attacker (or cybersecurity analyst) can determine if software versions are being sent as part of the packets and their associated metadata.

36
Q

Dion Training Solutions is launching their brand new website. The website needs to be continually accessible to our students and reachable 24x7. Which networking concept would BEST ensure that the website remains up at all times?

  • snapshots
  • cold site
  • high availability
  • warm site
A

high availability

OBJ-3.3: High availability is a concept that uses redundant technologies and processes to ensure that a system is up and accessible to the end-users at all times. Snapshots, warm sites, and cold sites may be useful for recovering from a disaster-type event, but they will not ensure high availability. High availability (HA) is a component of a technology system that eliminates single points of failure to ensure continuous operations or uptime for an extended period.