Final Exam Flashcards by Mark Scribner

qtext

answer

How well did you know this?

Not at all

Perfectly

Which routing protocol uses a composite metric of bandwidth and delay of the line to find the best path to a remote network?

EIGRP

How well did you know this?

Not at all

Perfectly

Which command will display the current contents of the ARP cache on the local workstation?

arp -a

How well did you know this?

Not at all

Perfectly

A network device that is used to connect multiple devices without segmenting a network is a ?

Hub

How well did you know this?

Not at all

Perfectly

The Spanning Tree Protocol allows for redundancy of what networking device?

Bridge (switch)

How well did you know this?

Not at all

Perfectly

Which can operate at both Layers 2 and Layer 3 of the OSI model?

Layer 3 switch

How well did you know this?

Not at all

Perfectly

SMTP resides at what layer of the OSI model?

Application

How well did you know this?

Not at all

Perfectly

A user discovers that their wireless 802.11g Internet connection is intermittently disrupted. What can typically cause this problem?

Cordless phones and/or microwave ovens

How well did you know this?

Not at all

Perfectly

Which device helps to increase the number of collision domains?

Switch

How well did you know this?

Not at all

Perfectly

Which logical physical topology does 802.3 utilize?

Bus

How well did you know this?

Not at all

Perfectly

Which wireless standard has a maximum data rate of 11Mbps?

802.11b

How well did you know this?

Not at all

Perfectly

What functionality does Kerberos provide?

Authentication of security principles and authorization of access to resources

How well did you know this?

Not at all

Perfectly

What TCP/IP port numbers does FTP utilize?

20 and 21. 20 is FTP data or a client, and 21 is an FTP server.

How well did you know this?

Not at all

Perfectly

At what layer of the OSI model does UDP reside?

Transport

How well did you know this?

Not at all

Perfectly

Convert the following binary string to its dotted decimal address: 11000000.10101000.01100011.00011010

192.168.99.26

How well did you know this?

Not at all

Perfectly

100BaseTX uses how many pairs of Category 5 unshielded twisted-pair (UTP) cables?

2 pairs

How well did you know this?

Not at all

Perfectly

What device connects computers with wireless adapters to a network in infrastructure mode?

Access point

How well did you know this?

Not at all

Perfectly

Converting analog signals to digital signals and digital signals to analog signals can be done using what device?

Modem. Dial-up modems are rarely used today, but cable modems are.

How well did you know this?

Not at all

Perfectly

The maximum segment length for Ethernet is .

100 meters (328 feet)

How well did you know this?

Not at all

Perfectly

What is the maximum speed of 802.11g?

54Mbps (megabits per second)

How well did you know this?

Not at all

Perfectly

Which techniques would increase the bandwidth for network transmission by joining multiple connections into one logical connection?

Bonding

How well did you know this?

Not at all

Perfectly

True/False: Firewalls are used to prevent packets from entering and leaving a network.

TRUE

How well did you know this?

Not at all

Perfectly

Which device can never run full duplex?

Hub

How well did you know this?

Not at all

Perfectly

A valid Media Access Control (MAC) address is how many bytes long?

How well did you know this?

Not at all

Perfectly

What well-known port does Trivial File Transfer Protocol (TFTP) use?

In which OSI layer does a bridge operate?

Data Link

An IT specialist is going to implement a packet filter on a network for Internet connections. What port must they allow through the firewall for users to connect to the Web?

What is the name of the point where local exchange carrier responsibility ends?

Demarc

What protocol translates the IP address to its physical network address?

ARP

Ethernet networking is known as a physical topology.

Star

What is the default port for HTTPS?

443

In the Media Access Control (MAC) address 00:B0:D0:6A:F2:B5, what does 00:B0:D0 identify?

The manufacturer of the device, known as the OUI

Which network segment is located outside the firewall?

DMZ

A network administrator needs to establish a remote connection to a client machine. Telnet is not secure because everything is sent in the clear. Which protocol and port number should be used instead?

Secure Shell (SSH), port 22

What fiber connector looks similar to an RJ-45 connector and connects two strands of fiber?

Mechanical transfer registered jack (MT-RJ)

What cable type is used to link together two buildings that are over 10 miles (16.09 kilometers) apart?

