5.0 Network Trouble Shooting Flashcards

Question

What are the pinout setting for a roll over cable?

Answer 1

A rollover cable connects the console port on any Cisco device. The pin configuration for a rollover cable is easy to remember because of the cable name. The cable pin configuration is "rolled over" so that pin 1 on end 1 is pin 8 on the other, pin 2 on end 1 is pin 7 on the other, and so on until a complete reversal is made. The wires are in reverse order on opposite ends.

Answer 2

You should periodically complete a site survey to ensure that no unauthorized wireless access points are established. Site surveys generally produce information on the types of systems in use, the protocols in use, and other critical information. This information often comes in the form of an audit or assessment report. These reports can be useful in detailing information about the site, identify any abnormal devices or apps, and help track baselines over periods of time. You need to ensure that hackers cannot use site surveys to obtain this information.

Answer 3

You should check for incorrect access control list (ACL) settings. ACL settings allow or deny the transmission of network traffic (inbound or outbound). Incorrect settings could block traffic that was intended to be allowed.

Answer 4

An incorrect netmask can cause routing and performance issues. In classless interdomain routing (CIDR) notation, the netmask follows the IP address, beginning with the slash. As an example, in the IP address 172.16.0.0/16, the netmask is /16. The netmask determines the subnet to which the IP address belongs and the size of the subnet. An incorrect subnet mask would prevent communication with the resources but is not the most likely problem. If an incorrect subnet mask was used, all users will have trouble communicating with the resource that is incorrectly configured.

Answer 5

Duplicate MAC addresses can be caused by MAC address spoofing, static IP addresses still in the pool of available addresses, or by manufacturers reusing MAC addresses. It is not likely that the MAC addresses were changed in any way, as this is not a standard step to take. To resolve a duplicate address caused by a static address, turn off the client computer that has the static address, remove the static IP address from the pool on the DHCP server, and then restart the client computer. With regard to manufacturers recycling MAC addresses, as long as two NICs with the same MAC address have at least one router between them, there will not be a conflict. Routers direct traffic via IP addresses, while switches direct traffic via MAC addresses, with an ARP table showing the relationship between MAC address and IP address.

Answer 6

ping − tests connectivity to a remote host

Answer 7

ipconfig − displays network configuration settings for the local computer

Answer 8

nslookup − verifies entries on a DNS server

Answer 9

nbtstat − diagnoses problems with NetBIOS name resolution

Answer 10

802.11b wireless local area networks (WLANs) support three non-overlapping or non-interfering channels that can be used in a single area. An additional channel (channel 14) is supported in all countries except the United States. Wireless access points or bridges must use non-adjacent, non-overlapping radio channels to prevent interference from the adjacent bridge or access point. Each 802.11b channel utilizes a RF bandwidth of 22 MHz in DSSS modulation. You can use a combination of channels 1, 6, and 11 in a single area, referred to as a cell. This allows the 802.11b networks to provide a collective bandwidth of 33 Mbps in a cell for an office or home WLAN environment. When using multiple bridges to cover a large area, you should ensure that the channels are configured in such a way that there is no overlap.

Answer 11

For this scenario, you need to release and renew the DHCP lease for the client computer. You do this by running the following commands: ipconfig /release ipconfig /renew The ipconfig /all command will display all the TCP/IP settings for the computers. The ipconfig /flushdns command removes the contents of the computer's DNS cache. The ipconfig /registerdns command registers the computer's DNS host name with the DNS server. The ipconfig /displaydns command displays the contents of the computer's DNS cache. The ipconfig /showclassid command will display the DHCP class ID assigned to the client computer. The ipconfig /setclassid command will configure the DHCP class ID for the client computer. You should only select commands needed for the scenario. In some cases, only a single command may be necessary.

Answer 12

The iptables Linux command allows you to control a firewall and filter packets. Filtering can be performed using packet type, packet source/destination, or target. The tcpdump command allows you to analyze wired or wireless network traffic on a Linux system. For example, to examine POP3 traffic on the wired NIC, you would use this command: sudo tcpdump -I eth0 -nn -s0 -v port 110

Answer 13

Ifconfig is the counterpart to the Windows ipconfig command, and provides information about the network interface card. Ifconfig functions much the same way as ipconfig, but it does not provide information on wireless adapters. To retrieve information about wireless adapters on a non-Windows system, use the iwconfig command.

Answer 14

Microwave ovens can cause interference for 802.11b wireless local area networks (WLANs) that operate in the 2.4-GHz frequency band. Microwave ovens operate at the 2.45-GHz frequency band, and can cause interference when used in areas where 802.11b WLANs are deployed. Cordless phones can also cause interference. Typically these cordless phones use a higher transmitting power than the access points and can create a lot of noise in 802.11b WLANs. To avoid the interference from cordless phones, you can change either the location of access points or the location of the cordless phones. You can use the cordless phones that operate at 900MHz frequency band to avoid interference with 802.11b WLANs. Most medical equipment that uses radio frequencies operates in the 2.4-GHz ISM frequency band. Therefore, when doing a site survey, you must consider the interference by microwave ovens, cordless phones, and other devices that operate in the 2.4-GHz ISM frequency band, and you should plan the positions of the access points according to these devices to avoid interference.

Answer 15

Netstat is a TCP/IP utility that you can use to determine the computer's inbound and outbound TCP/IP connections. It displays current connections and their listening ports.

Answer 16

Issuing tracert at a Windows command prompt will trace the route a packet takes from the source computer to the destination host.

Answer 17

All you need to do is flush the contents of the client computer's DNS cache. You do this by running the following command: ipconfig /flushdns The ipconfig /all command will display all the TCP/IP settings for the computers. The ipconfig /registerdns command registers the computer's DNS host name with the DNS server. The ipconfig /displaydns command displays the contents of the computer's DNS cache. The ipconfig /renew command will renew the client's DHCP lease. The ipconfig /release command will release the client's DHCP lease. The ipconfig /showclassid command will display the DHCP class ID assigned to the client computer. The ipconfig /setclassid command will configure the DHCP class ID for the client computer.

Answer 18

You should use a rollover cable (also called a console cable) to connect to the console port on any Cisco device. The pin configuration for a rollover cable is easy to remember because of the cable’s name. The cable pin configuration is "rolled over" so that pin 1 on end 1 matches pin 8 on end 2, pin 2 on end 1 matches pin 7 on end 2, and so on, until a complete reversal is made. In other words, the wires are in reverse order on opposite ends.

Answer 19

In networking, attenuation is the term for a loss of signal strength as data travels over the network medium (cable). The attenuation rate is often the deciding factor when selecting the medium to use for a particular length of network cable. Attenuation is also referred to a decibel (Db) loss. For example, unshielded twisted-pair (UTP) cable has the greatest susceptibility to attenuation. This is why the maximum recommended segment length for UTP is limited to 100 meters (328 feet). ThinNet cable, on the other hand, has less susceptibility to attenuation; the signal can travel a distance of 185 meters (607 feet) before being adversely affected by attenuation.

Answer 20

A crossover cable connects two legacy or non-MDIX compliant devices, such as two computers, two hubs, or two switches.

Answer 21

The opposite of attenuation is amplification. If you want to create a network that extends beyond the normally acceptable length of a particular cable type, you would need to install a signal amplifier. In networking terms, this amplifier is called a "repeater."

Answer 22

Electromagnetic interference (EMI) occurs when objects, such as fluorescent lighting, interfere with transmission over copper cabling. Radio frequency interference (RFI) occurs when objects, such as cordless phones, interfere with transmission over wireless radio frequencies.

Answer 23

Crosstalk is a specialized type of EMI caused by parallel runs of twisted-pair cables. The only solution to this problem is to change the path of the cables.

Answer 24

Near end − Near-end crosstalk (NEXT) measures the ability of the cable to resist crosstalk. Most commercial cabling will give you the minimum NEXT values that are guaranteed. Far end − Far-end crosstalk (FEXT) measures interference between two pairs of a cable measured at the other end of the cable with respect to the interfering transmitter. EMI affects cable placement. You should arrange cables to minimize interference. Ideally, Ethernet cables should not be placed close to high voltage cables, generators, motors, or radio transmitters.

Answer 25

Refraction is the bending of waves as they pass from one medium to another, due to a change in their speed. Harmonic distortion is the distortion of a wave by unwanted multiples of an original frequency, causing interruptions to the way the wave form behaves in electrical circuits, or sounds. Intermodulation distortion occurs when two different frequencies are simultaneously passed through an amplifier

Answer 26

One of the first steps in troubleshooting is to isolate the source of the problem. By asking if other users are experiencing the same problem, you will know if this is a network problem or a problem with the user's logon process. If the problem cannot be duplicated, it could be an intermittent problem, or it could be something simple, such as the user typing his password incorrectly. Determining the amount of memory or confirming the computer is plugged in could be useful in other scenarios. This type of information would not enable you to determine the problem in this scenario.

Answer 27

The ping command allows you to test the connection between a local computer and a node on the network. If you are trying to determine why a user cannot print, you can issue the ping command with either the printer’s network name (ping colorprinter) or the IP address of the printer (ping 192.168.1.38). If you could ping by IP address, but not by network name, that would indicate a problem with DNS translation.

Answer 28

The nmap Linux command is used to explore the network. It also acts as a security scanner. As an example, you can use nmap 192.168.1.0/24 to scan a subnet.

Answer 29

The route command can be used to add additional routes (path) in your network. As an example, if you decided that traffic from some computers needed to go to another node in the network, you would use a route add command.

Answer 30

The only situation in which deploying a wireless range extender would make sense is for a sprawling small office/home office layout (SOHO) with no more than 10 devices active at any given time, but with two dead spots in need of improved wireless network access. A wireless range extender provides wireless coverage for a larger area than a single wireless access point can handle on its own. Strategically placed range extenders can also deliver wireless coverage in areas where low-signal or no-signal conditions may prevail when only a single WAP is used. In fact, wireless extenders will provide something less than the square of the area that a single WAP covers, because they must stay close enough to the WAP to receive a strong enough signal for them to meaningfully extend that signal further afield. As the name indicates, a wireless range extender simply extends an existing wireless network, usually provided by a wireless access point that also includes multiple switched ports and built-in router capabilities (along with USB ports, DHCP, address and content filtering, and more). Low cost range extenders offer none of these additional functions; more expensive models may include some of these. In general, a range extender should not be expected to handle more than 20 or 25 simultaneously connected devices, whereas wireless access points can typically handle up to 60 devices each. Thus, wireless range extenders apply only to small-scale, low-usage scenarios like the small office/home office situation described.

