Test 0 Flashcards

Question 1

Q

A UTM is deployed on the external edge of the main corporate office. The office connects to the WAN port of the edge router. The edge router at the main office connects to the remote offices using GRE IPSec tunnels. A network administrator notices that a worm that was not detected by the UTM has spread from the remote sites into the corporate network. The UTM currently has traffic rules applied that should block the port used by the worm. Which of the following steps would MOST likely correct this issue?

A. Move the UTM onto the LAN side of the network
B. Enable TLS inspection on the UTM
C. Enable stateful inspection on the UTM
D. Configure the UTM to deny encrypted files from being transferred

Answer

A

C. Enable stateful inspection on the UTM

Stateful-inspection firewalls: Unlike packet-filtering firewalls, stateful-inspection firewalls can track and “understand” when a TCP connection has occurred. This allows for reply traffic to be allowed through the firewall without the need for explicit rules. As a result, stateful-inspection firewalls make configuration easier, but can add a bit more inspection overhead and slow down traffic slightly more than packet-filtering firewalls. so C could be the correct answer

Question 2

Q

A technician has racked a new access switch and has run multimode fiber to a new location. After installing an extended-range 10Gb SFP in the core switch, the technician installed a 10Gb SFP in the access switch and connected the port to the new extension with a fiber jumper. However, the link does not display, and the technician cannot see light emitting from the core switch. Which of the following solutions is MOST likely to resolve the problem?

A. Swap the fiber pairs in one of the SFPs
B. Replace the jumpers with single-mode fiber
C. Set the correct MTU on the new interface
D. Install an optic that matches the fiber type

Answer

A

B. Replace the jumpers with single-mode fiber

“extended-range 10Gb SFP” is the key here. And their use of the word “jumpers” means all the mm fiber is getting changed.

Question 3

Q

A network technician has implemented ACLs to limit access to cloud-based file storage. Which of the following security mechanisms has the technician enforced?

A. DLP
B. IDS
C. WAF
D. WPA
E. TPM

Answer

A

C. WAF
Web Application Firewall

Option C is correct: The clue here is “ cloud-based file storage”. The only security mechanism here is Web Application Firewall (WAF).

Data Lost prevention (DLP): A security technique that detects potential data breaches/data ex-filtration transmissions and prevent them by monitoring, detecting and blocking sensitive data while in use, in motion, and at rest.
Intrusion Detection System (IDS): A device or software application that monitors a network or systems for malicious activity or policy violations.
Wi-Fi Protected Access (WPA): A security protocol designed to create secure wireless (Wi-Fi) networks.
Trusted Platform Module (TPM): A cryptographic module that enhances computer security and privacy.

Question 4

Q

A network technician receives a call from a user in the accounting department stating that Internet connectivity has been lost after receiving a new workstation. No other users in accounting are reporting similar issues. The network technician is able to ping the machine from the accounting departmentג€™s router, but is not able to ping the machine from the IT network. Which of the following is MOST likely the cause?

A. Incorrect default gateway
B. Duplicate IP address
C. Misconfigured OSPF
D. Improper VLAN assignment

Answer

A

A. Incorrect default gateway

If the technician can ping the workstation from the accounting department’s router (and there is no mention of the staff person having difficulties connecting to accounting resources), we can assume the workstation is in the correct VLAN. The only other answer that makes sense is an incorrect default gateway - likely due to manual misconfiguration (they make no mention of using DHCP, so manual entry errors should be considered). A makes sense - it’s just a poorly worded question to make you think it through.

Question 5

Q

A firewall administrator is implementing a rule that directs HTTP traffic to an internal server listening on a non-standard socket. Which of the following types of rules is the administrator implementing?

A. NAT
B. PAT
C. STP
D. SNAT
E. ARP

Answer

A

B. PAT

The answer is PAT.

Static Network Address Translation (SNAT) would be used to translate from one address to another. The question asks how to convert from one port to another; this is called Port Address Translation (PAT)

Question 6

Q

A technician is installing a new wireless badging system on a hospital network. The requirements of the badging system are for it to have its own SSID and low power levels. The badging system has to cover 99.9% of the hospital. Which of the following is the BEST action to take to meet the system requirements?

A. Install additional WAPs
B. Install external antennas
C. Move the WAPs closer to the more populated area
D. Change the antenna types

Answer

A

A. Install additional WAPs

Question 7

Q

A technician attempts to replace a switch with a new one of similar model from the same vendor. When the technician moves the fiber and SFP plug, the switch does not completely boot up. Considering that the config files are the same, which of the following is the MOST likely cause of the failure?

A. Damaged fiber
B. Corrupted operating system
C. VLAN mismatch
D. Bad port

Answer

A

B. Corrupted operating system

If the switch doesn’t boot up, it’s likely due to the operating system, not the configuration of the switch itself. Even with a vlan mismatch, the switch should completely boot up.

Question 8

Q

A company has hundreds of nodes on a single subnet and has decided to implement VLANs. Which of the following BEST describes the benefit of this approach?

A. It segments broadcast domains in the network infrastructure
B. It provides a faster port to all servers
C. It provides multiple collision domains on one switchport
D. It provides multiple broadcast domains within a single collision domain

Answer

A

A. It segments broadcast domains in the network infrastructure

Question 9

Q

A company has completed construction of a new datacenter, and the IT staff is now planning to relocate all server and network equipment from the old site to the new site. Which of the following should the IT staff reference to determine the location of the equipment being moved?

A. Rack diagrams
B. Network topology
C. Standard operating procedures
D. Wiring documentation

Answer

A

A. Rack diagrams

It asked for “reference to determine the location of the equipment being moved”. Keyword is the physical location, you need the rack diagrams to determine the space and the positions of the servers/network equipment.

network topology refers to… Bus, Star, Mesh, Ring topologies.. not physical location of equipment.

Question 10

Q

Which of the following would allow a device to maintain the same IP address lease based on the physical address of the network card?

