Test 3 Flashcards
- A network technician is troubleshooting a problem with a users client-to-site VPN connection. The user is unable to establish a connection to the server, but the error message that appears on screen does not contain useful information. Which of the following should the technician do NEXT to troubleshoot the issue?
A. Reconfigure the users VPN connection in the router to fix profile corruption. B. Inform the user that provisioning sometimes fails and the connection needs to be attempted again. C. Review the logs in the VPN client to check for any informational messages. D. Verify the system has the latest OS patches installed.
C. Review the logs in the VPN client to check for any informational messages.
Due to the fact the error pop-up is not stating why the error is occurring, so the next logical step is to review the logs
- Management requires remote access to network devices when the ISP is down. Which of the following devices would provide the BEST solution?
A. Router B. Firewall C. Bridge D. Modem
D. Modem
Access through OOB usually goes through a parallel line instead of your normal ISP provided line, so in an event where the main connection goes down, you can still access remotely by using this parallel line which is more common in out of band management.
- A network technician installed a new host on the network. The host is not connecting to the companys cloud servers. The technician attempts to ping a server using the IP address with no success. Checking the IP address using ipconfing displays:
Which of the following should the technician perform NEXT to determine where the issue is located?
A. Modify the default gateway address and ping the server to test connectivity. B. Change the DNS servers to be on the same subnet as the host. C. Modify the routerג€™s ACL to allow port 80 to exit the network. D. Perform a tracert command to locate where the packet is dropped.
D. Perform a tracert command to locate where the packet is dropped.
- A network technician is performing a firmware upgrade on a switch. The firmware needs to be downloaded to the device. Which of the following methods should the technician use to retrieve the updated firmware?
A. RDP B. SSH C. TFTP D. Telnet
C. TFTP
Key here is “downloaded TO the device” not “ON the device.” That takes SSH and Telnet out of the question. RDP can be used to download it ON the device, but TFTP is left as the most reasonable answer.
- A network technician is assisting a user who is experiencing connectivity problems with the VPN. The technician has confirmed the VPN is functioning and other users at the site cannot access the Internet. Which of the following commands would MOST likely be used to further troubleshoot?
A. tracert B. netstat C. arp D. dig
A. tracert
use tracert to find exactly where the connection is being droped
- Which of the following MUST be installed on an employees computer if the remote access VPN implements an SSL VPN with PKI authentication?
A. Shared secret B. HTTPS server C. Soft token D. Private certificate
D. Private certificate
the public key can only be decrypted y the private key, so the employee PC will send the public key of which it only has the private key, and the server will encrypt the file with the same public key, and which is to later be decrypted at the employees PC with the private key it only owns.
- Which of the following default ports should be Which of the following default ports should be opened on a firewall to allow for SSH and Telnet? (Choose two.)
A. 21 B. 22 C. 23 D. 25 E. 123 F. 443
B. 22
C. 23
- Two computers are connected to a multilayer switch, and both can access the corporate file server. The computers cannot talk to one another. Which of the following is MOST likely the cause?
A. Duplex/speed mismatch B. ACL misconfiguration C. Bad port D. Crosstalk
B. ACL misconfiguration
- A user calls the help desk for assistance with setting up a new SOHO router. The user has three employees who all have laptops that need to connect to the wireless network. The users need to have firewall rules allowing access to an internal server, but cannot be configured with static IP addresses. Which of the following BEST describes what the technician should implement?
A. CNAME record in the users dynamic DNS accounts B. Additional lease time for the laptop computers C. IP helper relay system for configuration hops D. DHCP reservation for the laptops MACs
D. DHCP reservation for the laptops MACs
Because you’re not setting up a static IP on the host device itself. The end result is the same but it’s the DHCP server issuing the reserved address. The host is still set up for DHCP, not static, per company policy..
- A home user is unable to get to the Internet from a workstation that is connected to a wireless network. When reviewing the results of the ipconfig command, the user wants to verity the default gateway is correct. Which of the following devices should be the gateway?
