Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Jimbo's Net+ Study Questions > Udemy Net+ Practice Test 2 > Flashcards

Udemy Net+ Practice Test 2 Flashcards

1
Q

Which of the following types of fire suppression systems utilizes a sprinkler system with water to extinguish a fire but requires both an actuator and the sprinklers to be tripped prior to water being released?

  • pre-action system
  • HVAC system
  • clean agent system
  • wet pipe system
A

pre-action system

A pre-action system minimizes the risk of accidental release from a wet pipe system. With a pre-action system, both a detector actuation like a smoke detector and a sprinkler must be tripped prior to water being released. A wet pipe system is the most basic type of fire suppression system, and it involved using a sprinkler system and pipes that always contain water in the pipes. Special suppression systems, like a clean agent system, use either a halocarbon agent or inert gas. When releases, the agents will displace the oxygen in the room with the inert gas and suffocates the fire.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What remediation strategies are the MOST effective in reducing the risk to an embedded ICS from a network-based compromise? (Select TWO)

  • disabling unused services
  • segmentation
  • NIDS
  • patching
A

disabling unused services
segmentation

Segmentation is the best method to reduce the risk to an embedded ICS system from a network-based compromise. Additionally, you could disable unused services to reduce the footprint of the embedded ICS. Many of these embedded ICS systems have a large number of default services running. So, by disabling the unused services, we can better secure these devices. By segmenting the devices off the main portion of the network, we can also better protect them. A NIDS might detect an attack or compromise, but it would not reduce the risk of the attack succeeding since it can only detect it. Patching is difficult for embedded ICS devices since they usually rely on customized software applications that rarely provide updates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The network administrator is troubleshooting the switchports for a file server with dual NICs. The file server needs to be configured for redundancy, and the dual NICs need to be combined for maximum throughput. What feature on the switch should the network administrator ensure is enabled for best results?

  • LACP
  • BPDU
  • spanning tree
  • load balancing
A

LACP

The Link Aggregation Control Protocol (LACP) is the 802.3ad protocol is used to group numerous physical ports to make one high bandwidth path. This method can increase bandwidth and therefore, throughput. LACP can also provide network redundancy and load balancing. The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that result from them. STP is defined in the IEEE 802.1d standard. A Bridge Protocol Data Unit (BPDU) is used by STP to prevent the bridge loops. Load balancing refers to the process of distributing a set of tasks over a set of resources, with the aim of making their overall processing more efficient. Load balancing can optimize the response time and avoid unevenly overloading some compute nodes while other compute nodes are left idle.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following encryption types was used by WPA to better secure wireless networks than WEP?

  • TKIP
  • AES
  • CCMP
  • IV
A

TKIP

Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications designed to replace WEP. WPA uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme. Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key. Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You are troubleshooting a point-to-point microwave link between two buildings that is supposed to operate at 1800 MHz. You suspect there is an issue with the frequency as it is transmitted or received. Which of the following tools would you use to observe the frequency as it is transmitted or received?

  • Wifi analyzer
  • time domain reflectometer
  • spectrum analyzer
  • tone generator
A

spectrum analyzer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Dion Training is concerned with the threat of an attacker modifying the MAC address to IP bindings within the local area network. Which of the following could be enabled on the company’s network to prevent this from occurring?

  • Private VLAN
  • Router Advertisement Guard
  • DHCP Snooping
  • Dynamic ARP Inspection
A

Dynamic ARP Inspection (DAI) is a security feature that validates Address Resolution Protocol (ARP) packets in a network. DAI allows a network administrator to intercept, log, and discard ARP packets with invalid MAC address to IP address bindings. A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2). Port mirroring, ARP inspection, and VLANs do not add any redundancy to the network. DHCP snooping is a series of techniques applied to improve the security of a DHCP infrastructure. When DHCP servers are allocating IP addresses to the LAN clients, DHCP snooping can be configured on LAN switches to prevent malicious or malformed DHCP traffic or rogue DHCP servers. The IPv6 Router Advertisement Guard feature provides support for allowing the network administrator to block or reject unwanted or rogue router advertisement guard messages that arrive at the network device platform.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following components is used to identify a variable that may be set or read using SNMP?

  • MIB
  • Verbose Trap
  • OID
  • Granular Trap
A

OID

A unique objective identifier (OID) identifies a variable that can be read or set using the SNMP protocol.
The management information base (MIB) is a translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID).
A trap is an asynchronous notification from the agent to the manager. A trap is sent by the agent to notify the management of a significant event that is occurring in real-time, such as an alarming condition. A granular trap contains a unique object identifier (OID) number and a value for that OID. A verbose trap may contain all the information about a given alert or event as its payload. A verbose trap contains more information and data than a granular trap, and therefore requires more bandwidth to send the verbose trap over the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Mark is setting up a DHCP server on a segment of the corporate LAN. Which of the following options is NOT required in the DHCP scope to allow hosts on that LAN segment to be assigned a dynamic IP address and still be able to access the Internet and internal company servers?