A. MAC address reservation
B. Static IP address
C. IP address exclusion
D. Custom DNS server entry

Answer

A

A. MAC address reservation

Because it says the ‘physical address’ and physical address is another word for MAC address. Launch CMD in windows and type ‘ipconfig/all’ next to physical address you will find the MAC address of your device.

Question 11

Q

A technician wants to prevent an unauthorized host from connecting to the network via Ethernet. Which of the following is a Layer 2 access control the technician should implement?

A. Access control lists
B. Captive portal
C. WPA2
D. Port security

Answer

A

D. Port security

keyword “via Ethernet” aka port

They want to prevent an unauthorized host from connecting to the network via Ethernet. Anyone can hook up their laptop to an open Ethernet port. Port Security (Layer 2) would only allow certain computers to connect via a given port. ACL is associated with Layer 3 of the OSI model. Therefore, answer is D.

Question 12

Q

A network engineer is configuring wireless access for guests at an organization. Access to other areas in the organization should not be accessible to guests.
Which of the following represents the MOST secure method to configure guest access to the wireless network?

A. Guests should log into a separate wireless network using a captive portal
B. Guests should log into the current wireless network using credentials obtained upon entering the facility
C. The existing wireless network should be configured to allow guest access
D. An additional wireless network should be configured to allow guest access

Answer

A

A. Guests should log into a separate wireless network using a captive portal

A captive portal is a Web page that the user of a public-access network is obliged to view and interact with before access is granted.

Question 13

Q

The server team has just installed an application across three different servers. They are asking that all requests to the application are spread evenly across the three servers. Which of the following should the network team implement to fulfil the request?

A. Proxy server
B. UTM appliance
C. Content filter
D. Load balancer

Answer

A

D. Load balancer

Load balancing refers to the process of distributing a set of tasks over a set of resources, with the aim of making their overall processing more efficient. Load balancing can optimize the response time and avoid unevenly overloading some compute nodes while other compute nodes are left idle.

Question 14

Q

A network technician is deploying mobile phones for a company’s sales staff. Salespeople frequently travel nationally and internationally to meet with clients and often have to roam or switch cellular providers. Which of the following standards is the BEST option to fit the requirements?

A. GSM
B. TDM
C. CDMA
D. PSTN
E. MIMO

Answer

A

A. GSM

The Global System for Mobile Communications (GSM) is a standard developed by the European Telecommunications Standards Institute (ETSI) to describe the protocols for second-generation (2G) digital cellular networks used by mobile devices such as mobile phones and tablets. It was first deployed in Finland in December 1991. By the mid-2010s, it became a global standard for mobile communications achieving over 90% market share and operating in over 193 countries and territories.

Question 15

Q

A network administrator has been given a network of 172.16.85.0/21 and wants to know the usable range of IP addresses on that subnet. Which of the following indicates the correct IP address range?

A. 172.16.80.0-172.16.85.254
B. 172.16.80.0-172.16.88.255
C. 172.16.80.1-172.16.87.254
D. 172.16.80.1-172.16.85.255

Answer

A

C. 172.16.80.1 - 172.16.87.254

16 (classful subnet - 255.255.0.0)
21 ( classless subnet - 255.255.248.0) 5 bits borrowed from host portion count in bit format to get your magic number ( block size) 128,192,224,240,248 = 5 bits which equals 8 block size, so you count in 8’s to for your networks in this case .80-87 (88 is the last IP which is broadcast so you cannot use that)

Question 16

Q

A network technician is troubleshooting wireless network issues in a crowded office complex and suspects there is interference from nearby wireless networks.
Which of the following should the technician perform to discover possible interference?

A. Site survey
B. Vulnerability scanning
C. Wardriving
D. Checking logical diagram
E. Bandwidth test

Answer

A

A. Site survey

The site survey will allow us to see the overlap of networks, being able to pinpoint where the interference is coming from.

Installing and configuring a Wi-Fi network requires a number of discrete steps. You should start with a site survey to determine any obstacles (existing wireless, interference, and so on) you need to overcome and to determine the best location for your access points.

because bandwidth deals with the AMOUNT OF DATA TRANSMITTED over an internet connection at a given time. So a bandwidth test would just be checking the upload/download times of the network.

Question 17

Q

A network technician is troubleshooting an issue and has established a theory of probable cause. Which of the following steps should the network technician take NEXT?

A. Test the possible solution
B. Question the users
C. Determine what has changed
D. Document the theory

Answer

A

A. Test the possible solution

A good mnemonic for the CompTia troubleshooting steps is: I Go To Poland Via Denmark.

Identify
Guess
Test
Plan
Verify
Document
Identify the problem.
Establish a theory of probably cause. (Question the obvious)
Test the theory to determine cause.
Establish a plan of action to resolve the problem and implement the solution.
Verify full system functionality and if applicable implement preventative measures.
Document findings, actions, and outcomes.

Question 18

Q

A network technician has discovered a rogue access point placed under an empty cubicle desk. Which of the following should the technician perform to ensure another cannot be placed on the network?

A. Disable unused ports on switches
B. Enable DHCP guard to detect rogue servers
C. Configure WPA2 on all access points
D. Use TACACS+ authentication

Answer

A

B. Enable DHCP guard to detect rogue servers

Enabling DHCP guard will protect the network from another rogue AP in all the ports. Disabling unused ports will just protect unused ports, it’s a good option but it doesn’t erradicates the issue.

Question 19

Q

Which of the following provides the ability to deploy consistent access point configurations from a central location?

A. Wireless controller
B. AAA server
C. WiFi-protected setup
D. Proxy server
E. VPN concentrator

Answer

A

A. Wireless controller

What Is a Wireless LAN Controller?
A wireless LAN controller, or WLAN controller, monitors and manages wireless access points in bulk and allows wireless devices to connect to WLAN, a wireless network architecture. As a centralized device in the network, the wireless LAN controller is usually located at the data center, to which all the wireless APs on the network are directly or indirectly connected.