A. Cable modem B. SOHO router C. DNS server D. Layer 2 switch
A. Cable modem
The key to this is the word “home user” most homes are connected via cable using a modem.
- A technician is troubleshooting intermittent connectivity on a line-of-sight wireless bridge. Which of the following tools should the technician use to determine the cause of the packet loss?
A. Spectrum analyzer B. OTDR C. Packet sniffer D. Multimeter
A. Spectrum analyzer
A technician is troubleshooting intermittent connectivity on a line-of-sight wireless bridge. so basically the key word is “wireless” so as we all know wireless networks experience more issues with packet loss than wired networks. the main causes are Radio frequency interference, weaker signals, distance and physical barriers like walls can all cause wireless networks to drop packets. so the answer A is correct because A spectrum / signal analyzer measures the magnitude of an input signal versus frequency within the full frequency range of the instrument. i hope this is more clear why the answer is A
- Which of the following should be configured to allow for IP-to-name resolutions?
A. CNAME B. A C. PTR D. NS
C. PTR
PTR-records are primarily used as “reverse records” - to map IP addresses to domain names (reverse of A-records and AAAA-records).
- When configuring a new switch in a packet-switched network, which of the following helps protect against network loops?
A. Spanning tree B. Flood guard C. BPDU guard D. DHCP snooping
A. Spanning tree
- A company has just installed a new cloud VoIP solution; however, users occasionally report poor call quality or dead air being present. Which of the following describes the NEXT troubleshooting step the technician should take?
A. The technician should check the internal diagnostics on all the phones to look for a common thread. B. The technician should reset all the phones and reprovision information from the provider C. The technician should use a packet tracer to see if the traffic is getting out of the network D. The technician should run ping tests on the Internet line to monitor for packet loss and latency
D. The technician should run ping tests on the Internet line to monitor for packet loss and latency
- A network technician needs to configure a device with an embedded OS so it can be connected to a wireless handheld scanner. Which of the following technologies should be configured on the OS to create the wireless connection?
A. Partial mesh B. Ad hoc C. Ring D. Bus
B. Ad hoc
- An NGFW alerts that a web server in the DMZ is sending suspicious traffic. A network administrator finds that port 25 is open, and the traffic is originating from this port. The only purpose of this server is to deliver website traffic. Which of the following should the network administrator recommend to the systems administrator?
A. Disable Telnet service on the server. B. Disable DHCP service on the server. C. Disable the SMTP service on the server D. Disable FTP service on the server.
C. Disable the SMTP service on the server
SMTP - Port 25
- Joe, a network technician, wants to locally back up several router and switch configurations. He wants to store them on a server that can be accessed easily for recovery without authentication. Which of the following servers should Joe use?
A. Telnet B. LDAP C. TFTP D. Samba
C. TFTP
TFTP servers do exist, and can be used to send/backup switch configuration information.
- According to the troubleshooting methodology, which of the following steps will help a technician gather information about a network problem? (Choose two.)
A. Test solutions. B. Duplicate the problem C. Establish a theory of probable cause D. Question users E. Implement preventive measures. F. Document findings
B. Duplicate the problem
D. Question users
- A user reports network resources can no longer be accessed. The PC reports a link but will only accept static IP addresses. The technician pings other devices on the subnet, but the PC displays the message Destination unreachable. Which of the following are MOST likely the causes of this issue? (Choose two.)
A. Damaged cables B. Crosstalk C. Bent pins D. TX/RX reverse E. VLAN mismatch F. Duplex mismatch
C. Bent pins
E. VLAN mismatch
- While testing an ACL on the default gateway router to allow only web browsing, ports TCP 80 and TCP 443 were the only ports open. When tested, no websites were accessible via their URLs inside the network. Which of the following configurations should be added to the ACL?
A. permit tcp any any eq 20 B. permit udp any any eq 25 C. permit udp any any eq 53 D. permit udp any any eq 68 E. permit tcp any any eq 110 F. permit tcp any any eq 8080
C. permit udp any any eq 53
Answer is correct - its DNS..
no websites were accessible via their URLs inside the network
- Users have been experiencing connection timeout issues when using a web-based program. The network technician determines the problem happened due to a
TTL setting that was set too low on the firewall. Which of the following BEST enabled the network technician to reach this conclusion?
A. Reviewing application logs B. Reviewing a baseline report C. Reviewing a vulnerability scan D. Reviewing SLA requirements
A. Reviewing application logs
- A network technician is installing a new wireless network for a client. The client has experienced issues with other building tenants connecting to the wireless network and utilizing the bandwidth. The client wants to prevent this from happening by using certificate-based authentication. Which of the following technologies should the network administrator implement?
A. WPA-PSK B. EAP-TLS C. AES-CCMP D. WEP-TKIP
B. EAP-TLS
EAP-TLS deals with certificate issues. Other options are for wireless security protocols.
They are all wireless. The question is about wireless. What you should have said is that EAP-TLS gives the highest security for cilent and server. Hard to implement, but the best security.
- A network administrator is installing a campus network of two routers, 24 switches, 76 APs, and 492 VoIP phone sets. Which of the following additional devices should the administrator install to help manage this network?
A. VoIP PBX B. Content filter C. RADIUS server D. Wireless controller
D. Wireless controller
central management of all the APs.
- A technician arrives at a new building to find cabling has been run and terminated, but only the wall ports have been labeled. Which of the following tools should be utilized to BEST facilitate labeling the patch panel?
A. Tone generator B. Cable tester C. Multimeter D. Loopback adapter
A. Tone generator
- Which of the following policies prohibits a network administrator from using spare servers in the datacenter to mine bitcoins?
A. NDA B. BYOD C. AUP D. MOU
C. AUP
An acceptable use policy, acceptable usage policy or fair use policy, is a set of rules applied by the owner, creator or administrator of a network, website, or service, that restrict the ways in which the network, website or system may be used and sets guidelines as to how it should be used
- Which of the following technologies is used when multiple Ethernet adapters work to increase speed and fault tolerance?
A. Clustering B. Load balancing C. Redundant circuits D. NIC teaming
D. NIC teaming
- A network technician has finished configuring a new DHCP for a network. To ensure proper functionality, which of the following ports should be allowed on the servers local firewall? (Choose two.)
A. 20 B. 21 C. 53 D. 67 E. 68 F. 389
D. 67
E. 68
- A network technician is reviewing switch ACLs to determine if they are causing communication issues with one PC. The PCs IP address is 192.168.12.66. Which of the following is the network range found in the ACL that could have affected this PC?
A. 192.168.12.97 255.255.255.192 B. 192.168.12.97 255.255.255.224 C. 192.168.12.97 255.255.255.240 D. 192.168.12.97 255.255.255.248
A. 192.168.12.97 255.255.255.192
The questions is basically asking, “Out of the listed subnet masks, which one would result in a network range containing both IP addresses?”
The only one that can possibly hold both addresses is 255.255.255.192 (/26). This would create 4 subnets with 64 IP addresses each (62 usable addresses). The subnets would be 0-63, 64-127, 128-… … …. Both IP addresses would fall within the second subnet of 64-127.
The other subnet masks will create more subnets with fewer hosts in them, separating the IPs into different networks.
- A new technician is connecting an access switch to a distribution switch uplink in a datacenter using fiber cables. Which of the following are transceivers the technician should use to perform this job? (Choose two.)
A. RJ45 B. DB-9 C. LC D. SFP E. GBIC F. SC
D. SFP
E. GBIC
- Which of the following physical security devices is used to prevent unauthorized access into a datacenter?
A. Motion detector B. Video camera C. Asset tracking D. Smart card reader
D. Smart card reader
- A technician is installing two new servers that collect logs. After installing the servers, the technician reviews the logical output from various commands. Which of the following should be included in a logical network diagram?