  • subnet mask
  • default gateway
  • reservations
  • DNS servers
A

reservations

Don’t confuse reservations with leases. DHCP reservations allow the DHCP server to pre-set an IP address to a specific client based on its MAC address. This ensures that the client will always get the same IP address from the DHCP server when it connects to the network. DHCP reservations are usually used with servers or printers so that those devices can be configured for DHCP but they always retain the same IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The administrator modifies a rule on the firewall, and now all the FTP users cannot access the server any longer. The manager calls the administrator and asks what caused the extreme downtime for the server. In regards to the manager’s inquiry, what did the administrator forget to do first?

  • document the changes
  • schedule a maintenance window
  • submit a change request
  • provide notification of change to users
A

submit a change request

A change request should be submitted through the change management process prior to any changes being made. Change management is a systematic approach to dealing with the transition or transformation of an organization’s goals, processes, or technologies.
Notification of the change is communicated as part of the change management process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

While troubleshooting, a technician notices that some clients using FTP still work and that pings to the local routers and servers are working. The technician tries to ping all known nodes on the network, and they reply positively, except for one of the servers. The technician notices that ping works only when the hostname is used but not when FQDN is used. What server is MOST likely offline?

A

DNS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Difference between DNS and WINS

A

DNS resolves FQDN to IP addresses
WINS resolves NetBIOS names to IP addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Your network relies on the use of ATM cells. At which layer of the OSI model do ATM cells operate?
- Network
- Transport
- Data Link
- Session

A

Data Link

In the data link layer (layer 2) of the OSI model, the basic unit of transfer is called a frame. In an ATM network, though, these frames are called cells and are of a fixed (53 octets or bytes) length that allows for faster switching of the cells across the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following technologies deliver multiple voice calls over a copper wire if you have an ISDN or T-1 connection?

  • Analog circuit switching
  • CSMA/CD
  • Time-division multiplexing
  • Time-division spread spectrum
A

Time division multiplexing

Time-division multiplexing allows for two or more signals or bitstreams to be transferred in what appears to be simultaneous sub-channels in one communication channel but is physically taking turns on the channel. This is the technology used in a single PRI (ISDN or T-1) service to essentially share a single cable but pass multiple voice calls over it. Analog circuit switching is used by telephone providers on the Public Switched Telephone Network (PSTN), not with ISDN or T-1 connections. Time-division spread spectrum is not a real thing, spread spectrum is used in Wi-Fi, but it is based on frequency and not time. CSMA/CD is the carrier sense multiple access collision detection that is used for ethernet access at layer 2 of the OSI model. CSMA/CD is not used with ISDN or T-1 connections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A network administrator needs to install a centrally located firewall that needs to block specific incoming and outgoing IP addresses without denying legitimate return traffic. Which type of firewall should the administrator install?

  • host based stateful firewall
  • stateful network-based firewall
  • stateless network based firewall
  • host based stateless firewall
A

stateful network based

A stateful firewall enhances security through packet filtering, and these types of firewalls also keep track of outbound requests and open the port for the returning traffic to enter the network. Since a centrally located firewall was required by the question, a network-based firewall should be chosen instead of a host-based firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A technician is tasked with troubleshooting a network’s slowness. While troubleshooting, the technician is unable to ping any external websites. Users report they can access the sites using the web browsers. What is the MOST likely cause of the failed pings?

  • jumbo frames are not enabled
  • vlan hopping attack in progress
  • TACACS+ is misconfigured
  • ICMP traffic is blocked
A

ICMP traffic is blocked

Many companies block ICMP at the firewall, causing ping to fail since it relies on ICMP. If the user can access the site in the web browser but cannot when using ping, then ICMP is most likely being blocked by the firewall. Jumbo frames are any frames larger than 1500 bytes, which is the default MTU size on most networks. VLANs are logical segments of the local area network. TACACS+ is used for remote authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following provides accounting, authorization, and authentication via a centralized privileged database, as well as challenge/response and password encryption?