How a Wireless LAN Controller Functions?
The wireless access controller takes the bandwidth produced coming from a router and stretches it to fit the network needs. Similar to an amplifier in a stereo system, the wireless controller allows devices from farther distances to connect. Besides, it enables the network administrators to check all the data related to the network and is able to detect rogue access points and recent traps generated by the access points.

Question 20

Q

A network technician is configuring a wireless network at a branch office. Users at this office work with large files and must be able to access their files on the server quickly. Which of the following 802.11 standards provides the MOST bandwidth?

A. a
B. ac
C. g
D. n

Question 21

Q

A network administrator configures a router with the following IP address information:
Gigabit Ethernet 1 Interface: 10.10.0.1/24
Serial 0 Interface: 10.10.0.253/30
Clients are connected to a switch on the gigabit Ethernet interface; the ISP is connected to the Serial 0 interface. When the router configuration is complete and client devices are reconfigured, all clients report that they are unable to connect to the Internet. Which of the following is the MOST likely reason?

A. The router was configured with an incorrect IP address
B. The router was configured with an incorrect default gateway
C. The router was configured with an incorrect subnet mask
D. The router was configured with an incorrect loopback address

Answer

A

C. The router was configured with an incorrect subnet mask

The subnet mask is incorrectly configured.
A /30 would give you a subnet mask of 255.255.255.252
First available would be 10.10.255.253
If the (ISP) is conNECTED to the 253 itS WRONG
It should be 252 which is the network ID

Question 22

Q

A penetration tester has been tasked with reconnaissance to determine which ports are open on the network. Which of the following tasks should be done FIRST? (Choose two.)

A. Network scan
B. Banner grab
C. Tracert
D. DHCP server check
E. Brute-force attack

Answer

A

A. Network scan
C. Tracert

The answer is A and C because the question is asking what they should do FIRST. Banner Grab is done AFTER you determine what systems have open ports.

First start with;
A penetration test is an active test that attempts to exploit
discovered vulnerabilities. It starts with a vulnerability scan and then
bypasses or actively tests security controls to exploit vulnerabilities.

A Network/port scanner scans systems for open ports and attempts to
discover what services and protocols are running.

Banner grabbing queries remote systems to detect their operating
system, along with services, protocols, and applications running on
the remote system.

Pick your answer this.
Tracert—A command-line tool used to trace the route between two systems.

Question 23

Q

Users are reporting Internet connectivity issues. The network administrator wants to determine if the issues are internal to the company network or if there is an issue with the ISP. Which of the following tools should be used to BEST determine where the outage is occurring?

A. traceroute
B. ping
C. nslookup
D. netstat

Answer

A

A. traceroute

Using traceroute, you can see where the connection drops and determine whether that specific point is located within your network or on the way to the ISP.

Question 24

Q

Which of the following is a vulnerable system designed to detect and log unauthorized access?

A. SIEM
B. Honeypot
C. DMZ
D. Proxy server

Answer

A

A. SIEM

Security information and event management (SIEM) gather and analyze the log data you send to it.

Security Information and Event Management (SIEM) software has been in use in various guises for over a decade and has evolved significantly during that time. SIEM solutions provide a holistic view of what is happening on a network in real-time and help IT teams to be more proactive in the fight against security threats.

What is unique about SIEM solutions is that they combine Security Event Management (SEM) - which carries out analysis of event and log data in real-time to provide event correlation, threat monitoring an incident response - with Security Information Management (SIM) which retrieves and analyzes log data and generates a report. For the organization that wants complete visibility and control over what is happening on their network in real-time, SIEM solutions are critical.

In computer terminology, the term honeypot refers to a security structure or mechanism that is built to deflect the attackers. In other words, a honeypot is there to distract the attackers from valuable assets of the organization.

Honeypot can be defined as a system that is attached to the network. It is set up to be a decoy. It lures the hackers and wastes their time as they try to gain unauthorized access to the network or systems of the organization.

Question 25

Q

According to the OSI model, at which of the following layers is data encapsulated into a packet?

A. Layer 2
B. Layer 3
C. Layer 4
D. Layer 5
E. Layer 6

Answer

A

B. Layer 3

Some People Fear Birthdays

Start at layer four and work down:
Some -- Segments
People -- Packets
Fear -- Frames
Birthdays -- Bits

Some – Segments –> Layer 4 Transport Layer: Datagram (UDP) or Segment (TCP)

People – Packets –> Layer 3 Network Layer: Packet (IP)

Fear – Frames –> Layer 2 Data Link Layer: Frame

Birthdays -Bits –> Layer 1 Physical Layer: Bit

Question 26

Q

26. Which of the following WAN technologies is MOST preferred when developing a VoIP system with 23 concurrent channels?
A. DSL
B. POTS
C. T1
D. DOCSIS

Answer

A

C. T1

OBJ-2.5: A T1 can transmit 24 telephone calls at a time because it uses a digital carrier signal (DS-1). DS-1 is a communications protocol for multiplexing the bit streams of up to 24 telephone calls simultaneously. The T1’s maximum data transmission rate is 1.544 Mbps. DOCSIS is the standard for a cable modem. DSL is a Digital Subscriber Line which has variable speeds from 256 Kbps and up. POTS is the Plain Old Telephone System, and provides only a single phone connection at a time. Out of these options, the T1 is the BEST to ensure you can reliably provide 23 simultaneous phone connections.

Question 27

Q

Which of the following security mechanisms dynamically assigns a Layer 2 address and restricts traffic only to that Layer 2 address?

A. Sticky MAC
B. 802.1x
C. ACL
D. NA

Answer

A

A. Sticky MAC

Persistent MAC learning, also known as Sticky MAC, is a port security feature that enables an interface to retain dynamically learned MAC addresses when the switch is restarted or if the interface goes down and is brought back online. This is a security feature that can be used to prevent someone from unplugging their office computer and connecting their own laptop to the network jack without permission since the switch port connected to that network jack would only allow the computer with the original MAC address to gain connectivity using Sticky MAC.

Question 28

Q

A junior network technician is setting up a new email server on the company network. Which of the following default ports should the technician ensure is open on the firewall so the new email server can relay email?

A. 23
B. 25
C. 110
D. 143

Answer

A

B. 25

This is clearly the function of SMTP (25).
POP (110) and IMAP (143) are used in receiving and retrieving emails, respectively. The question clearly asks which port is to be left open so the server can relay/send emails.

Question 29

Q

In a service provider network, a company has an existing IP address scheme. Company A’s network currently uses the following scheme:
Subnet 1: 192.168.1.0/26
Subnet 2: 192.168.1.65/26

Company B uses the following scheme:

Subnet 1: 192.168.1.50/28
The network administrator cannot force the customer to update its IP scheme. Considering this, which of the following is the BEST way for the company to connect these networks?

A. DMZ
B. PAT
C. NAT
D. VLAN

Answer

A

C. NAT

in a nutshell: when you are at home on your private network your devices have a private Ip normally in the 192.168.1.0/24 range. These devices use their assigned private ip’s to communicate locally however when a private ip needs to talk to a website like amazon, NAT will assigns/masks/translates (however you want to say it) that private IP to your public IP. Your public ip is provided by your ISP. NAT was created to address the ever depleting usable IPv4 address

Question 30

Q

A network engineer is designing a new network for a remote site. The remote site consists of ten desktop computers, ten VoIP phones, and two network printers.
In addition, two of the desktop computers at the remote site will be used by managers who should be on a separate network from the other eight computers.
Which of the following represents the BEST configuration for the remote site?

A. One router connected to one 24-port switch configured with three VLANS: one for the managers computers and printer, one for the other computers and printer, and one for the VoIP phones
B. Two routers with each router connected to a 12-port switch, with a firewall connected to the switch connected to the managers desktop computers, VoIP phones, and printer
C. One router connected to one 12-port switch configured for the managers computers, phones, and printer, and one 12-port switch configured for the other computers, VoIP phones, and printer
D. One router connected to one 24-port switch configured with two VLANS: one for the managers computers, VoIP phones, and printer, and one for the other computers, VoIP phones, and printer

Answer

A

A. One router connected to one 24-port switch configured with three VLANS: one for the managers computers and printer, one for the other computers and printer, and one for the VoIP phones.

One 24-port router and 3 VLANs is the most correct solution.
Remote site hosts 22 devices so 24 ports are needed. Management gets one VLAN, remaining users get another, and phones also get another.
Getting two routers is incorrect as this is not cost effective. Connecting a firewall only to one router is not feasible for security. This setup also does not split each group by network.
Single 12-port router for each group is incorrect; this is neither efficient nor cost effective.
24-port router with two VLANs is incorrect; there are not enough VLANs to properly separate hosts.

Question 31

Q

31. A network technician is troubleshooting an end-user connectivity problem. The network technician goes to the appropriate IDF but is unable to identify the appropriate cable due to poor labeling. Which of the following should the network technician use to help identify the appropriate cable?
A. Tone generator
B. Multimeter
C. OTDR
D. Loopback adapter

Answer

A

A. Tone generator

Tone generator is the most correct answer. A tone generator sends a signal through a cable so a technician can find its termination easier.
A multimeter checks and measures electrical signals and is incorrect.
An OTDR is incorrect as it would not help the technician identify the cable termination.
A loopback adapter is incorrect as this only allows testing of the local host device.

Question 32

Q

A network technician is considering opening ports on the firewall for an upcoming VoIP PBX implementation. Which of the following protocols is the technician
MOST likely to consider? (Choose three.)

A. SIP
B. NTP
C. H.323
D. SMB
E. ICMP
F. RTP
G. IPSec
H. RDP

Answer

A

A. SIP
C. H.323
F. RTP

SIP, H.323, and RTP are the most correct answers.
Session Initiation Protocol is used for multimedia communication sessions.
H.323 is used to define how real-time audio, video and data information is transmitted. It provides signaling, multimedia and bandwidth control mechanisms over RTP.
Real-time Transport Protocol is a packet-formatting standard for delivering audio and video over the Internet, and is popularly implemented for VoIP solutions.
NTP is incorrect; Network Time Protocol’s functions are not relevant to a VoIP PBX.
SMB is incorrect; Server Message Block is a Windows protocol for sharing access to files and printers between hosts.
ICMP is incorrect; Internet Control Message Protocol is not relevant to the functions of a PBX.
IPsec is incorrect; IP security is not relevant to the function of the PBX.
RDP is incorrect; Remote Desktop Protocol features are not relevant to the function of the PBX.

Question 33

Q

A network technician notices the site-to-site VPN and Internet connection have not come back up at a branch office after a recent power outage. Which of the following is an out-of-band method the technician would MOST likely utilize to check the branch offices router status?

A. Use a modem to console into the router
B. Walk a user through troubleshooting the connection
C. Travel to the branch office
D. Hire a contractor to go on-site

Answer

A

A. Use a modem to console into the router

Question 34

Q

A device operating at Layer 3 of the OSI model uses which of the following protocols to determine the path to a different network?

A. STP
B. RTP
C. RIP
D. NTP
E. SIP

Answer

A

C. RIP

RIP is the most correct answer.
Routing Information Protocol is used at the Network layer to determine the next hop for a travelling packet.
STP is incorrect; Spanning Tree Protocol is a Data Link layer protocol.
RTP is incorrect; Remote Desktop Protocol is an Application layer protocol and has no bearing on where data routes to.
NTP is incorrect; Network Time Protocol is not relevant to routing in this context.
SIP is incorrect; Session Initiation Protocol is an Application layer protocol designed to establish connections for multimedia communication sessions.

Question 35

Q

A network administrator is setting up a web-based application that needs to be continually accessible to the end users. Which of the following concepts would
BEST ensure this requirement?

A. High availability
B. Snapshots
C. NIC teaming
D. Cold site

Answer

A

A. High availability

Key words “continually accessible”
This makes option A most appropriate.

Question 36

Q

Which of the following devices should a network administrator configure on the outermost part of the network?

A. Media converter
B. Switch
C. Modem
D. Firewall

Answer

A

D. Firewall

Question 37

Q

A company finds that many desktops are being reported as missing or lost. Which of the following would BEST assist in recovering these devices?

A. Asset tracking tags
B. Motion detectors
C. Security guards
D. Computer locks

Answer

A

A. Asset tracking tags

The tags are entered into a tracking database, which also usually has a map of the coverage area so that a particular asset can be located.

Question 38

Q

A technician is connecting a router directly to a PC using the G1/0/1 interface. Without the use of auto-sensing ports, which of the following cables should be used?

A. Straight-through
B. Console
C. Rollover
D. Crossover

Answer

A

D. Crossover

Router to router cross
Pc to router cross
switch to switch cross
pc to switch straight
switch to router straight

“…without the use of autosensing ports…”. If you had autosensing ports then you could use a straight cable

Question 39

Q

39. A technician is diagnosing an issue with a new T1 connection. The router is configured, the cable is connected, but the T1 is down. To verify the configuration of the router, which of the following tools should the technician use?
A. Loopback adapter
B. Cable tester
C. Tone generator
D. Multimeter

Answer

A

A. Loopback adapter

Loop back adapters are used to test T1 lines.
The question is asking for ‘to verify the configuration of the router’ which only leaves us with A.

Question 40

Q

Which of the following policies would Joe, a user, have to agree to when he brings in his personal tablet to connect to the company’s guest wireless Internet?

A. NDA
B. IRP
C. BYOD
D. SLA

Answer

A

C. BYOD

Bring your own device (BYOD) refers to the trend of employees using personal devices to connect to their organizational networks and access work-related systems and potentially sensitive or confidential data. Personal devices could include smartphones, personal computers, tablets, or USB drives.

Question 41

Q

A network technician receives a call from a user who is experiencing network connectivity issues. The network technician questions the user and learns the user brought in a personal wired router to use multiple computers and connect to the network. Which of the following has the user MOST likely introduced to the network?

A. Rogue DHCP server
B. Evil twin
C. VLAN mismatch
D. Honeypot

Answer

A

A. Rogue DHCP server

Rogue DHCP server is the most correct answer. The user’s router is distributing its own DHCP leases to the hosts, causing conflict when these devices try to access the network.
Evil twin is incorrect. Evil twin is an AP placed outside a network disguised as a legitimate network point to gather sensitive information from baited users.
VLAN mismatch is incorrect, though the hosts past the user’s router may not be able to gather VLAN data because of the router.
Honeypot is incorrect; a honeypot is deployed by a network to bait attackers into wasting time in a false network environment instead of the real one.

Question 42

Q

A technician is setting up a direct connection between two older PCs so they can communicate but not be on the corporate network. The technician does not have access to a spare switch but does have spare Cat 6 cables, RJ-45 plugs, and a crimping tool. The technician cuts off one end of the cable. Which of the following should the technician do to make a crossover cable before crimping the new plug?

A. Reverse the wires leading to pins 1 and 2
B. Reverse the wires leading to pins 1 and 3
C. Reverse the wires leading to pins 2 and 3
D. Reverse the wires leading to pins 2 and 4

Answer

A

B. Reverse the wires leading to pins 1 and 3

This question is weird because of the “older PC” part, so only 4 pins should be used. However, for traditional Crossover Cable for memorization, I think of these rules:
1) reverse 1/3
2) reverse 2&6
3) -3 brown (pin 7 -> pin 4 / pin 8 -> pin 5)
4) +3 blue (pin 4 -> pin 7 / pin 5 -> pin 8)
Or
T568A -> T568B

Question 43

Q

Which of the following is the number of broadcast domain that are created when using an unmanaged 12-port switch?

A. 0
B. 1
C. 2
D. 6
E. 12

Answer

A

B. 1

The switch creates 12 collision domains and 1 broadcast domain.
A switch creates a single broadcast domain, not separate broadcast domains so any answer with 12 broadcast domains is incorrect.

Question 44

Q

The Chief Information Officer (CIO) has noticed the corporate wireless signal is available in the parking lot. Management requests that the wireless network be changed so it is no longer accessible in public areas, without affecting the availability inside the building. Which of the following should be changed on the network?

A. Power levels
B. Overcapacity
C. Distance limitations
D. Channel overlap

Answer

A

A. Power levels

Question 45

Q

A network technician is assisting the security team with some traffic captures. The security team wants to capture all traffic on a single subnet between the router and the core switch. To do so, the team must ensure there is only a single collision and broadcast domain between the router and the switch from which they will collect traffic. Which of the following should the technician install to BEST meet the goal?

A. Bridge
B. Crossover cable
C. Hub
D. Media converter

Answer

A

C. Hub

” team must ensure there is only a single collision and broadcast domain between the router and the switch from which they will collect traffic”
That’s your clue.

Question 46

Q

A network engineer wants to segment the network into multiple broadcast domains. Which of the following devices would allow for communication between the segments?

A. Layer 2 switch
B. Layer 3 switch
C. Bridge
D. Load balancer

Answer

A

B. Layer 3 switch

L3 switch because L3 switch will acts as a switch to connect devices that are on the same subnet or virtual LAN into multiple broadcast domain (router).

Question 47

Q

Based on networks 10.8.16.0/22 and 10.8.31.0/21, which of the following is the BEST summarized CIDR notation?

A. 10.8.0.0/16
B. 10.8.0.0/19
C. 10.8.0.0/20
D. 10.0.0.0/24

Answer

A

A. 10.8.0.0/16

The Answer is A the only thing you need to know is what they have in common and that would be only the first 2 octets so CIDR notation tells you 16 uses the full range of the first 2 Octets.

Question 48

Q

A technician discovers that multiple switches require a major update. Which of the following policies should be followed?

A. Change management policy
B. Remote access policy
C. Acceptable use policy
D. Memorandum of understanding

Answer

A

A. Change management policy

Question 49

Q

A technician is troubleshooting a point-to-point fiber-optic connection. The technician is at a remote site and has no connectivity to the main site. The technician confirms the switch and the send-and-receive light levels are within acceptable range. Both fiber SFPs are confirmed as working. Which of the following should the technician use to reveal the location of the fault?

A. OTDR
B. Light meter
C. Tone generator
D. CSU/DSU

Answer

A

A. OTDR

OTDR is the most correct solution. The wording of the question gives it away; an optical time-domain reflectometer will help you find faults in a fiber line.
A light meter is incorrect; the technician has already established light levels are sufficient.
A tone generator is incorrect; the technician would need to go to the far end of the fiber to verify tone. Still, it is established that light levels are sufficient.
CSU/DSU is incorrect. A Channel service unit/data service unit connects serial ports on a router to an ISP’s network and to the demarc.

Question 50

Q

A Chief Information Officer (CIO) wants to move some IT services to a cloud service offering. However, the network administrator still wants to be able to control some parts of the cloud services networking components. Which of the following should be leveraged to complete this task?

A. IaaS
B. PaaS
C. SaaS
D. DaaS

Answer

A

B. PaaS

PaaS is a service model that provides you with a platform to develop or to upload your own applications, you’re able to deploy and manage the application over the platform they provide, but you’re not able to control the cloud infrastructure and resources the cloud is providing to maintain the platform. The net admin just wants to be able to have that platform available to burst some of the data center applications during peak hours

Question 51

Q

Client PCs are unable to receive addressing information from a newly configured interface on a router. Which of the following should be added to allow the clients to connect?

A. DHCP lease time
B. IP helper
C. TTL
D. DNS record type

Answer

A

B. IP helper

Mike Meyers Network + book page 406: “Cisco implements DHCP relay through a configuration command called IP helper (the command is technically ip helper-address).”

Question 52

Q

When enabling jumbo frames on a network device, which of the following parameters is being adjusted?

A. Speed
B. Duplex
C. MTU
D. TTL

Answer

A

C. MTU

MTU is the most correct answer. The maximum transmission unit is the largest protocol data unit (PDU) that can be sent over a single network layer transaction.
Speed is incorrect; network speed has no bearing on jumbo frames.
Duplex is incorrect; duplexing has no bearing on jumbo frames but instead defines when communication can occur.
TTL is incorrect; the time to live or hop count of data defines how long data can persist in a network. Once this limit is met, the data is discarded.

Question 53

Q

A technician logs onto a system using Telnet because SSH is unavailable. SSH is enabled on the target device, and access is allowed from all subnets. The technician discovers a critical step was missed. Which of the following would allow SSH to function properly?

A. Perform file hashing
B. Generate new keys
C. Update firmware
D. Change default credentials

Answer

A

B. Generate new keys

Generating new keys is the most correct answer. SSH uses RSA public key infrastructure for both signature and encryption. With new keys the technician’s device should have no issue using SSH to access the remote system.
File hashing is incorrect. This has no impact on connectivity.
Updating firmware is incorrect. This is too broad a measure and may require a change document.
Changing default credentials is incorrect. Since the remote system is already up it is implied that its default credentials are already changed.

Question 54

Q

A network administrator wants to ensure sensitive data is not exfiltrated from the system electronically. Which of the following should be implemented?

A. DLP
B. AUP
C. NDA
D. SLA

Answer

A

A. DLP

DLP is the most correct solution. Data Loss Prevention can be a hardware or software solution that actively combs outbound traffic, including email, for sensitive data and stops any violating traffic.
AUP is incorrect; while an acceptable use policy would strongly deter would-be leakers, it does not do so outright.
NDA is incorrect. A non-disclosure agreement would legally prohibit internal staff from divulging sensitive information it does not do so outright, legal interventions aside.
SLA is incorrect. A service level agreement is a contract between a service provider and client on what each party expects from the other (money for Internet access and tech support, mean time between failures, expected downtime, etc.)

Question 55

Q

An office network consists of one two-port router connected to a 12-port switch. A four-port hub is also connected to the switch. On this particular network, which of the following is the number of collision domains that exist?

A. 3
B. 12
C. 13
D. 14
E. 15

Answer

A

D. 14

The router has one collision domain, the hub has one collision domain and the switch has one collision domain per port. That makes 14 (1(router)+1(hub)+12(switch)=14)

Question 56

Q

A network technician wants to remotely and securely access the desktop of a Linux workstation. The desktop is running remote control software without encryption. Which of the following should the technician use to secure the connection?

A. SSH in tunnel mode
B. RDP set to console connection
C. EAP-PEAP
D. SFTP

Answer

A

A. SSH in tunnel mode

Secure Shell (SSH) for Linux-based machines
Remote Desktop Protocol (RDP) for Windows-based machines.
ssh in tunnel mode is the same as port forwarding,

Question 57

Q

Which of the following should current network performance be compared against to determine network anomalies?

A. Baseline
B. Traffic analysis
C. Packet capture
D. Logs

Answer

A

A. Baseline

Network baselining is the act of measuring and rating the performance of a network in real-time situations. Providing a network baseline requires testing and reporting of the physical connectivity, normal network utilization, protocol usage, peak network utilization, and average throughput of the network usage.

Such in-depth network analysis is required to identify problems with speed and accessibility, and to find vulnerabilities and other problems within the network.

Once a network baseline has been established, this information is then used by companies and organizations to determine both present and future network upgrade needs as well as assist in making changes to ensure their current network is optimized for peak performance.

