2.3-2.5

Question 1

A new network configuration includes the ability to inspect packets at the application layer to identify potential threats. Which of the following choices uses the new configuration?

Load balancer
Content Filter
Proxy Server
NGFW

Answer 1

NGFW

A next generation firewall is capable of parsing application layer protocol headers and data, such as hypertext transfer protocol (HTTP), so that sophisticated, content-sensitive access control lists (ACL) can be developed.

Question 2

A user remotely connects to a company firewall to gain network access while traveling. What purpose does a RADIUS server provide for the connection?

Proxy
VPN Concentrator
Load balancer
AAA

Answer 2

AAA

An authentication, authorization, and accounting (AAA) device provides object identification, relevant permissions, and then creates an audit trail. AAA can be deployed by using a RADIUS (Remote Authentication Dial-in User Service) server.

Question 3

An engineer plans to configure a device as transparent, rather than nontransparent, at an organization. Which device does the engineer configure?

VPN concentrator
Proxy server
Content filter
Load balancer

Answer 3

Proxy server

A proxy server is used as a middle-man for Internet access. A transparent proxy is configured on an inline device, while a nontransparent proxy is configured on a client machine.

Question 4

A user states that phone calls external to the organization do not work. The engineer tests a phone and can only make internal calls. Which component needs troubleshooting?

VoIP gateway
VoIP PBX
UTM appliance
AAA/RADIUS server

Answer 4

VoIP gateway

A Voice over Internet Protocol (VoIP) gateway is a component in a VoIP phone system. This gateway, which can be software or hardware, is used to interface with a traditional analog phone system.

Question 5

The CIO asks an IT systems administrator to configure a passive threat management solution. IT utilizes which type of technology?

Multilayer switch
IDS
VPN concentrator
IPS

Answer 5

IDS

An Intrusion Detection System (IDS) is a system that scans, audits, and monitors the security infrastructure for signs of attacks in progress. An IDS uses a passive approach to threat management.

Question 6

A vendor visits an organization to demo a network management device. As part of the hands-on demonstration, an IT engineer can see and manage an extended service set (ESS) on the network. Based on the engineer’s experience with the device, what is the vendor demonstrating?

Wireless controller
Multilayer switch
RADIUS server
UTM appliance

Answer 6

Wireless controller

A wireless controller is a hardware device or software application which can centralize the management function of a wireless network. An extended service set is defined in a wireless network.

Question 7

At the request of management, a senior server engineer deploys a proxy server for all users in the organization. The proxy provides many benefits for a uniform user experience and for IT management. Of the choices, which statements describe features the proxy provides? (Select two)

Content filtering
Load balancing
VPN access
Caching of web content

Answer 7

Most web proxy servers provide caching engines, which retain frequently requested web pages, negating the need to re-fetch those pages for subsequent requests.

Caching of web content
Content filtering

Question 8

A network engineer configures a secondary wide area network (WAN) interface on a firewall for a large company. With the new configuration, each WAN interface will now handle specific network traffic. Evaluate the new configuration and determine its purpose.

Load balancer
RADIUS server
Content filter
Proxy server

Answer 8

Load balancer

A load balancer can switch traffic to alternative nodes, reduce bottlenecks, and allow for failover services. In this case, certain traffic is being redirected to take advantage of available bandwidth.

Question 9

A systems administrator deploys a proxy server for an organization. The administrator chooses to use a transparent approach to the configuration. Considering how the systems administrator deploys the proxy server, what does this configuration type utilize?

Client port configuration
Inline network appliance
Content filtering
Web content caching

Answer 9

Inline network appliance

A transparent proxy intercepts client traffic without the client being configured. A transparent proxy must be implemented on a switch or router or other inline network appliance.

Question 10

A company’s sales team functions as a completely remote workforce. To support the team, IT implements a solution for access to internal company files and assets. Which two technologies does the IT department implement to provide this access? (Select two)

UTM appliance
VPN concentrator
RADIUS server
Proxy server

Answer 10

VPN concentrator
RADIUS server

When Virtual Private Network (VPN) access is part of a dedicated appliance it is known as a VPN concentrator. For example, a firewall can be used as a VPN connection point that authenticates users via a Remote Authentication Dial-in User Service (RADIUS) server.