  • TACACS+
  • MFA
  • NAC
  • ISAKMP
A

TACACS+

TACACS+ is a AAA (accounting, authorization, and authentication) protocol to provide AAA services for access to routers, network access points, and other networking devices. TACACS+ is a remote authentication protocol, which allows a remote access server to communicate with an authentication server to validate user access onto the network. TACACS+ allows a client to accept a username and password, and pass a query to a TACACS+ authentication server. Multifactor authentication is an authentication scheme that works based on something you know, something you have, something you are, something you do, or somewhere you are. These schemes can be made stronger by combining them (for example, protecting the use of a smart card certification [something you have] with a PIN [something you know]). Network Access Control (NAC) is a means of ensuring endpoint security by ensuring that all devices connecting to the network conform to a health policy such as its patch level, antivirus/firewall configuration, and other factors. Internet Security Association and Key Management Protocol (ISAKMP) is used for negotiating, establishing, modification, and deletion of SAs and related parameters in the IPSec protocol.

17
Q

Which of the following layers within software-defined networking focuses on resource requests or information about the network?

  • control
  • management
  • application
  • infrastructure
A

application layer

Application layer is where your load balancer, firewall and other specialized network equipment resides. The application layer focuses on the communication resource requests or information about the network. Applications make generic calls for resources or information to control layer, without having to manually manage the things the control layer is doing.

The control layer uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to.

The infrastructure layer contains the virtual switches that receive information from the control layer about where to move the data and then perform those movements.

The management plane is used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations. might be considered part of the application layer.

18
Q

A user’s smartphone is displaying text in other languages in their web browser when accessing the company’s main website. Which of the following is the MOST likely cause of the issue?
- DOS
- Reflective DNS
- Deauthentication
- on-path

A

on-path attack

An on-path attack (previously known as a man-in-the-middle attack) is a general term when a perpetrator positions himself in a conversation between a user and an application, either to eavesdrop or impersonate one of the parties, making it appear as if a normal exchange of information is occurring. For example, if your user and server are both in the United States (English language), but the attacker is performing the on-path attack from Russia, then the server will utilize the Russian language in the text since it sees the connection coming from a Russian IP address. A denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. A reflective DNS attack is a two-step attack used in DDoS attacks. The attacker sends a large number of requests to one or more legitimate DNS servers while using a spoofed source IP of the targeted victim. The DNS server then replies to the spoofed IP and unknowingly floods the targeted victim with responses to DNS requests that it never sent. A Wi-Fi deauthentication attack is a type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point by sending a deauthentication frame to the victim’s machine.

19
Q

You suspect that your server has been the victim of a web-based attack. Which of the following ports would most likely be seen in the logs to indicate the attack’s target?
- 21
- 3389
- 389
- 443

A

443

Web-based attacks would likely appear on port 80 (HTTP) or port 443 (HTTPS). An attack against Active Directory is likely to be observed on port 389 LDAP. An attack on an FTP server is likely to be observed on port 21 (FTP). An attack using the remote desktop protocol would be observed on port 3389 (RDP).

20
Q

Dion Training allows its visiting business partners from CompTIA to use an available Ethernet port in their conference room to establish a VPN connection back to the CompTIA internal network. The CompTIA employees should obtain internet access from the Ethernet port in the conference room, but nowhere else in the building. Additionally, if any of the Dion Training employees use the same Ethernet port in the conference room, they should access Dion Training’s secure internal network. Which of the following technologies would allow you to configure this port and support both requirements?

  • Create an ACL to allow access
  • MAC filtering
  • Implement NAC
  • Configure a SIEM
A

Implement NAC

Network Access Control (NAC) uses a set of protocols to define and implement a policy that describes how to secure access to network nodes whenever a device initially attempts to access the network. NAC can utilize an automatic remediation process by fixing non-compliant hosts before allowing network access. Network Access Control can control access to a network with policies, including pre-admission endpoint security policy checks and post-admission controls over where users and devices can go on a network and what they can do. In this scenario, implementing NAC can identify which machines are known and trusted Dion Training assets and provide them with access to the secure internal network. NAC could also determine unknown machines (assumed to be those of CompTIA employees) and provide them with direct internet access only by placing them onto a guest network or VLAN. While MAC filtering could be used to allow or deny access to the network, it cannot by itself control which set of network resources could be utilized from a single ethernet port. A security information and event management (SIEM) system provides real-time analysis of security alerts generated by applications and network hardware. An access control list could define what ports, protocols, or IP addresses the ethernet port could be utilized. Still, it would be unable to distinguish between a Dion Training employee’s laptop and a CompTIA employee’s laptop like a NAC implementation could.

21
Q

You typed IPCONFIG at the command prompt and find out your IP is 192.168.1.24. You then go to Google.com and search for “what is my IP,” and it returns a value of 35.25.52.11. How do you explain why your computer has two different IP addresses?