Question 58

Q

A network administrator configures an email server to use secure protocols. When the upgrade is completed, which of the following ports on the firewall should be configured to allow for connectivity? (Choose three.)

A. TCP 25
B. TCP 110
C. TCP 143
D. TCP 389
E. TCP 587
F. TCP 993
G. TCP 995

Answer

A

E. TCP 587
F. TCP 993
G. TCP 995

587 is SMTP
993 is IMAP over SSL
995 is POP3 over SSL

995 TCP - Post Office Protocol 3 over TLS/SSL (POP3S) (Official)
993 TCP - Internet Message Access Protocol over SSL (IMAPS) (Official)
587 TCP - e-mail message submission (SMTP)
443 TCP - HTTPS (Hypertext Transfer Protocol over SSL/TLS)

Question 59

Q

After a server outage, a technician discovers that a physically damaged fiber cable appears to be the problem. After replacing the cable, the server will still not connect to the network. Upon inspecting the cable at the server end, the technician discovers light can be seen through one of the two fiber strands. Which of the following should the technician do FIRST to reconnect the server to the network?

A. Reverse the fiber strands of the cable and reconnect them to the server
B. Use a TDR to test both strands of a new replacement cable prior to connecting it to the server
C. Replace the servers single-mode fiber cable with multimode fiber
D. Move the fiber cable to different port on the switch where both strands function

Answer

A

A. Reverse the fiber strands of the cable and reconnect them to the server

Tx and Rx sides are flipped, and need to be crisscrossed on the server side to be able to produce a signal.

Question 60

Q

The backup server connects to a NAS device using block-level storage over Ethernet. The performance is very slow, however, and the network technician suspects the performance issues are network related. Which of the following should the technician do to improve performance?

A. Utilize UDP to eliminate packet overhead
B. Turn off MDIX settings on the NAS and server switchports
C. Enable jumbo frames on the NAS and server
D. Encapsulate the storage traffic in a GRE tunnel

Answer

A

C. Enable jumbo frames on the NAS and server

you’re reducing packet overhead by enabling jumbo frames.
Block storage is a category of data storage mostly used in storage area network (SAN) environments, where data is saved in huge volumes known as blocks. Each block in block storage is configured by a storage administrator and acts like an individual hard drive.

Question 61

Q

A technician is trying to determine the IP address of a customers router. The customer has an IP address of 192.168.1.55/24. Which of the following is the address of the customer’s router?

A. 192.168.0.55
B. 192.168.1.0
C. 192.168.1.1
D. 192.168.5.5
E. 255.255.255.0

Answer

A

C. 192.168.1.1

The subnet mask is /24 which means that this is a classfull ip address so traditionally the router would be the first IP address in the node space which is 192.168.1.1. The broadcast address would be the last IP in the node space which is 192.168.1.255. The nodes on the subnet which would be devices would populate the 192.168.1.2 - 192.168.1.254 space.

Question 62

Q

A network technician is able to connect the switches between two offices, but the offices cannot communicate with each other, as each office uses a different IP addressing scheme. Which of the following devices needs to be installed between the switches to allow communication?

A. Bridge
B. Access point
C. Router
D. Range extender

Answer

A

C. Router

if switches are already connected MDF-IDF setup then 802.1Q (aka Dot1q)is needed so l3 device is required base on answers pick router to be correct.

Question 63

Q

A network technician is working on a proposal for email migration from an on-premises email system to a vendor-hosted email in the cloud. The technician needs to explain to management what type of cloud model will be utilized with the cloud-hosted email. Which of the following cloud models should the technician identify in the proposal?

A. IaaS
B. PaaS
C. SaaS
D. MaaS

Question 64

Q

Which of the following is the correct port number for NTP?

A. 25
B. 69
C. 123
D. 161

Answer

A

C. 123

NTP uses UDP port 123.
SMTP uses TCP port 25.
TFTP uses UDP port 69.
SNMP uses UDP port 161.

Answer 63

A

C. LACP

LACP is the most correct answer. Link Aggregation Control Protocol can combine multiple physical ports together to make a single local channel. It allows for both redundancy and load balancing.
SIP is incorrect; Session Initiation Protocol is for establishing multimedia connections and would have no impact on speed or fault tolerance.
BGP is incorrect; Border Gateway Protocol is meant for linking routers and would be inappropriate to resolve the needs outlined here.
LLDP is incorrect; Link Layer Discovery Protocol is used in local Ethernet networks for advertising device identity, capability, and neighbours, defined in 802.1AB. This would help organize network paths but do not increase speed or fault tolerance.

Answer 64

A

B. Load balancing and providing high availability

Keyword is “overload of resources” and the only plausible answer for that would be load balancing

Answer 65

A

C. LC to ST

Local Connectors are two-pronged square fiber connectors. This matches the transceiver at the switch which calls for a square two-strand adapter.
Straight Tip connectors are round with the fiber tip extruding out. This corresponds to the circular connections in the patch panel.
Square Connector (SC) is square but only has one fiber end at each connector. This does not satisfy either media requirement.

Answer 66

A

A. The cable is a crossover cable

Answer 67

A

B. Loss of full control over data resources

Answer 68

A

C. Performance baseline

Answer 69

A

D. Bus

Mike Myers chapter 2 about physical network. Star is just with the device in the middle, but the firewall/router/switch lineup makes it a BUS.

Answer 70

A

C. /30

The key phrase in this question is “point-to-point connection.” This means that 2 nodes must communicate. The answer is /30 with a total of 4 IP addresses where only 2 IP addresses can be used.

Answer 71

A

B. DB-9
E. RJ-45

DB-9 to connect to the serial port on the computer,
RJ-45 to connect to the console port on the router

Answer 72

A

D. DHCP reservation

DHCP Servers support something called a “DHCP Reservation”, which essentially allows you to provide a pre-set IP address to a specific client based on its physical MAC address. This means that the device will always get the same IP address and it will never change (whereas they typically do on occasion)

Answer 73

A

A. Telnet

The goal here is to plan a “remote-access strategy.” VPN is already enabled for both sites meaning that IPSec is currently in use. From here, SSL and IPSec should be eliminated from the answer choices leaving you with SSH and TELNET. Since “some of the equipment does not support encryption”, then the common denominator would be TELNET. I think these are one of those tricky questions that can force your attention elsewhere.