Answer 31

On a Fast Ethernet network that uses unshielded twisted-pair (UTP) cables, such as a 100Base-TX Ethernet network, the maximum length of the cable between a computer and a switch or hub is 100 meters. In this scenario, the total length of cable between the Shipping server and the switch is 110 meters. You can solve the connection problem in this scenario by replacing the 15-meter patch cable that connects the Shipping server to the wall outlet with a patch cable that is no more than 5 meters in length. Db loss in cabling (also called attenuation) occurs because the voltage decays slowly as the current travels the length of the cable. If you replace the 15-meter patch cable with a 10-meter patch cable, then the connectivity problem will still occur because the overall cable length between the server and the switch will still exceed 100 meters. The switch and patch panel are usually located within a telecommunications closet. A basic patch panel does not normally contribute any networking services; it simply serves as a junction box between the switch and the various nodes on the network. A patch panel provides a convenient interface from which you can arrange and rearrange connections between the switch and the nodes. Distance issues are caused when cable lengths exceed the maximum distance allowed by a particular media type. Ensure that your cable runs do not exceed the maximum distance allowed. Repeaters could also be used to prevent this problem.

Answer 32

Bad connectors Bad wiring Open circuits or short circuits Split cables Transmit (TX)/Receive (RX) ends reversed Cable placement EMI/Interference Cross-talk Db loss and attenuation Distance limitations Incorrect termination (mismatched standards) Split pairs Bad SFP/GBIC (cable or transceiver)

Answer 33

Site surveys are done to assess the coverage area of each access point and the number of access points required for a specified coverage area. A site survey should be done prior to installing a WLAN. Site surveying is required to determine the frequency and power settings of each access point to avoid channel overlapping and interference. A site survey is the only technique that helps the customer install complete WLAN coverage for mobile roaming clients. After a proper site survey, a site survey engineer can identify the position of access points within the facility. The quality of the output of the site survey depends on the experience and knowledge of the site survey engineer. End-to-end connectivity is a process whereby you troubleshoot connectivity issues from the host experiencing the connection problem all the way through the network. You should always start at the local host and proceed through the network, through routers and other devices, to the destination. Any connectivity problem could be at the host, the remote host, or anywhere in between. Following a logical process will ensure that the exact issue will be located.

Answer 34

Incorrect interface/interface misconfiguration − If the interface is incorrectly configured, then traffic will not pass through that interface properly. Often the easiest way to test and interface is to use the ping command or a loopback tester. If you connect a router to a multiplexer but cannot access the router's interface even though the signal level is good, it is most likely that the wrong wavelength as demuxed from the multiplexer.

Answer 35

Interface errors − Interface errors are usually dependent upon the device and vendor. You should consult the device's operation manual to determine what the interface error means. In most cases, vendors have an online knowledge base that you can search.

Answer 36

Simultaneous wired/wireless connections − Some organizations have both wired and wireless networks in use. Client computers, though, should connect to only one of these types of networks. If you want to use a wired connection, you should plug into that network. If a wireless network is in range, your computer may attempt to connect to the wireless network as well if you have enabled the connect automatically feature.

Answer 37

Discovering neighboring devices/nodes − Most devices have the ability to discover neighboring devices or nodes by using the appropriate routing protocol. It may be necessary to enable multiple routing protocols based on the types of devices to which you must connect.

Answer 38

Port configuration − Each switch port is a single collision domain. If you improperly configure the ports, then communication on the appropriate domain may not be possible.

Answer 39

VLAN assignment − This problem occurs when configuring the VLAN assignment on a client computer or device. Each VLAN is a separate collision domain. Make sure that client computers are configured with the appropriate VLAN to ensure that they can communicate within the collision domain. If a device is attached to an incorrect VLAN, it will not respond to network communication even through the link activity light is on.

Answer 40

You should deploy the 802.11a wireless standard. This standard provides the most non-overlapping channels (eight) and the shortest range (30 m in an open environment, 10 m in a building). The 30 meter (m) distance limitation is an important consideration when implementing this wireless network. This standard is the best to use in a campus environment where multiple wireless access points may be deployed near each other. The 802.11b and 802.11g wireless standards provide only three non-overlapping channels. In addition, they provide a range of up to 100 m in an open environment and 30 m in a building.

Answer 41

When troubleshooting a problem, you should try the obvious or quick fixes first. This is especially true when you are attempting to correct a problem remotely with a non-technical and often impatient end user. A logical first place to start troubleshooting would be to determine if the condition is network-wide or workstation-specific. You should have other similar users attempt to perform the same actions. If they are able to do so, the problem is a local condition. Next, you should ping the server from the user's computer.

Answer 42

VLAN mismatch occurs when the VLAN assigned to the port on one end of the cable does not match the VLAN assigned to the port on the other end of the cable. In a native VLAN mismatch, one port might be assigned to VLAN 10, and the other assigned to VLAN 100. This can cause a security risk, as the traffic may not go where intended. In a trunk VLAN mismatch, one port is configured to trunk mode off, and the other is configured to trunk mode on. In this last case, the trunk link would no longer be functional. This would explain why some but not all of the users are unable to communicate via e-mail.

Answer 43

A bad port on a switch, hub, or router will cause connectivity issues for all users, not select users, when communicating with that port. When connected, a port should have a connectivity light, and when transmitting data, should have a data light. If a bad port is suspected, plug the patch cable into another empty port. If you get traffic, the original port was bad. To shut down suspected bad port 11, enter the following commands: Switch(config)# interface Fa0/11 Switch(config-if)# shutdown

Answer 44

Network connection LED status indicators on ports and NICs tell you whether you have a network connection and whether there is traffic on that connection. For switch ports, the LED indicators are usually on the left and right sides of the port. The left LED usually indicates a network connection. In some equipment, an amber light would indicate a 100mbs connection, while a green light would indicate a 1000mbs connection. The right LED will blink to notify that there is network activity on that port.

Answer 45

The most likely cause of the network connectivity problem in this scenario is that the cable that connects Router1 to FRW2 is not properly connected to FRW2. If the cable is not properly connected, then users on the Internet will be able to contact Router1, but they will not be able to gain access to resources on WebSrv. Also, computers on the network will be able contact one another and the firewalls, but they will not be able to contact Router1 or connect to the Internet. Potential issues with the cable are a bad connector, bad internal wiring, a split (a physical cut in the cable), or a termination problem.

Answer 46

Bad connector − If you suspect that a connector is bad on a short cable, it may be easier to replace the entire cable than one connector. However, for long cable runs that extend over a long distance, you should replace the connector so that the cable will not have to be re-routed.

Answer 47

Bad wiring − If you suspect that the cable itself is damaged or nonfunctional, you should always replace the cable.

Answer 48

Split cables − This is similar to bad wiring but is much easier to diagnose because the cable is actually cut. An open circuit can be the direct result of this issue.

Answer 49

Incorrect termination − This occurs when the cabling connectors are configured with the wrong individual pin in the connector sockets, or when a twisted pair cable is wired as a split pair.

Answer 50

Straight-through − With this type of cable, each pin should connect to the same pin on the opposite side. This cabling is used when connecting unlike devices, such as connecting a router to a hub, a computer to a switch, or a LAN port to a switch, hub, or computer.

Answer 51

Crossover − With this type of cable, some of the internal wires should cross over each other by switching the orange-white and green-white wires, and then the orange and green wires. This cabling is used when connecting like devices, such as connecting a computer to a router, a computer to a computer, or a router to a router.

Answer 52

Dirty optical cables – Cleanliness is important with fiber optic cables and directly impacts the performance of optical communication networks. A dirty optic cable on either connecter end can create severe problems.

Answer 53

TX/RX reversal is another kind of cabling error. A straight-through cable has the same transmit (Tx) or receive (Rx) leads at each end, while they are reversed at one end in a crossover cable. A straight-through cable connects dissimilar devices, while a crossover cable connects like devices. If you use a crossover cable in the wrong location on the network, the device will be unable to connect to the network. You should replace the cable with the correct type. Some switches support medium dependent interface crossover (MDIX). This allows a switch port to match its leads to the cable you have used. However, if a network device does not support MDIX, you must use an appropriate cable (that is, a crossover cable) to allow its Tx leads to connect to the Rx leads on a connected device. If loss of connection occurs, you are using the wrong cable or have the switch leads configured incorrectly.

Answer 54

A split pair is a wiring error where two wires of a twisted pair are instead connected using two wires from different pairs. It most commonly occurs when a punch-down block is wired incorrectly or when RJ-45 connectors are crimped onto the wrong wires. In both of these situations, you will need to rewrite the block or connector. Open circuits or short circuits could also cause loss of connection. An open circuit is usually the result of a broken cable or improper termination. This causes an incomplete connection and complete failure of the electric current. A short circuit occurs when there is unwanted contact with the cabling. This results in the current following an unwanted path, which could cause overheating or burning.

Answer 55

The ping command checks the connection to the router end-to-end at the Network layer. It uses the ICMP protocol to send Echo requests and replies to check connectivity to another network host. To ping the address 110.11.32.3, you should enter the following command: ping 110.11.32.3

Answer 56

Cable tester − Verifies that a cable is good Crimper − Attaches media connectors to the ends of the cable Loopback plug − Echoes signals over a port to ensure it is working properly Multimeter − Includes a voltmeter, an ohmmeter, and an ammeter to measure voltage, current, and resistance, respectively Punchdown tool − Attaches cable to a patch panel Toner probe − Includes a tone generator and a tone locater to locate the ends of a cable

Answer 57

Of the choices listed, Computer1's IP address is most likely causing its connectivity problem. Computer1 is configured with the broadcast address for the network, and thus cannot communicate on the network. The network address 192.168.10.1 with a subnet mask of 255.255.255.0 can also be represented as 192.168.10.1/24. The slash (/) character and the number that follows it represent the network prefix, which indicates the number of bits in an IP address that are used for the network address. In this scenario, the first three octets are used as the network address and the last octet is used for host addresses because it is a class C address range. Therefore, the router's network address is 192.168.10 and its host address is 1. IP addresses from 192.168.10.1 through 192.168.10.254 are valid host addresses on the network. In this scenario, the address 192.168.10.0 is the network ID for the network.

Answer 58

Absorption occurs when an object does not reflect or refract a wireless signal, but rather absorbs a portion of it. Different materials have different absorption rates. For example, drywall has a relatively low absorption rate, while concrete has a relatively high absorption rate.

Answer 59

The 802.11a wireless local area network (WLAN) technology supports twenty-three non-overlapping or non-interfering channels that can be used in a single area. Wireless access points or bridges must use non-adjacent, non-overlapping radio channels to prevent interference from the adjacent ones. Each 802.11a channel utilizes a RF bandwidth of 20 MHz in Orthogonal Frequency Division Multiplexing (OFDM) modulation. This 20-MHz channel is split into 52 channels with 300-KHz smaller sub-carriers, out of which 48 are used for data transmission. The eight non-overlapping channels can be used in a single area or cell to provide the cell a total bandwidth up to 532 Mbps. 802.11b includes four non-overlapping channels (channels 1, 6, 11, 14) in most countries, and 802.11g includes four non-overlapping channels (channels 1, 5, 9, and 13) in most countries. In the US, 802.11b includes the same four non-overlapping channels, but 802.11g includes three non-overlapping channels (channels 1, 6, and 11).

Answer 60

An optical time domain reflectometer (OTDR) can be used to determine the length of the cables used on a fiber optic network. A time domain reflectometer (TDR) determines the length of shielded twisted-pair (STP), unshielded twisted-pair (UTP), or coaxial cables. A butt set is used to test telephone lines. A toner probe is used to identify a single cable on the network. It is the best tool to use to locate a bad Cat5 cable.

Answer 61

It is most likely that you have an 802.11a network because 802.11g devices are incompatible with 802.11a networks. The frequency used by the different wireless networks is important. Some of them use the same frequency and can, therefore, be considered compatible. However, keep in mind any other devices, such as cordless phones, that can use the same radio frequency as they can cause interference.802.11g devices are compatible with 802.11b networks.802.11n networks allow the usage of 802.11a, 802.11b, or 802.11g devices.

Answer 62

Throughput − Each wireless network type has a different maximum throughput. Keep in mind that this throughput is shared by all the devices connected to the wireless access point. Frequency − Each wireless network uses a certain frequency. Some network types may use the same frequency. Document the frequencies used when you implement any wireless network so that you can ensure that future wireless networks do not interfere with existing ones. Distance − All wireless access points will have a limited distance for their signal. You can increase and decrease the signal strength as needed, but the maximum distance will always remain. In most cases, companies decrease the signal strength to limit the area covered by the wireless network. Channels − Each wireless network can operate over several channels that can be used by that frequency. Research the frequency in use to determine the non-overlapping channels. While there may be 10 channels available, usually only three or four of the available channels are considered non-overlapping. Wireless access points that use the same frequency should be configured to use different non-overlapping channels. Channel Utilization − This refers to the fraction of time that is needed to transmit data packets over a given channel. This process is handled by a scheduling mechanisms that will check to make sure that the data packets are capable of being sent over a particular channel and that it will not impact network speeds and waste resources.

Answer 63

The most likely issue is an incorrect Service Set Identifier (SSID). Most wireless devices remember the previous SSID, even if you move to a new network, so you should always check the SSID when troubleshooting. Also, it is very easy for a user to select the wrong SSID. They may not have the correct password or passphrase, and they may type in the SSID name incorrectly. Checking for the correct SSID is often the first step to wireless troubleshooting. On most devices, you can set the device to remember an SSID and its credentials. However, if the SSID or the credentials change, the device will be unable to automatically log in to the wireless network.

Answer 64

Automatic Private IP Addressing (APIPA) is a feature of Windows operating systems that enables a system to automatically assign itself an IP address when a DHCP server is not available. APIPA acts as a DHCP failover mechanism, making support easier for small local area networks. If APIPA addresses are in use, you should discover why the DHCP server cannot be contacted. The problem could be with the connection to the DHCP server or with the DHCP server itself. APIPA uses the Address Resolution Protocol (ARP) to select a unique IP address in the reserved address range of 169.254.0.0 to 169.254.255.255 and a subnet mask of 255.255.0.0 when no DHCP server is available. Once the system has assigned itself an IP address, it can communicate with other devices on the LAN using TCP/IP, provided the devices are either configured for APIPA or manually set to the correct address range and a subnet mask.

Answer 65

Most likely, you have an unresponsive service that is tying up resources. In Services on a Windows computer, find the unresponsive service and note the name of the service. In an elevated command prompt, enter "sc queryex servicename" and get the process ID (PID). Then, kill the process using "taskkill /f /pid" followed by the PID in question. If the PID were 1687, for example, the command would be taskkill /f /pid 1687.

Answer 66

Expired IP addresses occur when a client computer has been offline for a period of time, is brought back on line, and uses an IP address whose lease has expired. To resolve the problem on a Windows computer, issue an “ipconfig /release” command, followed by “ipconfig /renew”. This will unbind the IP address from the client machine, and the DHCP server will issue a new IP address. Expired IP addresses would cause connectivity issues but not resource usage issues.

Answer 67

If you get a “Destination Host Unreachable” message, the most likely culprit is an incorrect gateway. Make sure the local machine and the default gateway are on the same subnet. If the gateway IP address is actually the IP address of the LAN side of the router, you will see a “Request timed out” message. This would result in connectivity issues but not resource usage issues.

Answer 68

HTTPS is a supported protocol. When a Web server uses HTTPS technology, all the data transfer between clients and the server is encrypted using Secure Sockets Layer (SSL) technology. Web pages using this technology begin their Uniform Resource Locators (URLs) with https://. This technology is used frequently with e-commerce Web sites. In this scenario, users are probably attempting to access the Web sites by typing http:// instead of https://. Although users are unable to access any Web sites hosted on Web1 by using FQDNs, they are able to access other Web sites by using their FQDNs. Therefore, the Domain Name Service (DNS) server is operational, as is the network.

Answer 69

You should use a protocol analyzer to view the number of User Datagram Protocol (UDP) packets sent from CLIENT_A to SERVER_1. A protocol analyzer is software that enables you to view information about the network communications protocols that are used on a network. You can also use a protocol analyzer to determine the Web sites that are being visited by network users and to alert you if network interface cards (NICs) are jabbering. A jabbering NIC should be replaced because it continually sends data and saturates the network with data packets.

Answer 70

You should use a protocol analyzer to determine if passwords are being transmitted in plain text. Protocol analyzers capture packets as they are transmitted on the network. If a password is transmitted in plain text, you will be able to see the password in the packet. Protocol analyzers are also called network analyzers or packet sniffers. Protocol or network analyzers (or sniffers) can be used to troubleshoot many problems. You can use sniffers to identify the MAC address causing a broadcast storm, to identify the protocols is used on the network, or to observe connection setup, request, and response headers to a Web server.

Answer 71

A vulnerability scanner tests your network for known vulnerabilities and suggests ways to prevent the vulnerabilities.

Answer 72

A network mapper obtains a visual map of the topology of your network, including all devices on the network. A network mapper will create a visual representation of the network map.

Answer 73

The ipconfig utility displays TCP/IP configurations on computers running Windows operating systems

Answer 74

Class C addresses range from 192 to 223 decimal, or 11000000 to 11011111 binary. The first three bits in a Class C address are always 110. Class C addresses use the first three octets for the network address and the last octet for the host address. With one octet to use for the hosts, you can assign the addresses 1 through 255 (decimal) for the host ID, which is 00000001 through 11111111 in binary.

Answer 75

The address class ranges are listed below in binary and decimal: Class A: 00000000 − 1111110 / 0 – 126 Class B: 10000000 − 10111111 / 128 – 191 Class C: 11000000 − 11011111 / 192 – 223 Class D: 11100000 − 11101111 / 224 – 239 Class E: 11110000 − 11111111 / 240 – 255 Note that the 127 network address is used for loopback. Also notice that the most significant bit, the left-most bit, is a zero for all Class A addresses. For Class B addresses, the zero shifts to the right one place, which means that the two most significant bits in all Class B addresses are 10. The zero shifts again for Class C, which means that the three most significant bits in all Class C addresses are 110. This "shifting" continues for Class D and Class E. Knowing this pattern enables you to determine the class of a binary IP address simply by looking at the most significant bits.

Answer 76

The 11000000 10101000 00101100 00011000 binary address translates into the 192.168.44.24 IP address in dotted decimal format. vb

Answer 77

You need to understand the address structure for IPv4 addresses. Each 4 IP address is 32 bits long. When we refer to the IP address we use a dotted-decimal notation, while the computer converts this into binary. However, even though these sets of 32 bits are considered a single "entity," they have an internal structure containing two components: Network Identifier (Network ID): A certain number of bits, starting from the left-most bit, identify the network where the host or other network interface is located. This is also sometimes called the network prefix, or even just the prefix. Host Identifier (Host ID): The remainder identifies the host on the network.

Answer 78

Nbtstat displays NetBIOS over TCP/IP statistics on Windows computers. Use nbtstat to perform the following actions: Track NetBIOS over TCP/IP statistics. Show details of incoming and outgoing NetBIOS over TCP/IP connections. Resolve NetBIOS names. Issuing the nbtstat command with the -r option will list names resolved by the Windows Internet Naming Service (WINS) and by broadcast.

Answer 79

A tone generator allows you to input a signal on one end of a cable and probe the other end of the cable for connectivity. A tone locator is used to locate the signal generated by the tone generator at the other end of the cable. When the tone locator probe is placed near the other end of the cable, a tone is emitted. It is not necessary to touch the cable with the tone locator probe.

Answer 80

A signal generator is used to measure the bandwidth of a network.

Answer 81

A bandwidth speed tester will allow you to verify the upload and download speeds of your Internet connection, as well as determining if a bottleneck is internal or external. Internet Service Providers often tout “Speeds up to …” that are indicative of the most ideal conditions, such as during the middle of the night when there is little traffic. Simply put, a bandwidth speed tester measures the speed you are receiving from your ISP during business hours, as opposed to what was promised. Free bandwidth speed testers are available from www.solarwinds.com, www.speedtest.net, and several other sites.

Answer 82

A port scanner can be used to identify open ports on a host or on a server. A port that is open but unused, such as port 23 (Telnet) represents a security risk, and should be disabled. Port scanners do not measure network performance.

Answer 83

A protocol analyzer is a tool that allows you to intercept and examine traffic on a network. Once captured, the traffic can then be analyzed to determine what is causing the bottlenecks, and which protocols are being used. For example, you could use a protocol analyzer to ascertain whether FTP traffic is causing throughput issues on your network. This tool would provide no information on speed.

Answer 84

A digital multimeter is a tool that can test voltage. For example, you can use a digital multimeter to test the voltage output of a power supply or to test for breakage in a telephone or Ethernet cable. To use a digital multimeter to measure light signals or temperatures, you will need a light signal probe or temperature probe.

Answer 85

A digital infrared thermometer measures the temperature of a chip or motherboard system chassis.