  • this is caused by how a switch handles IP addresses
  • this is caused because your gateway is conducting NAT or PAT
  • this is caused by the way routers handle IP addresses
  • this is caused by the way traffic is routed over the internet
A

this is caused because your gateway is conducting NAT or PAT

Your computer network uses a private IP address for machines within the network and assigns a public IP address for traffic being routed over the network using either NAT or PAT. Most small office home office (SOHO) networks utilize a single public IP for all of their devices and use a technique known as PAT to associate the public IP with each internal client’s private IP when needed. Network Address Translation (NAT) and Port Address Translation (PAT) allow multiple devices on a LAN to be mapped to a single public IP address to conserve IP address. In NAT, private IP addresses are translated into public IP addresses. In PAT, private IP addresses are translated into a single public IP address and their traffic is segregated by port numbers.

22
Q

An organization has hired you to upgrade its wired computer network. The network currently uses static routing for the internal network, but the organization wants to reconfigure it to use a dynamic routing protocol. The new dynamic routing protocol must support both IPv4 and VLSM. Based on the requirements provided, which of the following routing protocols should you enable and configure?

  • OSPF
  • VRRP
  • RIPv1
  • HSRP
A

OSPF

Only OSPF supports IPv4 and VLSM (Variable Length Subnet Mask) from the options provided in this question. Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol (IGP). VRRP, RIPv1, and HSRP do not support VLSM. The Virtual Router Redundancy Protocol is a computer networking protocol that provides for automatic assignment of available Internet Protocol routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork. The Hot Standby Router Protocol is a Cisco proprietary redundancy protocol for establishing a fault-tolerant default gateway. The Routing Information Protocol (RIP) is one of the oldest distance-vector routing protocols which employs the hop count as a routing metric. RIP prevents routing loops by implementing a limit on the number of hops allowed in a path from source to destination. While RIPv1 does not support VLSM, RIPv2 does support VLSM but was not an option in this question.

23
Q

Which of the following authentication protocols was developed by Cisco to provide authentication, authorization, and accounting services?

  • RADIUS
  • Kerberos
  • CHAP
  • TACACS+
A

TACACS+

TACACS+ is an extension to TACACS (Terminal Access Controller Access Control System) and was developed as a proprietary protocol by Cisco. The Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that operates on port 1812 and provides centralized Authentication, Authorization, and Accounting management for users who connect and use a network service, but Cisco did not develop it. Kerberos is a network authentication protocol designed to provide strong mutual authentication for client/server applications using secret-key cryptography developed by MIT. Challenge-Handshake Authentication Protocol (CHAP) is used to authenticate a user or network host to an authenticating entity. CHAP is an authentication protocol but does not provide authorization or accounting services.

24
Q

Tamera is troubleshooting a mail server connectivity issue and needs to review the MX records for DionTraining.com. Which of the following tools should she utilize?

  • route
  • nslookup
  • telnet
  • arp
A

nslookup

The nslookup command is used to query the domain name system (DNS) to obtain information about host addresses, mail exchanges, nameservers, and related information. The nslookup command has an interactive and non-interactive mode. The arp command is used to view and modify the local address resolution protocol (ARP) cache of a device, which contains recently resolved MAC addresses of IP hosts on the network. The route command is used to create, view, or modify manual entries in the network routing tables of a computer or server. The telnet command is used to open a command-line interface on a remote computer or server. Telnet operates in plain text mode and should never be used over an untrusted or public network.

25
Q

You have installed and configured a new wireless router. The clients and hosts can ping each other. The network uses a fiber optic WAN connection with 1 Gbps throughput. The wired clients have fast connections, but the wireless clients are displaying high latency when a ping is performed. The wireless clients are also only receiving 300 Mbps when downloading files from the Internet. Which of the following is MOST likely the cause of the slow speeds experienced by the wireless clients?

  • the network should use 802.11g WAPs to increase throughput
  • the wireless access point is experiencing RF interference
  • a fiber connection does not support wireless
  • a high signal to noise ratio on the wireless network
A

RF interference

If interference in the wireless spectrum occurs, more retransmissions will be needed (and thereby slowing speeds experienced and increasing latency). A high signal-to-noise ratio is a good thing on wireless networks and leads to faster speeds and lower retransmissions. The fiber connection itself is only used for the WAN connection, therefore you can use wired or wireless infrastructure for your internal LAN and connect the LAN to the WAN connection at the router. The wireless network is already getting throughputs of 300 Mbps, so it must be using 802.11n, 802.11ac, or 802.11ax for its wireless access points. If you switched to 802.11g, you would slow down the wireless network more since it has a maximum throughput of 54 Mbps.

Jimbo's Net+ Study Questions (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions