Networking Basics and Terminology

Question 1

Which network device transmits data between different networks by examining the destination network address in a packet?

Load balancer

Layer 2 switch

Router

Answer 1

Router

Routers examine the destination network address when receiving inbound traffic to transmit packets to different networks

Question 2

You have been asked to implement a router-based solution that allows inbound SSH traffic from a specific subnet. What should you configure?

NIC

ACL

Proxy

Answer 2

ACL

Access control lists (ACLs) determine what network traffic is allowed to flow through a router

Question 3

A busy web site has not been responding well because of the large volumes of HTTP connections to the web server. Which solution would increase web server performance?

Add more RAM to the web server.

Install two web servers hosting the same content. Configure a load balancer to distribute incoming HTTP connections between the two web servers.

Place a router between the web server and the Internet to throttle incoming HTTP connections.

Answer 3

Install two web servers hosting the same content. Configure a load balancer to distribute incoming HTTP connections between the two web servers.

Configuring multiple servers behind a load balancer allows for the distribution of incoming network traffic among those servers

Question 4

Which router security feature drops inbound traffic with a forged source address of an internal network?

Stateless packet inspection

Anti-malware

Anti-spoofing

Answer 4

Anti-spoofing

Anti-spoofing checks that the source IP of external traffic coming into a network does not match the IP range of an internal network; otherwise, this implies that the source IP address has been spoofed and should be dropped

Question 5

Your web application consists of two back-end servers fronted by a load balancer. As client requests come in you would like the first request to be sent to the first server, the next request to the second, and so on, in a circular pattern. Which load balancer scheduling algorithm should you configure?

Round robin

Weighted round robin

Random

Answer 5

Round robin

Round robin sends traffic to the first back-end node, then the second, the third, back to the first, and so on

Question 6

During an IT meeting, your colleague Raylee suggests that there is a single point of failure in the single load balancer in place for the company web site ordering system. She suggests having two load balancers configured, with only one in service at a given time. What type of load balancing configuration has Raylee described?

Round robin

Active-active

Active-passive

Answer 6

Active-passive

Active-passive configurations consist of two load balancers, one of which is active. When the active load balancer is unresponsive, the second load balancer takes over

Question 7

An active-passive load balancer solution is configured on your network. When the standby load balancer determines that the primary load balancer is down, what attribute does it take control of?

Load balancer MAC address

Load balancer IP address

First back-end server MAC address

Answer 7

Load balancer IP address

A virtual IP address is assigned to the active load balancer. This is the externally exposed addresses the DNS names must resolve to

Question 8

Which of the following statements regarding router ACLs is true?

Rules are processed in a top-down fashion.

Rules are processed in a bottom-up fashion.

The first rule should be a deny-all rule.

Answer 8

Rules are processed in a top-down fashion.

Router ACL rule sets are processed in a top-down fashion. If no rules are matched, then the last rule applies

Question 9

When writing router ACL rules, which general guideline should be followed?

Do not block traffic based on IP addresses.

The first rule should be a deny-all rule.

The last rule should be a deny-all rule.

Answer 9

The last rule should be a deny-all rule.

If there are no ACL rule matches, the last rule (deny all) will be applied to traffic

Question 10

Your network requires routers that can block traffic based on the MAC address. What type of ACL rule support must routers support?

Layer 1

Layer 2

Layer 3

Answer 10

Layer 2

Layer 2 of the OSI model deals with MAC, or hardware, addresses

Question 11

As part of a network security team, you need to capture network transmissions to and from all hosts on an Ethernet network switch. However, after plugging into switch port 24 and beginning a packet-capturing session, you see only broadcast and multicast transmissions from other hosts. What must you do?

Plug into switch port 1.

Configure switch port monitoring on port 24.

Configure switch port monitoring on port 1.

Answer 11

Configure switch port monitoring on port 24.

Most switches have a port-monitoring option whereby all switch traffic is copied to the specified port, in this case, port 24

Question 12

Which type of network device results in additional broadcast domains?