A. Rack location B. Room number C. Media type D. Hostname
D. Hostname
- A few weeks after starting a new position, Joe, a junior network administrator, receives a call from an internal number asking for his username and password to update some records. Joe realizes this may be a type of attack on the network, since he has full access to network resources. Which of the following attacks is described?
A. Logic bomb B. Social engineering C. Trojan horse D. Insider threat
B. Social engineering
- A technician is sent to troubleshoot a faulty network connection. The technician tests the cable, and data passes through successfully. No changes were made in the environment, however, when a network device is connected to the switch using the cable, the switchport will not light up. Which of the following should the technician attempt NEXT?
A. Modify the speed and duplex B. Plug in to another port C. Replace the NIC D. Change the switch
B. Plug in to another port
It was verified the cable was good, that was a troubleshooting to confirm the cable was good. The step was to moved the cable to a diff port on the switch to confirm if the port was faulty.
- A technician has been assigned to capture packets on a specific switchport. Which of the following switch features MUST be used to accomplish this?
A. Spanning tree B. Trunking C. Port aggregation D. Port mirroring
D. Port mirroring
- Which of the following operate only within the UDP protocol?
A. Frames B. Datagrams C. Segments D. Packets
B. Datagrams
UDP stands for User Datagram Protocol. TCP works with segments.
- An employee reports an error when visiting a website using SSL, and a message is displayed warning of an invalid certificate. Which of the following could be occurring?
A. Phishing B. DDoS C. Evil twin D. MITM E. OCSP stapling
C. Evil twin
Evil twin is the correct answer. OSCP helps in determining SSL certificata validity and the question is not saying the user is using OSCP to do this, he is simply trying to access a website.
- A network technician is troubleshooting a connectivity issue and determines the cause is related to the VLAN assignment on one of the access switches in the network. After resolving the issue, the network technician decides to update the documentation to refer to the correct VLAN. Which of the following should the technician update?
A. Physical diagram B. Logical diagram C. IDF documentation D. Change management documentation E. Incident rֳeponse plan
B. Logical diagram
The logical diagram describes the network layout, blanks etc. Change management is more about how to implement changes. You would probably put a note in change management to say you did this work, but the primary document you need to update is the logical diagram,
- A university has a lecture hall containing 100 students. Currently, the lecture hall has two 802.11ac wireless access points, which can accommodate up to 50 devices each. Several students report they are unable to connect devices to the wireless network. Which of the following is MOST likely the issue?
A. One of the wireless access points is on the wrong frequency
B. The students are attempting to connect 802.11g devices
C. The students are using more than one wireless device per seat.
D. Distance limitations are preventing the students from connecting.
B. The students are attempting to connect 802.11g devices
using 802.11g devices require you know “g” uses 2.4 GHz and “ac” uses 5.0 GHz and the two are not compatible. Plus “several” students could have older devices, not half, not everyone, but several is reasonable. It makes the most sense if the Q is testing your knowledge of WiFi.
- A WAP has been dropping off the network sporadically and reconnecting shortly thereafter. The Cat 5 wire connecting the access point is a long run of 265ft (81m) and goes through the business area and the mechanical room. Which of the following should the technician do to fix the AP connectivity issue?
A. Install a repeater to boost the signal to its destination
B. Replace the UTP cable with plenum cable.
C. Upgrade the cable from Cat 5 to Cat 5e.
D. Set the AP to half duplex to compensate for signal loss.
C. Upgrade the cable from Cat 5 to Cat 5e.
The clue to the answer is the Cat5 wire with a long run of 81m. So Cat5e with higher capacity is required. Mechanical room is a distraction, just to divert your mind to Plenum cable. But note that mechanical rooms are not necessarily plenum spaces which are open spaces above the ceiling or below the floor for air circulation.
- A technician wants to configure a SOHO network to use a specific public DNS server. Which of the following network components should the technician configure to point all clients on a network to a new DNS server?
A. Router
B. Switch
C. Load balancer
D. Proxy server
A. Router
A, cause is a SOHO (Small Office, Home Office) network. Remember all come integrated in the router.