Answer 86

A table of NetBIOS names resolution and registration statistics will be displayed when you issue the nbtstat -r command. This screen displays NetBIOS connection statistics, such as the number of NetBIOS names resolved by broadcast and the number of NetBIOS names resolved by a NetBIOS name server. This screen also displays the NetBIOS names that have been resolved.

Answer 87

The Active Connections screen is displayed when you issue the netstat -a or netstat -A command at a command prompt on a Windows computer.

Answer 88

The Route Table screen is displayed when you issue the netstat -r or netstat -R command at a command prompt on a Windows computer.

Answer 89

The NetBIOS Local Name Table screen is displayed when you issue the nbtstat -n or nbtstat -N command at a command prompt on a Windows computer.

Answer 90

This condition would cause slower communication between the half-duplex device and the other devices. This would occur because the half-duplex device would only be capable of sending or receiving data. Full-duplex devices can send AND receive data at the same time. This condition would not prevent communication from occurring between the devices. Communication would fail if the port speed or MDIX settings are mismatched. For example, devices that can only operate at 100 Mbps cannot communicate on a network that runs at 1000 Mbps. Keep in mind that many switches and other devices are capable of operating at multiple speeds depending on the network. In many cases when there is a speed mismatch, the devices will just operate at the speed of the slowest device. Using the wrong type of cable on a network, such as a straight-through in place of a crossover, may also decrease communication speed. Using a bad cable may cause the connected device to lose all communication. You need to replace the bad or improper cable to restore full functionality to the network.

Answer 91

An issue referred to as a mismatched MTU or MTU black hole occurs when communication over some routes fails due to an intermediate network segment with a maximum packet size smaller than the maximum packet size of the communicating hosts. Specifically, the black-hole router does not send an appropriate Internet Control Message Protocol (ICMP) response to this condition, or if a firewall on the path drops such a response. To solve this problem, you need to first locate the black hole using the ping command. Once the black hole is found, you should configure one of two possible solutions: Configure the black-hole routers to send ICMP Type 3 Code 4 messages. Set the MTU of the black-hole router interface to be the largest size that the black-hole router can handle.

Answer 92

Another issue you should be aware of is a switching loop. This network problem occurs when there is more than one Layer 2 path between two endpoints. The loop creates broadcast radiation as broadcasts and multicasts are forwarded by switches out every port. Because the Layer 2 header does not support a time to live (TTL) value, if a frame is sent into a looped topology, it can loop forever. You can implement the scanning tree protocol (STP) to prevent this looping. A broadcast storm occurs if one end of a cable is plugged into one port of the switch and the other in another port.

Answer 93

Cable certifier − an instrument used to collect network cable test data and print certification reports Cable certifiers are more expensive than cable testers because certifiers actually provide a certified report that proves cable type. Companies that manufacture cable certifiers must have these certifiers verified by international certification organizations, such as ISO or ANSI. Network technicians should be able to read the output from a cable certifier and determine the problem. Cable testers do NOT provide as much detailed information as cable certifiers. In addition, they cannot be relied upon to prove cable capabilities as well as cable certifiers can.

Answer 94

Optical time-domain reflectometer (OTDR) − an electronic instrument used to check fiber cable resistance levels and locate cable faults

Answer 95

Protocol analyzer output can be very detailed. Generally this tool is best used when you need to get traffic analysis details, such as the types of traffic, to improve network performance, or to determine if an attack is occurring. TDRs and OTDRs can provide some of the same information as cable testers and cable certifiers. While TDRs and OTDRs are closer to cable certifiers than cable testers, TDRs and OTDRs do not provide the same certification reports as cable certifiers. TDRs and OTDRs are usually more expensive than cable testers but less expensive than cable certifiers.

Answer 96

A bridge provides a quick and low-cost solution for dividing a network into different segments for the purposes of reducing network traffic. Bridges work by building routing tables based on MAC addresses. These routing tables enable bridges to determine which packets need to pass through the bridge to another segment, versus which packets should stay on the local segment. In this scenario, the Accounting department is currently sharing the bandwidth of the entire segment. Using a bridge to place this department on its own segment means the traffic of this segment will stay on the local segment, thus reducing the overall traffic of the network. Only packets destined for other segments will pass through the bridge. A bridge is not an optimal choice for reducing intersegment traffic. In such a case, a router or gateway would be a better choice.

Answer 97

The consequence may be duplicate IP addresses. Duplicate IP addresses can occur when a DHCP server “thinks” an IP address is available. For example, a client machine requests an IP address, and the DHCP server issues an address listed as available from the pool of addresses. A conflict may occur if a dormant machine comes back online with an IP address that the DHCP server thought was expired and added back into the pool.

Answer 98

Blocked TCP/UDP ports are often necessary to protect the network from insecure protocols that are easily exploited by hackers. Ports that are often blocked include TCP port 23 (Telnet), TCP port 21 (FTP), TCP/UDP port 53 (DNS, as a post-attack exit port), and UDP port 161 (SNMP). Blocked TCP/UDP ports were likely configured based on security policies and should not be changed unless you are authorized to do so.

Answer 99

A network protocol analyzer does not detect active viruses or malware on the network. Most network protocol analyzers provide the following functions: Provide network activity statistics. Identify source and destination of communication. Identify the types of traffic on the network. Detect unusual level of traffic. Detect specific pattern characteristics. A network protocol analyzer can determine if passwords are being transmitted over the network in clear text. It can also be used to read the contents of any File Transfer Protocol (FTP) packet, including an FTP GET request. WireShark is a commercial network protocol analyzer.

Answer 100

Speed test sites − These sites are used to determine the speed of your Internet connection. They are a great method to help you see if you are getting the speed promised by your Internet service provider (ISP). For a list of possible sites to use, please see http://pcsupport.about.com/od/toolsofthetrade/tp/internet-speed-test.htm, Looking glass sites − These sites view routing information from a server's perspective using Border Gateway Protocol (BGP) routes. For a list of possible looking glass servers, please see http://www.bgp4.as/looking-glasses. Wi-Fi analyzer − These tools are used to analyze the signal strength of your wireless access points. For a list of possible FREE Wi-Fi analyzers for laptops or mobile devices, please see http://open-tube.com/free-wifi-analyzers-for-laptops-mobile-devices/

Answer 101

A Dynamic Host Configuration Protocol (DHCP) server is used to distribute IP addresses. DHCP is the network service used to assign IP address, subnet mask, default gateway, and DNS server addresses to devices as the boot onto the network. Because users are getting different IP addresses than expected and some have received a duplication IP address, the issue is probably a rogue DHCP server. A rogue DHCP server can be placed on the network through malicious intent or inadvertently through a virtual machine. Rogue DHCP servers play a big role in man-in-the-middle attacks.

Answer 102

Exhausted DHCP scope occurs when the DHCP server no longer has any available IP addresses to issue. This may occur as the result of a DHCP starvation attack, a type of Denial of Service (DoS) attack. If the available IP addresses in the DHCP pool are all assigned, a legitimate user will be denied access to the network. If the DHCP is exhausted, computers will be unable to lease an IP address. Symptoms of exhausted DHCP scope includes error messages on DHCP leases and computers using APIPA addresses.

Answer 103

An incorrect netmask can cause routing and performance issues, but will not cause duplicate IP address errors. In classless interdomain routing (CIDR) notation, the netmask follows the IP address, beginning with the slash. As an example, in the IP address 172.16.0.0/16, the netmask is /16. The netmask determines the subnet to which the IP address belongs, and the size of the subnet.

Answer 104

Of the commands listed, you should use the ipconfig /all command to view the media access control (MAC) address of the network interface card (NIC) installed in the Windows 7 Enterprise computer. The MAC address for the Ethernet adapter appears on the line entitled Physical Address. TCP/IP uses Address Resolution Protocol (ARP) to resolve IP addresses to MAC addresses so that TCP/IP and Ethernet, or another Physical layer protocol, can interoperate. The arp command will not display the MAC address for the NIC in your Windows XP computer. If you issue the arp -a command, then you can view the ARP cache for the computer, which displays the IP address and its corresponding MAC address for all entries in the cache. The tracert command and the ping command, when issued without switches, will display directions for using these commands. You can use the tracert command with various switches and variables to determine the route a packet takes through a TCP/IP network, and you can use the ping command with various switches and variables to test connectivity between hosts.

Answer 105

If you get a “Destination Host Unreachable” message, the most likely culprit is an incorrect gateway. Make sure the local machine and the default gateway are on the same subnet. If what is entered as the gateway IP address is actually the IP address of the LAN side of the router, you will see a “Request timed out” message.

Answer 106

An untrusted SSL certificate message can occur when the SSL certificate was not signed or issued by an organization that is trusted by the browser. The most common cause is a website using a trusted certificate that is missing one or more intermediate certificates.

Answer 107

The primary concern should be the power levels. You may need to boost the power levels. By nature, wireless access points have greater coverage areas outdoors. Boosting the power level will provide a better experience for the event attendees. Power levels can affect wireless network performance. Overcapacity is an issue in wireless performance but usually is not the primary concern. The proliferation of wireless devices will put an enormous drain on a wireless network originally designed for a few devices. In today’s environment, the network may need to provide service to tablet computers, smartphones, personal performance monitors, and smart watches in addition to the few laptops the network was originally designed to support. Always determine the number of expected devices to ensure that you provide adequate connections.

Answer 108

The signal-to-noise ratio (SNR) is the relationship between the strength of the wireless signal compared to the amount of background interference (noise). SNR is measured in decibels (dB). Devices such as microwaves, cordless phones, wireless cameras, and fluorescent lights are all contributors. When using a Wi-Fi analyzer, any SNR below 25dB is considered poor, while a reading above 41db is considered excellent. In outside spaces, SNR is not usually an issue.

Answer 109

To test the routers between your network and RemoteWkst, you should use the tracert utility. To use the tracert utility, you should type the tracert command at a command prompt and either an IP address or a Domain Name System (DNS) name variable after the command, as in the following example: tracert dnsname or tracert ipaddress. The tracert utility will then display the IP address and DNS name of every node that a data packet passes through on its way to the remote computer. The tracert command will also display the time required for a data packet to travel through each node, and an error message if a router on the path is experiencing problems. In this scenario, the tracert command will display an error message if a router is experiencing a problem between either Admin1 or Marketing1 and RemoteWkst. If you receive a Request Timed Out message from tracert when you trace the route to external resources, it is possible that the firewall is blocking echo reply in and echo request out messages. You would need to reconfigure the firewall to allow these messages. The traceroute command is the Linux equivalent of the tracert command.

Answer 110

To avoid multipath distortion, you should use the diversity antenna system on 802.11b Wireless Local Area Network (WLAN) access points and bridges. Multipath distortion is caused by the reflection of radio frequency (RF) signal on surfaces while traveling between the transmitter and the receiver. The reflected signals reach the receiver with delay. This delayed signal adds distortion to the non-reflected signal that is received by the antenna. Multipath distortion can be avoided either by using an antenna diversity system or by changing the location of the antenna. To provide antenna diversity, each access point has two antenna connectors. With the antenna diversity system, the signal is received through both antennas and the best antenna is selected by comparing the distortion ratio. The antenna that receives the lowest distortion signal is selected as the best antenna. This antenna is used to receive the signal continuously until there is a failure in the received packet. If the received packet fails, the access point starts the process to select the best antenna again. Diversity antennas do not add more bandwidth, increase the coverage area, or increase the transmission power.

Answer 111

The areas you should examine are blocked TCP/UDP ports and incorrect ACL settings. Blocked TCP/UDP ports are often necessary to protect the network from insecure protocols that are easily exploited by hackers. Ports that are often blocked include TCP port 23 (Telnet), TCP port 21 (FTP), TCP/UDP port 53 (DNS, as a post-attack exit port) and UDP port 161 (SNMP). For ACLs on routers and firewalls, incorrect ACL settings would allow or prevent transmission of network traffic (inbound or outbound). ACL settings on file servers can allow or deny access to the folders.

Answer 112

A default gateway must be specified for a host for it to connect to hosts outside the local network. This address is the address of the router interface on the local segment that forwards data to other networks. On small networks, the default gateway is the address of the router that connects the local network to the Internet. You should ensure that the default gateway is correctly configured for the interface that is on the local subnet. A wrong default gateway will have the same result as a missing default gateway: packets will not be able to leave the local subnet. From the output of the ipconfig utility, you can see that no default gateway is configured for the host. You must configure the proper default gateway for the host. This can be done manually or using DHCP to automatically assign the appropriate addressing information.

Answer 113

In this scenario, neither you nor Luther can log on to the network from his computer. However, both of you can log on to the network from your computer. Thus, you can assume that the network interface card (NIC) in Luther's computer is defective. If Luther were unable to log on to the network from his computer, but you were able to log on to the network from his computer, then you could assume that Luther was supplying either an incorrect user name or password or both. One of the most common logon problems can be attributed to the caps lock feature. When the caps lock feature is enabled, then all alphabetical characters typed without the shift key being pressed appear in upper case. Most network operating systems require case-sensitive passwords. Therefore, the password system and the password SYSTEM are considered different passwords by the operating system. Both your computer and Luther's computer are connected to the same hub. If the hub were defective, then neither you nor Luther would be able to log on to the network from either computer.

Answer 114

Transceiver mismatch occurs when you have a fiber connector plugged into the wrong type fiber port. As an example, if you have a Small Form Pluggable (SFP) fiber connector, do not plug it into an SFP+ port, and do not plug an Angle Polished Connector (APC) connector into a Ultra Polished Connector (UPC) port.

Answer 115

You should start each wireless access point at a separate time. This will allow each access point to select a channel. Then, when the next access point is booted, it will detect the other access points' channels and use another channel besides the ones detected. 802.11a wireless access points have eight available non-overlapping channels: 36, 40, 44, 48, 52, 56, 60, and 64. 802.11a products need to be configured for automatic channel selection. Therefore, you cannot manually configure the channel. With the automatic channel selection feature, 802.11a wireless access points can detect other access points and configure their channel accordingly. This is the reason that it is important to start 802.11a wireless access points at a separate time. The suggested range for 802.11a wireless access points is 30 meters in an open space, and 10 meters in an office environment. You should not increase the distance between the wireless access points to at least 20 meters. For 802.11a wireless access points, the suggested distance in an office environment is 10 meters.

Answer 116

You have an incorrect cable type. You made a crossover cable when you needed a straight-through cable. In general, a straight-through cable is used when you are connecting two different pieces of equipment, as in a computer and a switch or a router and a switch. The straight-through cable has matching 568A or 568B connectors, but not both. A crossover cable is used when you are connecting two like pieces of equipment, such as two routers. A crossover cable will have one end configured as 568A and the other as 568B.

Answer 117

When troubleshooting a problem, you should try the obvious or quick fixes first. Once you have implemented a solution or workaround, you will need to test the solution to be sure it resolved the problem. Connect to the network and try to transfer a file.

Answer 118

The term broadcast storm refers to the presence of too many data packets that are being sent simultaneously on a network. Several conditions can cause a broadcast storm, including a malfunctioning network component, incompatible network equipment, cable crosstalk, and too many computers on one subnet. In this scenario, a malfunctioning transceiver on a network interface card (NIC) is constantly sending data packets that flood the network and prevent other computers from communicating. This problem would be indicated by the link light on the NIC in the John1 computer, which would remain constantly on, leading you to conclude that the John1 computer is causing a broadcast storm. Typically, the link light on a NIC that is functioning properly will flicker on and off as the NIC transmits data. Some NICs have one light that indicates network connectivity and a separate light that indicates traffic; in this scenario, the traffic light would be continuously on instead of flickering on and off. In addition, the device to which the John1 NIC is connected, such as a hub or switch, will also have a continuously lit link light at the John1 connection point.

Answer 119

A malfunctioning NIC that continuously broadcasts packets on a network may be chattering or jabbering; chatter is the output of continuous random signals, and jabber is the production of oversized data frames.

Answer 120

The tcpdump command allows you to analyze wired or wireless network traffic on a Linux system. For example, to examine POP3 traffic on the wired NIC, you would use the command sudo tcpdump -I eth0 -nn -s0 -v port 110.

Answer 121

Show interface – Show interface is a useful command that can show connectivity issues, physical port issues, port status, traffic flows, and IP address assignments on both switches and routers. This command is very helpful for establishing a networks topology.

Answer 122

Show config – The show config command displays the current configuration that is running on a device. This command can be very helpful for identifying if devices have fallen out of compliance with the organization’s set configuration as well as expedite troubleshooting by being able to search for misconfigurations faster.

Answer 123

Show route – The show route command is used to view and manipulate the IP routing tables that are stored in a router. These tables contain all the known destination networks, how they were learned, and how to reach them. This command can help identify if a network has all the necessary routes need to complete network communication.

Answer 124

According to the general troubleshooting strategy, the first thing you should do when troubleshooting a problem is to identify the problem. This includes gathering information, duplicating the problem, questioning users, identifying symptoms, determining if anything has changed, and approaching multiple problems individually. The user's statement that the network is "broken" does not clarify whether there is an issue with hardware or software, with user error, or with an external vendor such as the network service provider. If a user complains that he is unable to access a server or printer resource on the network, you should first ask if the user is able to access any network resources.

Answer 125

Of the choices available, the router is most likely causing the communications problem in this scenario. The router links the company's LAN to the Internet. Server and Workstation A cannot communicate with Workstation B, and Workstation B cannot communicate with the computers on the company's LAN, so the router is most likely malfunctioning. Workstation A and Server can communicate with one another, so Workstation A and the hub appear to be functioning properly. Workstation B can connect to the Internet, so the modem appears to be functioning properly. End-to-end connectivity is a process whereby you troubleshoot connectivity issues from the host experiencing the connection problem all the way through the network. You should always start at the local host and proceed through the network, through routers and other devices, to the destination. Any connectivity problem could be at the host, the remote host, or anywhere in between. Following a logical process will ensure that the exact issue will be located. As you move out from the local host, you should keep in mind that other hosts will be experiencing the same problem. For example, if the problem is not with the local host and you discover that the problem is with the router, all hosts that use that router should be experiencing the same problem.

Answer 126

A logical first place to start troubleshooting would be to determine if the condition is network-wide or workstation specific. Have other similar users both on local segments and remote segments attempt to perform the same actions. You should also verify that connectivity with the server can be established. You can do this by pinging the server. Rebooting the network server or the user's workstation are not good first steps in attempting to resolve the problem.

Answer 127

Corrupt packets are being dropped. Packet drops occur for a variety of reasons, including packet corruption, speed mismatch, and duplex mismatch. Corrupt packets are not forwarded by network devices. An interface only resets when a power outage occurs or when an administrator initiates a reset. Packets cannot change the duplexing method. However, a packet that uses a different duplexing than is the network supports is usually dropped. As a network technician, you should perform interface monitoring. This includes being able to read errors and determine their cause, understand network utilization reports, determine discards and packet drops and their cause, perform interface resets, and ensure speed and duplex settings are appropriately configured.

Answer 128

A logical first place to start troubleshooting would be to determine if the condition is network-wide or workstation-specific, for example by having other similar users attempt to perform the same actions. If other users are unable to duplicate the problem, the problem points to a workstation condition. Rebooting the server or the user's workstation are not good first steps in attempting to resolve the problem. If the server's access limits had been exceeded, then no other users would be able to log on.

Answer 129

The tracert utility will provide a listing of all routers through which data from Workstation A2 must pass on its way to Server B. If there are any problems along the way, they will show up in the output from the tracert command.

Answer 130

Port configuration − Each switch port is a single collision domain. If you improperly configure the ports, then communication on the appropriate domain may not be possible.

Answer 131

VLAN assignment − This problem occurs when configuring the VLAN assignment on a client computer or device. Each VLAN is a separate collision domain. Make sure that client computers are configured with the appropriate VLAN to ensure that they can communicate within the collision domain.

Answer 132

Bad/missing routes − This problem will cause routers to incorrectly forward packets. If bad routes are configured, the bad routes should either be reconfigured or deleted. Missing routes should be added. This is more of a problem on statically configured routers.

Answer 133

Misconfigured DNS − If the wrong DNS information in configured, devices are unable to resolve a DNS name properly. The device or host will need to be reconfigured with the correct DNS information. For example, if an MX record is entered incorrectly, devices will be unable to access the mail server.

Answer 134

Misconfigured DHCP − If the DHCP server in configured incorrectly, hosts will be obtaining incorrect IP information from this server. This could include incorrect IP address, subnet mask, default gateway, and even DNS server information. While a DHCP server makes it much easier to configure client's with their IP configuration information, a misconfigured component within the DHCP lease can cause communication problems from all DHCP clients. Also keep in mind that rogue DHCP servers, which are unauthorized DHCP servers, can also cause problems. If you suspect that there is an unauthorized DHCP server on the network, you will need to establish a plan to locate the rogue DHCP server.

Answer 135

Cable placement − Cable placement issues vary depending on the type of media (twisted pair, coaxial, or fiber) used. You should avoid running cables near objects that may cause problems with the cabling.

Answer 136

Simultaneous wired/wireless connections − Some organizations have both wired and wireless networks in use. Client computers, though, should connect to only one of these types of networks. If you want to use a wired connection, you should plug into that network. If a wireless network is in range, your computer may attempt to connect to the wireless network as well if you have enabled the connect automatically feature.

Answer 137

Discovering neighboring devices/nodes − Most devices have the ability to discover neighboring devices or nodes by using the appropriate routing protocol. It may be necessary to enable multiple routing protocols based on the types of devices to which you must connect.

Answer 138

Multicast Flooding – Multicasting is group communication method where data transmissions are addressed to a group of destinations simultaneously. When multicast flooding occurs, data packets are flooded to these grouped devices all at once, which can cause slowdowns or network crashes for all the destination devices. Managing data packet flows with flood guards are useful ways to prevent such issues.

Answer 139

Asymmetrical Flooding – Asymmetric routing occurs when a data packet takes one path to reach a destination and then takes a different path to return to the source. Asymmetrical flooding occurs when these data packets go through every switch or router that is being sent between this conversation, which will cause the network to either crash or cause significant slowdowns.

Answer 140

Low optical link budge Optical Link Budget – The optical link budget sets a hard limit on the maximum distance an optical network can cover. Having this set too low can cause the network to lag or have dead zones within a network where users are unable to connect well to.

Answer 141

Certification Issues – Many devices within a network have certificates attached to them to verify the information that they are sending and to create a trust model. However, certifications can expire or be revoked if they are mishandled. Routinely monitoring and staying up to date on the various certificates within a network to ensure they are still useable.

Answer 142

Blocked services, portsServices, Ports, or addressesAddresses – Occasionally errors can occur within a network due to a port, IP address, or service being blocked. While the reasons these services may have been blocked can vary greatly, IT teams can route this information through a new port or utilize a different service to continue productivity or they can unblock the issue. However, when unblocking these ports, addresses, or services, it is important to ensure that network security is not compromised in the process.

Answer 143

NTP Issues – NTP can have a variety of issues associated with it. Some of the most common issues are not receiving NTP packets, not being able to process NTP packets, NTP packets causing the loss of synchronization, and the NTP clock period being manually set. If NTP is having a significant amount of issues, IT teams can run NTP’s debugging commands canto help identify the issues.

Answer 144

NIC teaming misconfiguration − Also known as load balancing and failover (LBFO), NIC teaming allows multiple network interface cards (NICs) in the same computer to be placed into a team for bandwidth aggregation and traffic failover to prevent connectivity loss in the event of a network component failure. Active-active versus active-passive − In an active-active NIC team, both NICs work together managing network traffic. In an active-passive NIC team, one NIC is the primary NIC. The other NIC is only brought over in a failover situation when the primary NIC is down. Multicast versus broadcast − Multicast enables a single device to communicate with multiple hosts. Broadcast occurs when a single device communicates with a single host.

Answer 145

Network devices will now operate in full-duplex mode. Because each switch port is connected to a single device and each device operates in its own collision domain, you can turn off CSMA/CD, thereby allowing full-duplex mode, meaning that traffic can be transmitted in both directions at the same time. Network devices will NOT operate in half-duplex mode. This is the mode that is used if CSMA/CD is enabled. Half-duplex mode means that devices can only transmit or receive at any one time. Your actions do not actually affect the speed of the switch ports. The switch ports are capable of a certain speed regardless of whether using half-duplex or full-duplex mode. Many switches allow you to change the speed of your switch ports by disabling auto-negotiation. However, if you disable auto-negotiation, you can cause devices on your network to stop operating if they do not support the configured port speed.

Answer 146

On a Linux computer, you should use the ifconfig command to configure a network interface card (NIC). The first NIC in a Linux computer is typically named eth0, and the second NIC is named eth1. Therefore, you should log on to the Linux computer as root, which is also known as the superuser, and issue the command ifconfig eth1 192.168.0.1 netmask 255.255.255.0 to configure the second NIC. The 192.168.0.1 portion of the command configures the IP address for the NIC, the netmask 255.255.255.0 portion of the command configures the subnet mask for the NIC, and the up portion of the command activates the NIC. A similar procedure would be used on a UNIX computer.

Answer 147

The ipconfig /all command lists all the TCP/IP configuration parameters for the computer on which it is run. This includes the default gateway address for the Server B network. By examining the output from ipconfig /all, you will be able to determine if the configured default gateway address is correct.

Answer 148

Most support issues will arise from users having the wrong Service Set Identifier (SSID) or wrong passphrase. It is very easy for a user to select the wrong SSID. They may not have the correct password or passphrase, and they may type in the SSID name incorrectly. Checking for the correct SSID is often the first step to wireless troubleshooting. Also, most wireless devices “remember” the previous SSID, even if you move to a new network. Always check the SSID when troubleshooting. Passwords and passphrases are case sensitive, and the number/letter/symbol combinations are easy to miskey.

Answer 149

For the Network+ exam, you will need to understand the different service sets that SSIDs can have. A basic service set identifier (BSSID) BSSID is used in infrastructure mode to help identify the MAC address of an access point. Unlike a SSID, every access point will have its own unique BSSID as well as a unique MAC address. Another type of SSID is the Extended Service Set Identifier (ESSID). An ESSID is like a SSID, but this identifier is used across multiple access points as part of the WLAN. The ESSID will function as an electronic marker to identify and address for computers or other network devices and connect to a wireless router to then access the internet. An independent basic service set, also known as an ad-hoc service set, is the simplest of the service sets as no network infrastructure is needed. An ad-hoc service set consists of one or more stations that will communicate directly with each other rather than utilizing access points. The last concept for SSIDs you will need to understand is roaming. Roaming is when client devices can move or roam between different access points without disruption any applications or data flows that require a persistent network connection.

Answer 150

Of the listed commands, you should use the nbtstat -r command to troubleshoot the automatic NetBIOS name resolution problem on the Windows 7 computer. On a Windows network, NetBIOS is used to locate computers in a server domain. If TCP/IP is being used on the network, then NetBIOS names need to be resolved to IP addresses. NetBIOS name resolution can be accomplished in two ways in a Windows NT 4.0 server domain: LMHOSTS and Windows Internet Name Service (WINS). The LMHOSTS file is a flat-text file that contains NetBIOS name to IP address resolutions. Each computer on a Windows network that uses LMHOSTS name resolution must have an LMHOSTS file, which must be manually updated when changes are made to NetBIOS name-to-IP address resolution on the network. WINS provides an automatic NetBIOS name-to-IP address resolution system. You can view WINS statistics by using the nbtstat -r command to determine the number of NetBIOS name resolutions on a computer. If the number of name resolutions is zero, then you can assume that there is a problem with a computer's WINS configuration.

Answer 151

Fluorescent light fixtures emit high levels of electromagnetic interference (EMI). EMI is essentially noise that is picked up on the network cable. EMI from fluorescent lights can corrupt data; therefore, you should consider your choice of network cable carefully if you must place the cable near fluorescent lights. Halogen lights and incandescent bulbs do not interfere with fiber-optic transmissions. UTP and STP cable does NOT deteriorate in the presence of fluorescent lighting. EMI affects cable placement. Cable placement issues may vary depending on the type of media (twisted pair, coaxial, or fiber) used. You should avoid running cables near objects that may cause problems with the cabling. You should arrange cables to minimize interference. Ideally, Ethernet cables should not be placed close to high voltage cables, generators, motors, or radio transmitters. Often using shielded cabling will prevent this problem. You could also move the interfering device or the cable.

Answer 152

According to the general troubleshooting strategy, after establishing the symptoms, you should establish what has changed. This will allow you to make educated guesses as to what might be causing the problem and then select the most probable cause of the problem.

Answer 153

Shielded twisted-pair (STP) cable is identical to unshielded twisted-pair (UTP) cable except for the shielding that encloses the twisted pairs in STP. This metallic shield protects the cable from interference caused by fluorescent light fixtures, motors, and other electromagnetic interference (EMI) sources. STP cable can be used in any implementation where UTP is used, but it is generally only used when shielding from EMI is required because it is more expensive than UTP cable. Fiber-optic cable is also NOT affected by EMI. Either STP or fiber-optic cable should be used around light fixtures.

Answer 154

Tracert is a command-line utility that will show every router interface a TCP/IP packet passes through on its way to a destination. Asterisks seen in any one of the columns mean that the corresponding router took longer than expected, indicating a possible slow link, a link experiencing high traffic, or ICMP filtering being turned on. Syntax: tracert An example of Tracert is: tracert www.domain.com Another example of Tracert is: tracert 64.14.46.18

Answer 155

You have already identified the problem, re-created the problem, and established a theory of probably cause. You should now test the theory. In this scenario, the correction plan might involve running diagnostics on the network interface card (NIC) or simply replacing the NIC. If the test confirms you theory, you should then proceed through the other troubleshooting steps.

Answer 156

Because the loss of connectivity is only occurring when the fluorescent lights are turned on, it points to electromagnetic interference (EMI) being emitted by fluorescent lighting. EMI is essentially electrical noise that is picked up on the network cable. EMI from fluorescent lights can corrupt data; therefore, you should consider your choice of network cable carefully if you must place the cable near fluorescent lights. Ideally, network equipment should be maintained at a room temperature of 70 degrees Fahrenheit (21 degrees Celsius). However, even lower-than-ideal temperatures would not affect equipment.

Answer 157

Voltage fluctuation in the outlets would not affect network connectivity. Instead, computers rebooting, computer power supply failures, or temporary loss of power could result from voltage fluctuation. EMI affects cable placement. Cable placement issues may vary depending on the type of media (twisted pair, coaxial, or fiber) used. You should avoid running cables near objects that may cause problems with the cabling. You should arrange cables to minimize interference. Ideally, Ethernet cables should not be placed close to high voltage cables, generators, motors, or radio transmitters. Often using shielded cabling will prevent this problem. You could also move the interfering device or the cable.

Answer 158

A wire crimper, also referred to as a cable crimper, should be used to splice the end of an Ethernet cable to an RJ-45 connector.

Answer 159

You can use a time domain reflectometer (TDR) to determine the length of a network cable. A TDR sends an electric pulse through a cable and measures the time required for the pulse to return. The TDR can then use this information to calculate the length of the cable. If the cable length calculated by the TDR is shorter than the expected length, then you can reasonably deduce that there is a break in the cable. TDRs can detect a variety of cable problems, including short circuits, open circuits, splices, cable breaks, and taps.

Answer 160

A protocol analyzer provides information regarding traffic flow and statistical information for your network. A protocol analyzer is also referred to as a network analyzer or packet sniffer. None of the other tools can provide this information. A port scanner provides a list of open ports and services on your network. A penetration test determines whether network security is properly configured to rebuff hacker attacks. A vulnerability test checks your network for known vulnerabilities and provides methods for protection against the vulnerabilities.