Remote Authentication Dial-in User Service (RADIUS) is a standard protocol that can be used to manage a remote access authentication infrastructure.

Question 11

A company uses multiple internet providers to maintain a reliable network. The wide area network (WAN) interfaces on a firewall handles the traffic with policies. Considering the approach to Internet access, what does this company utilize?

Content filter
Proxy server
Load balancer
RADIUS server

Answer 11

Load balancer

A load balancer can switch traffic to alternative nodes, reduce bottlenecks, and allow for failover services. In this case, certain traffic is being redirected to take advantage of available bandwidth.

Question 12

An IT engineer implements a SonicWall firewall and a Windows server for connectivity and authentication purposes. Which of the following roles does the IT engineer configure for this implementation? (Select two)

Proxy server
VPN concentrator
RADIUS server
UTM appliance

Answer 12

VPN concentrator
RADIUS server

When Virtual Private Network (VPN) access is part of a dedicated appliance it is known as a VPN concentrator. For example, a firewall can be used as a VPN connection point that authenticates users via a Remote Authentication Dial-in User Service (RADIUS) server.

Remote Authentication Dial-in User Service (RADIUS) is a standard protocol that can be used to manage a remote access, authentication, and infrastructure.

Question 13

In a virtualized environment, guest machines can communicate with physical systems, even with those on a different subnet. The guests, however, cannot communicate with wireless printers. Which configuration is causing the issue?

Virtual NIC
Virtual router
Virtual switch
Virtual firewall

Answer 13

Virtual firewall

A virtual firewall can deploy in kernel or hypervisor mode. A firewall can block communications based on ports and other criteria. The firewall should be checked to ensure communication is not blocked.

Question 14

A network implementation experiences a severe bottleneck. IT personnel suggest implementing which technology to allow increased data throughput?

Virtual switch
Jumbo frame
InfiniBand
iSCSI

Answer 14

Jumbo frame

A jumbo frame is a frame that supports a data payload of up to 9,000 bytes and is used to overcome limits of 1,500 bytes. This in turn reduces the number of transmitted frames.

Question 15

A shared storage solution uses a file-level method for data storage and sharing. Which solution is in place?

NAS
InfiniBand
FCoE
SAN

Answer 15

NAS

A Network Attached Storage (NAS) appliance is a hard drive, (or RAID array— redundant array of independent/inexpensive disks) that provides file-level network access via various file sharing protocols, such as NFS (network file system).

Question 16

Users at a company complain to IT about slow network speeds. An engineer determines that traffic is overwhelming a network switch. After some research, the engineer looks to implement which of the following solutions to remedy the issue.

InfiniBand
Hypervisor
Jumbo frame
iSCSI

Answer 16

Jumbo frame

A jumbo frame is a frame that supports a data payload of up to 9,000 bytes and is used to overcome limits of 1,500 bytes. This reduces the number of transmitted frames on a network. Fewer frames means less processing a switch needs to do.

Question 17

A systems administrator configures a new network storage device. The administrator discovers that an intended host system does not have a host channel adapter (HCA). The project is on hold as there are no budget funds left to purchase the adapter. Based on the requirements of the implementation, the administrator plans to use which technology?

Jumbo frame
InfiniBand
iSCSI
Hypervisor

Answer 17

InfiniBand

InfiniBand is a high-speed switching fabric used in storage area networks (SAN) and data center networks. It uses Host Channel Adapters (HCA) and Target Channel Adapters (TCA).

Question 18

An engineer determines that a network switch is currently overwhelmed. Of the choices, which technology can improve the switch’s performance?

Jumbo frame
InfiniBand
FCOE
Hypervisor

Answer 18

Jumbo frame

A jumbo frame is a frame that supports a data payload of up to 9,000 bytes and is used to overcome limits of 1,500 bytes. This, in turn, reduces the number of transmitted frames.

Question 19

A guest operating system is not able to access a switch in a virtualized environment. What does a technician need to configure for a successful connection?