Single-mode fiber (SMF)

What is the maximum Cat 3 length acceptable for a horizontal cross-connect?

100 meters (328 feet)

An optical time-domain reflectometer (OTDR) can be used to assess what?

Fiber segments

What level of the Open Systems Interconnection (OSI) model does a proxy server operate in?

Application

What device is used to create a virtual local area network (VLAN)?

Switch

What protocol creates a secure connection between a web browser and a web server and is an alternative to using Telnet?

Secure Sockets Layer (SSL)

True/False: If an administrator wants to set up an email server to exchange emails with other servers over the Internet, Simple Mail Transfer Protocol (SMTP) would be utilized.

TRUE

Which remote access authentication protocol allows usernames and passwords to be transmitted as clear text?

Password Authentication Protocol (PAP), which has been replaced by CHAP.

At what layer of the Open Systems Interconnection (OSI) model does a router function?

Network

Simple Mail Transfer Protocol (SMTP) utilizes what well-known Transmission Control Protocol/Internet Protocol (TCP/IP) port number?

A technician pings 127.0.0.1 and gets the following result - Unable to contact IP driver, error code 2. - What should you do now?

Reinstall the TCP/IP protocol

True/False: 172.192.4.256 is a valid Internet Protocol (IP) address.

False

What Open Systems Interconnection (OSI) layer converts digital data into electronic signals to be put on a wire?

Physical

True/False: Internet Control Message Protocol (ICMP) is used for error reporting with Internet Protocol (IP).

TRUE

Which WAN technologies uses 30 64Kpbs channels?

E-1

What network hardware allows most traffic collisions?

Hub

Which system detects and reports attempts of unauthorized access to the network?

IDS

True/False: 32-bit is a valid Wired Equivalent Privacy (WEP) key.

FALSE

True/False: 1000Mbps is known as 1000 terabytes per second.

False. It means gigabyte per second.

True/False: One of the purposes of a virtual local area network (VLAN) is to add more users.

False. It is to break up broadcast domains.

Which device would administer routing in a network?

Router, or Layer 3 switch

True/False: If a network administrator needs to restrict access to certain websites, a proxy server should be implemented.

TRUE

A technician is terminating a line that was extending an Ethernet jack to a wiring closet. Which hardware tool is necessary to complete the task?

Punch-down tool

What is required to pass traffic from one VLAN to another?

Router, or Layer 3 switch

At what two layers of the Open Systems Interconnection (OSI) model does a packet-filtering firewall operate?

Network and Transport

How many pairs are crossed in a crossover cable?

Two

True/False: The maximum speed of 802.11b is 54Mbps (megabits per second).

FALSE

True/False: The maximum speed of 802.11b is 11Mbps (megabits per second).

TRUE

Which documentation would a network administrator need to update if they have just finished upgrading the firmware on all switches within the LAN?

Physical network diagram

True/False: The number of wireless users will affect the range of an 802.11b wireless access point (WAP).

False. It will affect the throughput but not the distance.

True/False: 1000BaseCX is an Institute of Electrical and Electronics Engineers (IEEE) copper cable standard.

TRUE

True/False: A mesh network has the least collisions.

TRUE

True/False: Mesh network topology uses the most cable of any physical topology.

TRUE

True/False: 100BaseFX runs over Category 5e cable.

FALSE

True/False: 100BaseFX runs over multimode fiber (MMF) cable.

TRUE

What is the maximum cable type required for 100BaseTX?

Category 5 unshielded twisted-pair (UTP)

True/False: Using a wireless access point (WAP), you can bridge an 802.3 network to an 802.11 network.

TRUE

Which type of connector does a 10BaseFL network use?

Straight tip (ST)

True/False: The 802.11b/g frequency band is 2.4GHz (gigahertz).

TRUE

Which protocol permits secure polling network devices?

SNMPv3

Which is a topology used in networks for its scalability?

Star

What is part of the IP suite and is used to monitor network-managed devices?

SNMP

A technician is extending a data circuit to the other side of the building. What would the technician set up at the new location?

IDF

Among the encryption protocols that the DoD says are unbreakable, which is the best?

AES

What encryption protocol or standard allows you to create a virtual subnet on an intranet?

SSL VPN

Which user-authentication method uses a public key and private key pair?

PKI

True/False: RIPv2 is a hybrid routing protocol.

FALSE

True/False: RIPv1 is a link state routing protocol.

FALSE

Which two software types would be used for identifying an attack?

IDS and IPS

A client purchases a new wireless printer and wants to be able to bond it their PDA. What is the name of the technology that describes the type of wireless printer that was purchased?

Bluetooth

True/False: Internet Protocol version 6 (IPv6) uses 128-bit addresses.

TRUE

A technician has just finished implementing a solution for a network issue. What steps in should the technician do next?

Document the issue and the solution that was implemented.

True/False: A denial of service (DoS) attack is meant to prevent users from accessing a system.

TRUE

True/False: IP spoofing is the process of sending a packet with a fake source address, pretending that the packet is coming from within the network the hacker is trying to attack.

TRUE

Which routing protocols uses AS-Path as one of the methods to build the routing table?

BGP

A technician is troubleshooting a switch and has identified the symptoms. What step should the technician take next?

Escalate the issue.

What kind of tool could a hacker use to intercept traffic on your network?

Packet sniffer

Remote users are having problems accessing files from a file server. Which should a technician check first?

Connectivity

Which type of virus attacks executable application and system program files?

File virus

Which monitoring software is used to view a network at the frame level?

Packet sniffer

A technician needs to test a wire that is in the wall. What is the best way for the technician to identify the wire's location?

Use a tone generator

What devices allow segregation of collision domains but not broadcasting domains?

Switches

What is the maximum transmission distance of 10GBaseLR?

6 miles

In which layer of the OSI model does IPSec operate?

Network (Layer 3)

What tool would be used to test the break in a fiber connection on the network?

OTDR

True/False: A rogue access point is where a switch has been installed on a network without the administrator's knowledge.

False. Where an AP has been installed without permission.

True/False: Phishing/social engineering refers to the act of attempting to illegally obtain sensitive information by pretending to be a credible source.

TRUE

What are the three main types of intruder detection and defense?

Active detection, passive detection, proactive defense

What defines how security will be implemented in an organization, including physical security, document security, and network security?

Security policy

What authentication method allows for domain-level authentication on a wireless network?

RADIUS

A company is in the process of upgrading its network infrastructure to support new VoIP telephony equipment. What is a primary feature to consider when selecting a new switch to support the phones?

PoE

True/False: A security procedure defines the appropriate response to a security event on your network.

TRUE

What are the three primary LAN topologies?

Bus, ring, and star, but we only use bus in today's LANs.

What common WAN topology often results in multiple connections to a single site, leading to a high degree of fault tolerance?

Mesh

What is the term for a device that shares its resources with other network devices?

Server

What network model draws a clear distinction between devices that share their resources and devices that do not?

Client-server

Which network topology or connection type can be implemented with only two endpoints?

Point-to-point

Will a computer that shares no resources most likely be connected to the backbone or to a segment?

Segment

Which LAN topology is characterized by all devices being daisy-chained together with the devices at each end being connected to only one other device?

Bus

True/False: RIP is a vendor-neutral routing protocol that uses very little bandwidth but a lot of memory on a router.

False. Yes, RIP is vendor neutral, but it uses little router processing and a lot of bandwidth to do its job.

True/False: OSPF is a hybrid routing protocol.

FALSE

True/False: EIGRP is used to update the ARP tables on a router.

FALSE

What does the acronym ICMP stand for?

Internet Control Message Protocol

True/False: EIGRP is a classful routing protocol.

FALSE

True/False: EIGRP has no version that supports IPv6.

FALSE

True/False: OSPF is a link state protocol that supports VLSM and classless routing.

TRUE

True/False: RIPv1 is a distance vector protocol that does not support VLSM and supports only classful routing.

TRUE

What does the acronym IS-IS stand for?

Intermediate System-to-Intermediate System

What does the acronym IDS stand for?

Intrusion detection system

What WAN protocol is described as residing in Layer 2.5 of the OSI model?

MPLS

True/False: If you can ping a host, this does not mean you can access its services.

TRUE

What is another name for the Media Access Control (MAC) address?