Answer 161

You should NOT increase the signal strength of the new wireless access point. This would probably increase the interference. Decreasing the signal or power strength can ensure that the wireless LAN does not extend beyond a certain area. You could move the new wireless access point, change the channel used on the new wireless access point, or decrease the signal strength of the new wireless access point. One other method for preventing wireless interference is changing the wireless telephone used. The scenario only stated that intermittent interference was occurring. It did not state what was causing the interference. Another potential wireless issue is the wrong antenna type. Antenna types can affect the area that a wireless signal will cover. Unidirectional antennas only transmit in a single direction, while omnidirectional antennas transmit in a defined radius from the antenna placement. In both cases, you should ensure that the wireless access point is placed in an area where the antenna type will be most effective.

Answer 162

The most likely cause of the issues is the maximum cable length has been exceeded. On a 10GBase-SW network, the maximum cable length is 300 meters. A 10GBase-SW network uses multi-mode fiber cable. It is unlikely that the problem is a dirty connector. Because most connectors spend the majority of the time plugged in, they don't tend to get dirty.

Answer 163

For the Network+ exam, you also need to understand the following fiber cable issues: Attenuation/Db loss − Attenuation is the reduction in power of the light signal as it is transmitted. Attenuation is caused by passive media components, such as cables, cable splices, and connectors. SFP/GBIC cable mismatch − This occurs when you use the wrong cable type. Make sure to ensure that you are using single-mode or multi-mode fiber cable based on the specification needed for the network type you deploy. Bad SFP/GBIC cable or transceiver − If this occurs, you will need to replace the component that is bad. Wavelength mismatch − Multi-mode fiber is designed to operate at 850 and 1300 nanometers (nm), while single-mode fiber is optimized for 1310 and 1550 nm. If the wrong wavelength is implemented or a device is added to the network that operates at the wrong wavelength, signal loss will occur. Fiber type mismatch − If you use different types of fiber cable on the same network, you will experience Db loss. It can cause systems to malfunction or have high error rates. Connector mismatch − If you use the wrong connectors on your network, devices will be unable to communicate.

Answer 164

You should install another wireless access point that uses a different non-overlapping channel and the same SSID. This will allow the connections to be distributed between the two access points, thereby increasing user throughput.

Answer 165

When determining if a problem is network-wide or limited to a workstation, the first step is to try to duplicate the problem on other workstations. If the problem can be duplicated on other workstations, it points to a network-wide problem. Problems that cannot be duplicated on other workstations point to a workstation problem.

Answer 166

Because you suspect interference between two pairs in the cable, the most likely culprit for the issue is crosstalk. Crosstalk occurs when the data signal on one cable “hops” to another cable. This issue is most often found in unshielded twisted pair (UTP) cabling, particularly when the ends of the cable that feed into the RJ-45 jack are too long. Those types of connection issues are common with cables made by new employees. Solutions include purchasing professionally assembled cables, rerouting cables, adding new RJ-45 connections, and upgrading to a higher grade of cable, such as Cat6 or Cat7.

Answer 167

A throughput tester is best used to verify a network's transmission speed. Connectivity software is any type of software that allows you to remotely connect to a network. Microsoft's proprietary Remote Desktop Protocol (RDP) and Remote Desktop Connection (RDC) are both types of connectivity software. RDC is a Microsoft technology that allows a local computer to connect to and control another computer remotely. With RDC, organizations can attach a remote desktop gateway. A remote desktop gateway is a role service that will enable authorized remote users to connect to and utilize the resources on an internal private network from any device that can run a RDC client. These gateways utilize both SSL and RDP protocols to improve security, provide encryption, and ensure proper authentication with remote connections.

Answer 168

You could either install the network analyzer on all four subnets, or install a distributed network analyzer. Standard network analyzers only capture packets on the local subnet. To capture packets on a multi-subnet network, you could install the network analyzer on all four subnets. Alternatively, you could purchase a network analyzer that can capture all packets across the subnets. Typically, a distributed network analyzer consists of a dedicated workstation network analyzer installed on one subnets and software probes installed on the other subnets.

Answer 169

You can use a port scanner to determine which Transmission Control Protocol (TCP) ports are open on a private network. A port scanner is a device that automatically attempts to communicate with different protocols over all ports and records which ports are open to which protocols. For example, File Transfer Protocol (FTP) generally communicates over port 21. For security reasons, however, an administrator might close port 21 and map FTP traffic to a different port. By attempting FTP communications over all ports, a port scanner might allow a hacker to find the open FTP port and bypass the security measure. You can also use stealth scanning and port scanning to determine which operating systems are being used on a network.

Answer 170

Ad hoc mode allows wireless computers to be configured much more quickly than infrastructure mode. Ad hoc mode wireless computers all participate in the same network. This means that the ad hoc wireless computers can access each other, but cannot access network resources on a LAN, WAN, or Internet. Ad hoc mode is cheaper to implement than infrastructure mode. In addition, it is easy to set up and configure and can provide better performance than infrastructure mode. However, it is difficult to manage an ad hoc mode wireless network. Infrastructure mode allows wireless computers to connect to a LAN, WAN, or the Internet. This means that infrastructure mode wireless computers can access all computers on the LAN, WAN, and Internet. Infrastructure mode is much more expensive than ad hoc mode to implement because you must configure wireless access points. While infrastructure mode is harder to set up and configure, management is much easier than with ad hoc mode. The problem is not with static IP addresses or the subnet mask. The ad hoc mode wireless computers are configured with dynamic IP address information, but have not received that information from the corporate DHCP server.

Answer 171

An optical time domain reflectomer (OTDR) is a tool that analyzes the quality of a connection in a fiber optic cable. It is most often used to find breaks in the cable.

Answer 172

You should look at overcapacity. Overcapacity is an issue in wireless performance. The proliferation of wireless devices will put an enormous drain on a wireless network originally designed for a few devices. In today’s environment, the network may need to provide service to tablet computers, smartphones, personal performance monitors, and smart watches, in addition to the few laptops the network was originally designed to support. From the symptoms being described, more students are connecting their devices between classes, causing the performance of the network to degrade.

Answer 173

Refraction “bends” the signal as it passes through, or the signal curves as it tries to go around the object. Think of a stick where part of the stick is in the water and part of the stick is out of the water. The stick appears ‘‘bent” because the water causes refraction of the image. If refraction were the issue, the problem would be throughout the day, not just at certain times.

Answer 174

The most likely cause of the problem is a duplicate MAC address. Duplicate MAC addresses can be caused by MAC address spoofing or by manufacturers reusing MAC addresses in their devices. Manufacturers will often ship NICs with duplicate MAC addresses to different geographic areas. With regard to manufacturers recycling MAC addresses, as long as two NICs with the same MAC address have at last one router between them, there will not be a conflict. Routers direct traffic via IP addresses, while switches direct traffic via MAC addresses, with an ARP table showing the relationship between MAC address and IP address.

Answer 175

You should issue the ipconfig command with the /release switch to release your computer's lease on the TCP/IP configuration that it received from the Dynamic Host Configuration Protocol (DHCP) server. If other computers cannot locate your computer on the network, then you might need to renew the DHCP lease for your TCP/IP configuration. You can renew the lease by issuing the ipconfig /renew command at a command

Answer 176

When you manually set a device to full-duplex (auto-config off), the device will assume it should use half-duplex transmission. Duplex/speed mismatch is a misconfiguration of an NIC, switch port, or router port. Duplex refers to whether the traffic is talk only/listen only or bidirectional traffic, like a phone call. Speed relates to the data transfer rate, such as 100mbs or 1000mbs. If one port is configured at half duplex and the other port is configured at full duplex, the user will notice a severe drop in performance, because the network will operate at the slower half duplex speed.

Answer 177

Collisions on an Ethernet CSMA/CD network are normal and generally do not cause any negative effects. In fact, they are required for proper operation. However, an excessively high number of collisions occurring for a sustained length of time can cause delays and slow throughput. CSMA/CD will negotiate standoff timers to allow multiple devices to communicate on congested network segments. You can determine if a network is experiencing problems due to collisions by using the show controller ethernet [ interface number ] command. This command displays the collisions counter, which includes the number of excessive collisions. The "excessive collisions" number refers to the number of frames that were not transmitted due to excessive collisions detected on the network. This usually indicates a problem. Common causes are devices improperly configured as full-duplex, malfunctioning network interface cards, or too many stations on the network medium. CSMA/CD network devices "sense," or listen, for network traffic before transmitting. If the network is free of traffic, the device will send its data, still listening to determine if another device is sending data at the same time. If more than one device sends data, a collision will occur. When the devices detect a collision, they stop transmitting and wait a random amount of time before retransmitting the data. Although CSMA/CD does not stop collisions, it does provide a way to manage them.

Answer 178

Workstations read entries in their HOSTS files before making requests to DNS. In this scenario, this behavior would cause the workstation to use the incorrect IP address when attempting to access a server by its host name. For example, suppose an FTP server with an original IP address of 172.35.2.100 and the host name ftp.domain.com was moved and its address changed to 172.25.2.300. When a user typed in the URL for the server in a browser, the client would search its HOSTS file and find an entry for ftp.domain.com at IP address 172.35.2.100. It would then attempt to contact the server using IP address 172.35.2.100, which is the wrong IP address. However, if you delete the HOSTS file, or remove the entry for the server, the workstation will search DNS to resolve the server's host name when it does not find an entry for the server the local HOSTS file.

Answer 179

Of the choices provided, the most likely cause of the problem in this scenario is that the network cable is disconnected from the network interface card (NIC) on the LeadDev computer. Because the Shipmaster computer can connect to the DevServ computer, the communication path between these two computers is functioning normally. This path includes the NIC on the Shipmaster computer, the router between the shipping and the development LANs, and the NIC on the DevServ computer. If the router were defective, then the Shipmaster computer would not be able to connect to the DevServ computer. Therefore, the most likely source of the problem is a faulty connection between the LeadDev computer and the development network; the disconnected cable is the only possibility offered that would cause the faulty connection.

Answer 180

You should complete the following steps to protect against war-driving attacks: Change the default SSID. Disable SSID broadcast. Configure the network to use authenticated access only. You should not configure the WEP protocol to use a 128-bit key. In recent years, WEP has been proven to be an ineffective security protocol for wireless networks, regardless of whether you use low or high encryption. It is a protocol that is very easy to crack using a brute force attack. Some other suggested steps include the following: Implement Wi-Fi Protected Access (WPA) or WPA2 instead of WEP. Reduce the access point's signal strength. Use MAC filtering.