Answer 74

A

A. ARP

ARP spoofing is a Man In The Middle (MITM) attack in which the attacker (hacker) sends forged ARP Messages. This allows the attacker to pretend as a legitimate user as it links the attacker machine’s MAC Address to the legitimate IP Address.

Answer 75

A

B. Duplex/Speed mismatch

The question states that the equipment is changed so think something physical like cabling. Change the cables or if they are damaged or not properly installed can effect speed. VLAN is virtual on network so should not have changed since question is physical. tx rx rev is just transmit and receive flipped, duplicate IP is an APIPA. So B is the answer.
just my logic hope it helps.

Answer 76

A

A. Changing the management software default credentials

Answer 77

A

A. Baseline review

Answer 78

A

C. Wireless controller

D. RADIUS server

Answer 79

A

A. netstat

netstat is the most correct answer. Netstat displays inbound and outbound TCP connections, along with routing tables, interface, and network protocol stats.
tracert is incorrect; this command traces the network path between the host and a target address.
arp is incorrect; this command correlates to the IP to Physical address translation tables used by ARP.
ipconfig is incorrect; this only shows local interface details and IP addresses.
route is incorrect; this only allows viewing and manipulation of the host’s IP routing table.

Answer 80

A

D. Plenum-rated cabling

Plenum helps reduce the chances of people dying from toxic fumes when a building is burning down. If its going into the walls, use plenum.

Answer 81

A

A. Wire stripper
B. Cable crimper
D. RJ-45 connectors

Answer 82

A

A. OSPF
B. IS-IS

OSPF and IS-IS are the most correct answers.
Open Shortest Path First is a link state interior gateway protocol designed to find the fastest route through a network.
Intermediate System to Intermediate System is an interior gateway protocol designed for efficient movement of information.
RIPv1 is incorrect; RIPv1 does not support VLSM.
Border Gateway Protocol is incorrect; while it can be used internally, it is mainly for exterior routing and WAN links.
Virtual Router Redundancy Protocol is incorrect; each VRRP instance will only work on a single subnet. The requirement implies multiple subnet masks will be in use, so VRRP would not be as effective here.

Answer 83

A

A. Use a loopback at the demark and router, and check for a link light
B. Use an OTDR to validate the cable integrity

Loopback is layer 1, and it’s a reasonable step of troubleshooting the connection.

You’d naturally test the cable after deployment, especially if there were issues with it, and OC is fiber so OTDR.

Troubleshooting Physical Connectivity Issues
The list of faults that come under this category are:

Improper connection of cables
Router, switch or hub port is faulty or down.
Traffic overload on the link or particular interface.
Configuration issue at layer-1.

Answer 84

A

A. Time division multiplexing’

A PRI is a digital, end-to-end connections that allows for multiple, simultaneous voice, data, or video transmissions. This is achieved through a physical line or circuit. The physical circuit, a cable containing two pairs of copper wires, provides 23 channels for data and or voice

Answer 85

A

A. Packet analyzer

Answer 86

A

C. Allow 10.5.0.10 443 any any

Answer 87

A

B. Routing table

the answer is always in the details. Re-read the question. “WITHIN the same router”, the correct answer is routing table.

Route redistribution is the term used for translating from one routing protocol
into another. An example would be where you have an old router running
RIP but you have an EIGRP network. You can run route redistribution
on one router to translate the RIP routes into EIGRP.

Answer 88

A

E. 802.11n, SSL-VPN, 802.1x

Key phrase “clientless remote network access”. SSL-VPN can be done through a browser whereas VPN with IPSEC requires a VPN client to be installed on the computer

Answer 89

A

D. DSCP

DSCP is correct. The Differentiated Services Code Point is a 6-bit entry in an 8-bit differentiated services field in an IP header. This is used to classify data and help manage QoS in a network.
STP is incorrect; Spanning Tree Protocol is used to provide loop avoidance.
VLANs is incorrect; Virtual LANs classify and break up a network into distinct broadcast domains but do not classify the data.
SIP is incorrect; Session Initiation Protocol is used to construct and deconstruct multimedia sessions.

Answer 90

A

B. Place the web server in the DMZ with an inbound rule from eth0 interface to eth1 to accept traffic over port 80 designated to the web server

Answer 91

A

C. Printer firmware

The question is on software additional functionality, which of course most printers can perform these functions. It is assumed the device software is already installed. The trick here is the keyword ‘update’ not ‘install’. So C goes well in that respect.

Answer 92

A

A. ARP cache poisoning

Answer 93

A

A. penetration testing

Answer 94

A

B. Business continuity plan

A business continuity plan (BCP) is a plan to help ensure that business processes can continue during a time of emergency or disaster. Such emergencies or disasters might include a fire or any other case where business cannot occur under normal conditions. A disaster recovery plan is useful (and usually a piece of the large business continuity plan), but it is insufficient for the long-term strategy which is needed to support business operations during an extended outage.

Answer 95

A

C. Point-to-point

D. Mesh

Answer 96

A

A. Remove SNMP polling and configure SNMP traps on each network device

This significantly reduces your bandwidth usage. Traps in this method incorporate the information about the problem within themselves. All the traps will have the same OID, so your manager will have to process the data in the trap to be able to understand the message.

Answer 97

A

A. Place a switch at the hotel’s patch panel for connecting each rooms cables

Answer 98

A

A. Determine if any network equipment was replaced recently

the troubleshooting process says to determine if any changes have been made to the network therefore A is the better answer.

Brainscape's Knowledge GenomeTM

Test 0 Flashcards

Brainscape's Knowledge Genome^TM