Hub

Layer 2 switch

Router

Answer 12

Router

Routers result in multiple broadcast domains; in other words, broadcast transmissions do not traverse routers

Question 13

IT staff stations initiate a large volume of network traffic to and from server 1 and server 2. All staff stations are plugged into four switches that are linked together. What should be done to make more efficient use of network bandwidth?

Place IT staff stations and the servers on their own VLAN.

Place server 1 and server 2 on separate VLANs.

Place a router between IT staff stations and the servers.

Answer 13

Place IT staff stations and the servers on their own VLAN.

Placing IT staff stations and servers 1 and 2 on their own VLAN keeps their traffic isolated from the rest of the network

Question 14

Which of the following is Telnet used for?

Verifying routers in a transmission path

Performing encrypted remote command-line management

Performing clear-text remote command-line management

Answer 14

Performing clear-text remote command-line management

Telnet uses TCP port 23 and is used for clear-text remote command-line management

Question 15

Which network protocol is not routable?

HTTP

DNS

NetBIOS

Answer 15

NetBIOS

NetBIOS is not a routable network protocol. NetBIOS over TCP/IP (NBT) is a Microsoft protocol used in the past for purposes such as file and print sharing over port 139

Question 16

Your wiring closet consists of three 24-port Ethernet switches all linked together. Computers from the Accounting department are plugged into each Ethernet switch, as are computers from the Research department. Your manager asks you to ensure that computers in the Accounting department are on a network different from computers in the Research department. What could you do? (Choose two.)

Replace the Ethernet switches with Ethernet hubs.

Configure all Accounting computers on the same TCP/IP subnet (e.g., 192.268.2.0 /24) and configure all Research computers on their own TCP/IP subnet (e.g., 192.168.3.0 /16).

Configure an Accounting VLAN that includes the Accounting computers and a Research VLAN that includes the Research computers.

Configure all Accounting computers on the same TCP/IP subnet (e.g., 192.168.2.0 /24) and configure all Research computers on their own TCP/IP subnet (e.g., 192.168.3.0 /24).

Answer 16

Configure an Accounting VLAN that includes the Accounting computers and a Research VLAN that includes the Research computers.

Configure all Accounting computers on the same TCP/IP subnet (e.g., 192.168.2.0 /24) and configure all Research computers on their own TCP/IP subnet (e.g., 192.168.3.0 /24).

Placing the Accounting and Research computers each into its own VLAN means Accounting and Research computers would be on different networks. If Accounting computers were on the 192.168.2.0 /24 network and Research computers were on the 192.168.3.0 /24 network, the computers would be on the same physical network but on different logical networks

Question 17

What type of address is fe80::dca6:d048:cba6:bd06?

IPv4

IPv6

MAC

Answer 17

IPv6

IPv6 addresses are hexadecimal (base 16) addresses with each of the eight hexadecimal portions separated with a colon. Double colons (::) can be used as shorthand for :0000: in place of consecutive 0’s

Question 18

Which of the following statements regarding DNS are true? (Choose two.)

It resolves NetBIOS computer names to IP addresses.

Client-to-server queries use TCP port 53.

It resolves FQDNs to IP addresses.

Given an IP address, DNS can return an FQDN.

Answer 18

It resolves FQDNs to IP addresses.

Given an IP address, DNS can return an FQDN.

DNS is used to resolve fully qualified domain names (FQDNs) such as www.mhprofessional.com to an IP address. The reverse is also true. An IP address such as 22.33.44.55 could be used to return an FQDN (this is called a DNS reverse lookup)

Question 19

Which protocol uses TCP port 443?

FTPS

HTTP

HTTPS

Answer 19

HTTPS

Hypertext Transfer Protocol Secure (HTTPS) uses TCP port 443

Question 20

You are troubleshooting TCP/IP settings on a workstation. The workstation IP address is 10.17.6.8/24, the DNS server setting is set to 199.126.129.86, and the default gateway setting is 10.17.5.6./24. The router has a public IP address of 199.126.129.76/24 and a private internal IP address of 10.17.5.6/24. This workstation is the only station on the network that cannot connect to the Internet. What should you do?