Physical address or hardware address

Which LAN connection technology has a full-duplex speed of 200Mbps and uses a Cat 5e cable?

100BaseT

What is the Internet Protocol version 4 (IPv4) loopback address?

127.0.0.1

An Ethernet Media Access Control (MAC) address consists of how many bits?

True/False: EIGRP uses hop count as a metric to determine the best path to a remote network.

FALSE

Why would you use dynamic routing over static routing?

It updates the routing table automatically and scales to large networks.

True/False: OSPF can be used only on Cisco routers.

FALSE

True/False: DSL is used to connect hosts to an Ethernet hub.

FALSE

True/False: SDSL means that your download and upload speeds on the line are different.

TRUE

True/False: A link light is the small, usually red, LED on the back of a network card.

FALSE

True/False: ADSL means that the uplink and download speeds of a DSL link are the same.

TRUE

Which of the following does not accurately describe TACACS+ in comparison to RADIUS? A. TACACS+ relies on TCP, not UDP, at the Transport layer. B. TACACS+ is typically installed on a router or switch, rather than on a server. C. TACACS+ encrypts all information transmitted for AAA rather than just the password. D. TACACS+ was developed for proprietary use on Cisco products. E. TACACS+ operates as a software application on a remote access server.

Answer: E

Your network manager has purchased a dozen new access points and all are configured to use the new 802.11ac standard in the 5-GHz band. These access points will be backward-compatible with older access points that run which of the following standards? (Choose all that apply.) A. 802.11g B. 802.11n C. 802.11b D. Bluetooth E. None of the above

Answer: A, B, C

``` Which of the following figures reflects the type of physical topology commonly used on a 100Base-T network? A. [Insert Figure D-Q3A here] B. [Insert Figure D-Q3B here] C. [Insert Figure D-Q3C here] D. [Insert Figure D-Q3D here] E. [Insert Figure D-Q3E here] ```

Answer: E

You have installed and configured two virtual Web servers and a virtual mail server on a physical server. What networking mode will you assign to each server’s vNIC to ensure that the virtual machines’ hosts on the Internet can access the virtual machines? A. NAT B. Bridged C. Host-only D. Internal E. Grouped

Answer: B

Your organization contracts with a cloud computing company to store all of its data. The company promises 99.99% uptime. If it lives up to its claims, for how many minutes each year can you expect your data to be unavailable? A. Approximately 448 minutes B. Approximately 99 minutes C. Approximately 52 minutes D. Approximately 14 minutes E. Approximately 6 minutes

Answer: C

You are rearranging nodes on your Gigabit Ethernet network. Due to a necessarily hasty expansion, you have decided to supply power to a wireless router in a makeshift data room using PoE. What is the minimum cabling standard you must use to connect this wireless router to the network’s backbone? A. RG-6 B. RG-59 C. Cat 5e D. SMF E. Cat 6

Answer: C

``` To ensure that your private network is always protected, you decide to install three redundant firewalls. Which of the following would allow you to assign the same IP address to all three? A. SMTP B. CARP C. SNMPv3 D. IMAP E. NTP ```

Answer: B

You are a networking technician in a radiology clinic, where physicians use the network to transmit and store patients’ diagnostic results. Shortly after a new wing, which contains X-ray and magnetic resonance imaging (MRI) machines, is added to the building, computers in that area begin having intermittent problems saving data to the file server. After you have gathered information, identified the symptoms, questioned users, and determined what has changed, what is your next step in troubleshooting this problem? A. Establish a plan of action to resolve the problem. B. Escalate the problem. C. Document findings, actions, and outcomes. D. Establish a theory of probable cause. E. Determine the next steps to resolve the problem.