Virtual firewall
Virtual router
Virtual NIC
Hypervisor

Answer 19

Virtual NIC

In a virtual machine (VM), a virtual network interface (NIC) is a software-based representation of a network adapter that functions and is configurable in the same way as a physical network adapter.

Question 20

A systems administrator moves a database from an old server to a new device that uses a host bus adapter (HBA) for connectivity to the network. The administrator places the device on the network, hoping for much better performance and quicker access for clients. With the implementation in mind, what has the administrator deployed for users?

Hypervisor
InfiniBand
NAS
SAN

Answer 20

SAN

In a storage area network (SAN), shared access is provided to clients at block level. A SAN uses an initiator (a host bus adapter) in the storage device.

Question 21

IT adds a new storage device to the network. The purpose of the device is to house all user shares, which are accessible by clients via the network file system (NFS) protocol. Consider the properties and features of the following choices and determine which type of storage device the network is using.

SAN
NAS
FCoE
Fibre Channel

Answer 21

NAS

A Network Attached Storage (NAS) appliance is a hard drive, (or RAID array— redundant array of independent/inexpensive disks) with a cut-down server board that provides network access via various file sharing protocols, such asNFS (network file system).

Question 22

A new virtual environment in an organization is not functioning properly. Engineers conclude that a virtual switch is corrupt. Evaluate the function choices and determine which function the misconfigured switch is directly impacting.

Access to different subnets
Subnet content filtering
Dynamic address assignment
Subnet host communication

Answer 22

Subnet host communication

In a virtual environment, a software-based switch functions as a layer 2 physical switch. A switch is required for hosts within a subnet to communicate with one another.

Question 23

A company uses a network-based storage device for file shares. The implementation of the device uses an Internet protocol (IP) tunneling protocol and standard ethernet network adapters. Based on these technology features, which of the following provides connectivity to the device?

Jumbo frame
InfiBand
Fibre Channel
iSCSI

Answer 23

iSCSI

Allows computers to access networked hard drives and access the files as though the harddrive was physically connected to the PC. The OS doesn’t distinguish between physical connected drives and drives connected via iSCSI.

Question 24

A company retires a network connection that utilizes cell switching technology and individual connections called virtual channels. Based on the provided characteristics, the company discontinues using which of the following technologies?

ISDN
ATM
Frame RElay
PPPoE

Answer 24

ATM

Asynchronous Transfer Mode (ATM) is a transport mechanism using cell switching technology. An ATM switch makes virtual connections with other switches to provide a data path from endpoint to endpoint.

Question 25

Internet access options for a small remote office are not robust. At minimum, IT looks for an “always on” connection. Which options are appropriate for this solution? (Select two)

PPoE
ISDN
DSL
ATM

Answer 25

PPoE
DSL

Digital subscriber line (DSL) transfers data over voice-grade telephone lines. DSL uses the higher frequencies available in a copper telephone line as a communications channel.

When a broadband service connects to an ISP, the service will often use Ethernet as the Data Link protocol. Point-to-Point Protocol over Ethernet (PPPoE) is simply a means of creating PPP connections over an Ethernet link.

Question 26

A leased line experiences performance issues. The telco perfoms a self-test to check for issues with the line. Which component allows for self-testing?

Demarcation point
Copper
CSU/DSU
Smart Jack

Answer 26

Smart jack

A T1 line is usually terminated at a smart jack or Network Interface Unit (NIU) which contains line testing facilities (loopback) for the telco to use. This allows the service provider to test the line remotely.

Question 27

An IT engineer cleans a network rack and removes unused equipment. The engineer finds an old device used with a leased line install. Which device did the engineer find and remove as its functionality is obsolete?

PRI
SIP trunk
CSU/DSU
MPLS

Answer 27

CSU/DSU

Digital leased lines use devices called Channel Service Units (CSUs) or Data Service Units (DSUs), instead of traditional modems that are used for analog systems/lines.

Question 28

A new company renovates an older office space. Part of the renovation includes replacing all data cabling, such as exchanging RG-59 cable with RG-6 cable. Considering the purpose of these cable types, which service benefits from the replacement?

DSL
Metropoiltan Ethernet
ATM
Cable broadband

Answer 28

Cable broadband

Coaxial cables are categorized using the radio grade (RG) standard. RG-6 and RG-59 are commonly used in cable access tv and broadband cable modems. (probably need to know all the RG cable standards)

Question 29

A company implements a network connection that utilizes cell switching technology and individual connections called virtual channels. The connection will handle both voice and video. Based on the provided characteristics, which technology does the company implement?

Frame Relay
ATM
ISDN
PPPoE

Answer 29

ATM

Asynchronous Transfer Mode (ATM) is a transport mechanism using cell switching technology. An ATM switch makes virtual connections with other switches to provide a data path from endpoint to endpoint.

Question 30

An engineer configures constraint-based routing by using congestion and quality of service settings. Considering this approach, which technology is the engineer working with?

MPLS
PPP
DMVPN
PPoE

Answer 30

MPLS

Multiprotocol Label Switching (MPLS) was developed by Cisco from ATM, as a means of providing traffic engineering, Class of Service (CoS), and Quality of Service (QoS), within a packet-switched network, rather than a circuit-switched network.

Question 31

A company reports that phones are not working. What is likely causing the problem?

Dial-up
PPP
PPoE
SIP Trunk

Answer 31

SIP trunk

A Session Initiation Protocol (SIP) service from a provider identifies the use of the Internet access channel for voice. It is not uncommon for a SIP trunk to be down.

Question 32

An organization has a location with limited Internet access options. Which option allows for on-demand connectivity?

DSL
PPP
ISDN
PRI

Answer 32

ISDN

The integrated services digital network (ISDN) is a fully digital version of the local loop. ISDN is a digital circuit switched technology for voice, video, and data. ISDN connections are made as needed.

Question 33

A company is cleaning their facility and discarding anything considered unusable. An employee finds a spool of RG-59 cable. IT informs the employee that the cable is outdated. Determine the type of technology used with the cable.

Metropolitan Ethernet
PRI
Cable broadband
Dial-up

Answer 33

Cable broadband

A cable broadband Internet connection is usually available along with Cable Access TV (CATV). This type of service uses coaxial cable (RG-6 or RG-59).

Question 34

An organization plans to move a data closet from one end of a building to another. As a result, IT rewires certain areas of the building. In doing so, IT uses RG-6 cabling. Considering cable types and functionality, which solution should use RG-6?

ATM
DSL
Cable broadband
Metropolitan Ethernet

Answer 34

Cable broadband

Coaxial cables are categorized using the radio grade (RG) standard. RG-6 and RG-59 are commonly used in cable access tv and broadband cable modems.

Question 35

A technician installs a cable modem for business grade internet access at a small remote office. Connecting the modem requires using RG rated cabling. Evaluate the media options. Which type satisfies the requirement for connecting the modem?

FIber
DSL
Twisted pair
Coaxial

Answer 35

Coaxial

Coaxial cables are categorized using the radio grade (RG) standard. The categories do not prescribe the quality of coax cabling, but categorize it by the thickness of the core conductor and the cable’s characteristic impedance. RG-6 and RG-59 are commonly used in cable access tv and broadband cable modems.

Question 36

An engineer runs RG-6 cable through a crawl space. Which type of service does this type of cabling support?

PPP
Cable broadband
PPPoE
Dial-up

Answer 36

Cable broadband

A cable broadband Internet connection is usually available along with Cable Access TV (CATV). This type of service uses coaxial cable (RG-6 or RG-59).

Question 37

What is Frame Relay speed

Answer 37

56kbps-1.544 MBps

Question 38

What is T1 speed

Answer 38

1.544 MBPS

Question 39

What is T3 speed

Answer 39

44.736 MBPS

Question 40

What is E1 speed

Answer 40

2.08 mbps

Question 41

What is E3 speed

Answer 41

34.4 mbps

Question 42

What is ATM speed

Answer 42

155 mbps - 622 mbps

Question 43

What is SONET speed

Answer 43

51.84 Mbps - 159.25 Gbps