Change the DNS server setting to 10.17.5.6.

Change the router private internal IP address to 10.17.6.6.

Change the workstation IP address to 10.17.5.8.

Answer 20

Change the workstation IP address to 10.17.5.8.

The workstation IP address is currently on a different subnet from the default gateway; changing the workstation IP address to 10.17.5.8 would allow communication with the default gateway

Question 21

You need a server to store router configuration files. The server must not require a username or password. Which type of server is the best choice?

Windows file server

FTP

TFTP

Answer 21

TFTP

Trivial FTP (TFTP) allows storage of files without requiring a username or password

Question 22

Which TCP/IP protocol is designed to synchronize time between computers?

SNMP

Windows Time Service

NTP

Answer 22

NTP

Network Time Protocol (NTP) synchronizes time between computers over UDP port 123

Question 23

Which TCP/IP protocol gives administrators a remote command prompt to a network service?

ARP

UDP

Telnet

Answer 23

Telnet

Telnet gives administrators a remote command prompt to a network service

Question 24

While capturing network traffic you notice some packets destined for UDP port 69. What type of network traffic is this?

FTP

TFTP

SNMP

Answer 24

TFTP

Trivial File Transfer Protocol (TFTP) uses UDP port 69

Question 25

Which TCP/IP protocols use encryption to secure data transmissions?

SCP, DNS, SSH

SSH, SCP, Telnet

SSH, SCP, FTPS

Answer 25

SSH, SCP, FTPS

Secure Shell (SSH), Secure Copy Protocol (SCP), and File Transfer Protocol Secure (FTPS) encrypt data transmissions

Question 26

Which of the following network connectivity devices functions primarily using computer MAC addresses? (Choose two.)

Router

Bridge

Hub

Switch

Answer 26

Bridge

Switch

Bridges and switches optimize network usage by remembering which network segments MAC addresses (network cards) are connected to

Question 27

Which of the following are considered TCP/IP transport protocols? (Choose two.)

HTTP

TCP

Telnet

UDP

Answer 27

TCP

UDP

Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are both considered to be transport protocols. TCP is a connection-oriented (a session is established before transmitting data) and acknowledged transport (each transmission gets an acknowledgment packet), where UDP is connectionless and unacknowledged. Because of reduced overhead, UDP is faster

Question 28

Your Vancouver users cannot connect to a corporate web server housed in Seattle, but they can connect to Internet web sites. The network technicians in Seattle insist the web server is running because Seattle users have no problem connecting to the Seattle web server. From the Vancouver network, you ping the Seattle web server but do not get a reply. Which tool should you use next?

tracert

ipconfig

Telnet

Answer 28

tracert

Trace Route (tracert) to the Seattle web server will send a reply from each router along the path so you can identify where the transmission is failing

Question 29

A workstation has an IP address of 169.254.46.86. The server administrators realize the DHCP service is offline, so they start the DHCP service. What command should be used next on the workstation to immediately obtain a valid TCP/IP configuration?

tracert

netstat -a

ipconfig /renew

Answer 29

ipconfig /renew

The command ipconfig should be used with the /renew parameter to get an IP address from the DHCP server

Question 30

Which of the following is a security best practice for configuring an Ethernet switch?

Disable unused ports and assign MAC addresses to enabled ports.

Disable unused ports and configure enabled ports for half-duplex.

Disable unused ports and configure additional VLANs.

Answer 30

Disable unused ports and assign MAC addresses to enabled ports.

Disabling unused switch ports prevents unwanted network connections. Assigning specific MAC addresses to specific switch ports enables you to control which stations can connect to which switch ports

Question 31

You are attempting to connect to one of your user’s computers using RDP but cannot get connected. A new firewall has been installed on your network. Which port must be opened on the firewall to allow RDP traffic?

143

389

3389

Answer 31

3389

Remote Desktop Protocol (RDP) uses TCP port 3389