Answer: D

``` You are part of a team participating in a posture assessment of your company’s WAN. Which of the following tools or strategies will help you gain a broad understanding of your network’s vulnerabilities? A. MIB B. War chalking C. Nmap D. WPA cracking E. PGP ```

Answer: C

You work for an ISP. Several of your customers have called to complain about the slow response from a popular Web site. You suspect that network congestion is at fault. Which TCP/IP utility would help you determine where the congestion is occurring? A. FTP B. Nslookup C. Nbtstat D. Tracert E. Telnet

Answer: D

``` Which of the following WAN topologies is the most fault tolerant? A. Full mesh B. Bus C. Peer-to-peer D. Ring E. Hierarchical ```

Answer: A

``` Which of the following is a valid MAC address? A. C3:00:50:00:FF:FF B. 153.101.24.3 C. ::9F53 D. FE80::32:1CA3:B0E2 E. D0:00:00:00 ```

Answer: A

``` What type of network could use the type of connector shown below? [Insert Figure D-Q13 here] A. 100Base-FX B. 100Base-TX C. l0Base-T D. 1000Base-T E. 10Base-2 ```

Answer: A

Your organization has just ordered its first T-1 connection to the Internet. Prior to that, your organization relied on a DSL connection. Which of the following devices must you now have that your DSL connection didn’t require? A. Modem B. CSU/DSU C. Switch D. Hub E. Router

Answer: B

Which of the following wireless standards provides an entirely IP-based, packet switched network for both voice and data transmissions? (Choose two.) A. LTE B. 802.16e C. 802.16m D. HSPA+ E. 802.11n

Answer: A, C

``` You have created a new Web server on a computer running the Linux operating system. Which of the following programs will generate messages when modules don’t load correctly or services encounter errors? A. Event Viewer B. IDS/IPS C. Packet Sniffer D. Network Monitor E. Syslog ```

Answer: E

You have been asked to provide a connectivity solution for a shuttle-bus system at a large theme park. The owners of the park want a wireless network that reaches all parking lots and drop-off points throughout the park’s 2.4-square mile campus. Each shuttle is to be equipped with a wireless antenna to provide real-time pick-up and drop off directives to each driver. The park owners plan to install their own base station antennas in order to have complete control of the amount and type of traffic traversing the WAN, but they are very concerned about the cost of equipment installation. Considering the needs and priorities of the theme park owners, what is the best solution for this client? A. Metro Ethernet B. 802.11n C. NFC D. 802.11ac E. WiMAX

Answer: E

You want to add the five virtual machines that exist on your host machine to the Staff VLAN at your office. Which of the following must your host machine’s NIC support? A. CSMA/CA B. Channel bonding C. MIMO D. Trunking E. OSPF

Answer: D

You have just rearranged the access points on your small office network. Now a group of employees complains that they cannot reliably get their workstations to connect with a new 802.11ac access point. You have confirmed that the workstations are using the correct SSID, security type, and passphrase. You have also confirmed that the access point is on and functioning properly because when you stand in the computer room where it’s located, you can connect to the access point from your smartphone. Which of the following is likely preventing the other users’ workstations from associating with the new access point? A. The users are attempting to log on using incorrect user IDs. B. The workstations are located beyond the access point’s range. C. The workstations are set to use 802.11g. D. The users have turned off their wireless antennas. E. The workstations’ wired NICs are causing addressing conflicts with their wireless NICs.

Answer: B

``` Which of the following wireless security techniques uses RADIUS and AES? A. WEP B. WPA C. WPA2 D. WPA-Enterprise E. WPA2-Enterprise ```

Answer: E

You are the network administrator for a large college whose network contains nearly 10,000 workstations, over 100 routers, 80 switches, and 2000 printers. You are researching a proposal to both upgrade the routers and switches on your network and at the same time improve the management of your network. To make automating network management easier, what type of protocol must the new routers and switches support? A. TFTP B. SMTP C. NNTP D. ICMP E. SNMP

Answer: E

In the process of troubleshooting an intermittent performance problem with your network’s Internet connection, you attempt to run a tracert test to microsoft.com. The tracert response displays the first 12 hops in the route, but then presents several “Request timed out” messages in a row. What is the most likely reason for this? A. Your network’s ISP is experiencing connectivity problems. B. The Internet backbone is experiencing traffic congestion. C. Your client’s TCP/IP service limits the tracert command to a maximum of 12 hops. D. Your IP gateway failed while you were attempting the tracert test. E. Microsoft’s network is bounded by firewalls that do not accept incoming ICMP traffic.