Answer 181

You should be concerned with channel overlap. Channel overlap can cause performance issues. Even though 11 channels are available in the US, there is a high degree of overlap. When using multiple wireless access points in 2.4 GHz mode, you should set the wireless channels at 1, 6, and 11 to provide the best coverage.

Answer 182

Electromagnetic interference (EMI) is interference in the operation of other electrical devices caused by electromagnets, which distorts the signal. Electromagnetic fields can be found in large industrial equipment or smaller equipment such as air conditioners and heaters. If you move network devices to new locations and then start experiencing performance problems, you should examine the new location to see if EMI is causing the problem. EMI can affect network communications through the network cabling. The source of the EMI is often difficult to find. One simple method you can use to locate an EMI source is to place a compass close to the suspected EMI source, looking for unusual needle movements. Once the source of the EMI is found, there are two possible solutions. The first is to move the existing cable away from the EMI source. The second is to replace the existing cabling with shielded cabling or fiber-optic cabling, which are resistant to EMI.

Answer 183

The output displayed is a part of the output from executing the traceroute command on a Cisco router. The traceroute command finds the path a packet takes while being transmitted to a remote destination. It is also used to track down routing loops or errors in a network. Each of the following numbered sections represents a router being traversed and the time the packet took to go through the router: 1 14.0.0.2 4 msec 4 msec 4 msec 2 63.0.0.3 20 msec 16 msec 16 msec 3 33.0.0.4 16 msec * 16 msec

Answer 184

Knowing the exact error message would be the best first step in solving this problem. The message itself may point to the cause of the problem. Information pertaining to the amount of memory, the user name and password, and whether the computer has been rebooted could be useful in other scenarios. This type of information would not enable you to determine the problem in this scenario.

Answer 185

You can implement a maximum of three 802.11g wireless access points within 30 meters of each other. The 802.11g wireless access points only have three non-overlapping channels (1, 6, and 11 in the United States; 1, 6, and 13 in Europe.) Therefore, to prevent interference, you need to configure the three wireless access points with different channels.

Answer 186

A plenum-rated cable will not produce toxic gas when it burns; therefore, it can be used in plenum areas, such as ventilation ducts and other areas that carry breathable air. When deciding whether or not to use plenum-rated cables, you should consider the ceiling airflow condition. Workstation models, window placement, or floor composition will not affect the decision on whether to use plenum cabling. The coating of non-plenum cables produces toxic gas when it burns. Most fire codes require plenum-rated cable in any area that carries breathable air. Plenum cable is more fire-resistant than riser-rated cable, not less. Both plenum and riser-rated cables are more fire-resistant than general purpose cables, but the fire code requirements are the most stringent for plenum cables. Unlike plenum-rated cables, riser-rated cables are suited to go into non-plenum spaces and between the floors of buildings. Usually, riser cables are installed in between the walls of buildings as well as areas that do not pose danger in the event of a fire. Riser cables are typically installed in vertical runs to form the telecommunications backbone of a commercial building’s network.

Answer 187

Trees should be considered as signal-absorption objects when performing 802.11b Wireless Local Area Network (WLAN) site surveys. Water pools, trees, and construction materials, such as steel and wood, can absorb the radio frequency signal. Objects with water content should be avoided to prevent radio frequency signal absorption. Some objects act as reflectors of the signal, thereby causing multipath distortion. Concrete walls, metal studs, or even window film could affect the quality of the wireless network signals.

Answer 188

According to the diagram in this scenario, the IP address configured on Host A is 172.32.2.3 and the broadcast address is 172.32.3.255. If the broadcast address for this network is 172.32.3.255, then the network ID of the next subnet in the series of subnets created by the mask is 172.32.4.0. Because the gateway address (which must be in the same subnet as the hosts) is 172.32.2.1, it indicates that the subnet that contains the three addresses (IP address, gateway and broadcast address) has a network ID of 172.32.2.0. The mask must be 255.255.254.0. It would yield the following subnet IDs: 172.32.0.0 172.32.2.0 172.32.4.0 172.32.6.0 …and so on. The mask could not be 255.255.0.0. This is a standard class B mask, and when used the broadcast address would be 172.32.255.255, not 172.32.3.255. The mask could not be 255.255.240.0. This would create an interval of 16 between subnets in the third octet, which would yield the following subnet IDs: 172.32.0.0 172.32.16.0 172.32.32.0 …and so on. If this were the case, the broadcast address for these addresses' subnet would be 172.32.15.255, not 172.32.3.255. The mask could not be 255.255.192.0. This would create an interval between subnets of 64 in the third octet, which would yield the following subnet IDs: 172.32.0.0 172.32.64.0 172.32.128.0 …and so on. If this were the case, the broadcast address for the subnet hosting these addresses would be 172.32.63.255, not 172.32.3.255.

Answer 189

Network configuration and performance baselines are parts of the network documentation that assist with troubleshooting. In particular, performance baselines show how the network performs under typical loads, in terms of bandwidth used, packets dropped, throughput, or other metrics, for a given period of time. Later, when network issues occur, such as a perceived drop in network speed, the administrator can compare current conditions to the previously recorded baseline.

Answer 190

You should use the traceroute command. The traceroute command finds the path a packet takes while being transmitted to a remote destination. It is also used to track down routing loops or errors in a network. The following code is a sample output of the traceroute command: Type escape sequence to abort. Tracing the route to 33.0.0.4 1 11.0.0.2 4 msec 4 msec 4 msec 2 24.0.0.3 20 msec 16 msec 16 msec 3 33.0.0.4 16 msec * 16 msec Jan 20 16:42:48.611: IP: s=12.0.0.1 (local), d=33.0.0.4 (Serial0), len 28,sendingJan 20 16:42:48.615: UDP src=39911, dst=33434Jan 20 16:42:48.635: IP: s=11.0.0.2 (Serial0), d=11.0.0.1 (Serial0), len 56,rcvd 3Jan 20 16:42:48.639: ICMP type=11, code=0 The tracert command is incorrect because this command is used by Windows operating systems, not the Cisco command-line interface. However, the purpose of the tracert command is similar to the Cisco traceroute utility, namely to test the connectivity or "reachability" of a network device or host. The tracert command uses Internet Control Message Protocol (ICMP).

Answer 191

It would it be appropriate to issue the ipconfig command with the /release and /renew options when the result of running the ipconfig /all command indicates a 169.254.163.6 address, or when recent scope changes have been made on the DHCP server. When a computer has an address in the 169.254.0.0 network, it indicates that the computer has not been issued an address from the DHCP server. Instead, the computer has utilized Automatic Private IP Addressing (APIPA) to issue itself an address. If the reason for this assignment is a temporary problem with the DHCP server or some other transitory network problem, issuing the ipconfig /release command followed by the ipconfig /renew command could allow the computer to receive the address from the DHCP sever. Similarly, if changes have been made to the settings on the DHCP server, such as a change in the scope options (such as gateway or DNS server), issuing this pair of commands would update the DHCP client with the new settings when this address is renewed.

Answer 192

You should implement split horizon to prevent routing loops. Split-horizon route advertisement prevents routing loops in distance-vector routing protocols by prohibiting a router from advertising a route back onto the interface from which it was learned. None of the other options would solve the routing loop issue.

Answer 193

You should configure the preferred wireless network on the user's computer. After this is completed, the user's computer will automatically connect to the preferred wireless network if it is available. If a computer is connected to the wrong SSID, you need to change to the correct access point and then set that access point as the preferred network.

Answer 194

A high-gain antenna has a small vertical beamwidth. The beamwidth parameter of the antenna defines the angle of the radio signal radiated. The angle of radiation of the signal is defined in degrees. The antenna properties include the gain, beamwidth, and transmission angle. Antennas with higher gain have less beamwidth than antennas with lower gain. The high-gain antennas have very narrow beamwidth. For example, typical 6-dBi patch antenna has a 65-degree beamwidth, but the 21-dBi parabolic dish antenna has a 12-degree radiation pattern.

Answer 195

Of the choices listed, an electrostatic discharge (ESD) has most likely caused the network interface card (NIC) to malfunction. ESD occurs when static electricity jumps from an object with a higher electrical charge to an object with a lower electrical charge. You can build up static electricity in your body by walking across a carpet. This static electricity can then be discharged in the form of ESD into the circuits on a microchip, which can destroy such circuits. NICs are expansion cards that contain microchips that ESD can destroy. You should take measures to prevent ESD before you handle the expansion cards in a computer. For example, you can wear an anti-static wrist strap, or you can discharge the static electricity in your body by touching a grounded object such as a computer case before you touch a circuit board. Companies should make employees aware of electrical safety if personnel may be required for perform work that could result in electric shock, such as computer repair. Proper grounding techniques should be covered as part of personnel training.

Answer 196

The term used to refer to the angle of radiation of an antenna is beamwidth. There are many differences between the types of antennas that you can use, including beamwidth, gain, transmission angle, and frequency. The beamwidth parameter of the antenna defines the angle of the radio signal radiated. The angle of radiation of the signal is defined in degrees. Antenna properties include the gain, beamwidth, and transmission angle. The gain is a measure of how much of the input power is concentrated in a particular direction. Antennas with higher gain have less beamwidth than antennas with lower gain. The high-gain antennas have a very narrow beamwidth. For example, typical 6-dBi patch antenna has a 65-degree beamwidth, but the 21-dBi parabolic dish antenna has a 12-degree radiation pattern. You also need to understand signal strength. In most wireless access points, you can adjust the signal strength. This feature is particularly useful if you want to prevent the signal from reaching outside a building. Then you would adjust (lower) the signal strength and possibly change the access point placement to prevent the signal from reaching there. The coverage of the signal depends on the type of access point you are deploying, the location where it is deployed, and the frequency used. For the Network+ exam, you will also need to understand antenna polarization. Polarization refers to the radiated field that is produced by an antenna. These vibrations can be configured to go in a vertical angle, horizontal angle, or any angle perpendicular to the string. Antennas can be sensitive to this polarization, which can cause issues with signal strength, so IT professionals should be cognizant of antenna placement.

Answer 197

You should be concerned with incorrect antenna placement during the selection process. Antenna placement can cause issues with Wi-Fi performance. Check the manufacturer’s placement recommendation – some wireless access points are designed for wall mounting, while others are designed for ceiling mounts. Also, placing a wireless access point near metal ductwork, larger metallic lamps, on top of a ceiling panel, or next to a thick wall can cause performance issues.

Answer 198

You should use the netstat command. This tool displays incoming and outgoing connections, routing tables, and network interface statistics.