Answer: E

What is the network ID for a network that contains the group of IP addresses from 194.73.44.10 through 194.73.44.254 and is not subnetted? A. 194.1.1.1 B. 194.73.0.0 C. 194.73.44.1 D. 194.73.44.255 E. 194.73.44.0

Answer: E

``` Which of the following 10-gigabit technologies has the longest maximum segment length? A. 10GBase-SR B. 10GBase-ER C. 10GBase-T D. 10GBase-LW E. 10GBase-SW ```

Answer: B

``` Recently, your company’s WAN experienced a disabling DDoS attack. Which of the following devices could detect such an attack and prevent it from affecting your network in the future? A. A honeypot B. SIEM C. HIPS D. Nmap E. NIPS ```

Answer: E

In NAT, how does an IP gateway ensure that outgoing traffic can traverse public networks? A. It modifies each outgoing frame’s Type field to indicate that the transmission is destined for a public network. B. It assigns each outgoing packet a masked ID via the Options field. C. It interprets the contents of outgoing packets to ensure that they contain no client-identifying information. D. It replaces each outgoing packet’s Source address field with a public IP address. E. It modifies the frame length to create uniformly sized frames, called cells, which are required for public network transmission.

Answer: D

You have purchased an access point capable of exchanging data via the 802.11n or 802.11ac wireless standard. According to these standards, what is the maximum distance, in meters, from the access point that wireless stations can travel and still reliably exchange data with the access point? A. 20 B. 75 C. 100 D. 400 E. 550

Answer: D

Which of the following functions does SIP perform on a VoIP network? (Choose all that apply.) A. Determines the locations of endpoints B. Provides call waiting and caller ID services C. Prioritizes calls for any single endpoint in a queue D. Establishes sessions between endpoints E. Encrypts VoIP signals before they are transmitted over the network

Answer: A, D

``` You suspect that a machine on your network with the host name PRTSRV is issuing excessive broadcast traffic on your network. What command can you use to determine this host’s IP address? A. netstat PRTSRV B. ipconfig PRTSRV C. nslookup PRTSRV D. ifconfig PRTSRV E. nbtstat PRTSRV ```

Answer: C

``` Which of the following allows a protocol analyzer on your network’s backbone switch to monitor all the traffic on a VLAN? A. Trunking B. Port mirroring C. Looping D. Spanning Tree Protocol E. Caching ```

Answer: B

``` What element of network management systems operates on a managed device, such as a router? A. MIB B. Polling C. Agent D. Nmap E. Caching ```

Answer: C

Your company is experiencing a growth spurt and is ready to invest in a more sophisticated disaster recovery plan. Currently the only backup plan consists of a few spare computers in a storage closet, with data on the servers duplicated weekly to an off-site backup service. The owners of the company have committed to acquiring additional servers to duplicate critical servers in their current network, and they want the servers to be configured identically to the servers now in use. The new servers will be stored at an off-site data center, and updated every time the on-site servers are updated. What type of disaster recovery site is your company creating? A. Hot site B. Ambient site C. Site survey D. Warm site E. Looking glass site

Answer: D

``` Which of the following is a single sign-on authentication method? A. IPsec B. EAPoL C. SSL D. Kerberos E. CHAP ```

Answer: D

You are a network administrator for a WAN that connects two regional insurance company offices—the main office and a satellite office—to each other by a T-3. The main office is also connected to the Internet using a T-3. This T-3 provides Internet access for both offices. To ensure that your private network is not compromised by unauthorized access through the Internet connection, you install a firewall between the main office and the Internet. Shortly thereafter, users in your satellite office complain that they cannot access the file server in the main office, but users in the main office can still access the Internet. What two things should you check? A. Whether the firewall has been configured to run in promiscuous mode B. Whether the firewall is placed in the appropriate location on the network C. Whether the firewall has been configured to allow access from IP addresses in the satellite office D. Whether the firewall has been configured to receive and transmit UDP-based packets E. Whether the firewall has been configured to allow Internet access over the main office’s T-3

Answer: B, C

What is one function of a VPN concentrator? A. To prioritize traffic on a VPN B. To consolidate multiple VPNs into a single, larger VPN C. To cache a VPN’s frequently requested content D. To establish VPN tunnels E. To collect traffic from multiple VLANs into a VPN

Answer: D

While troubleshooting a workstation connectivity problem, you type the following command: ping 127.0.0.1. The response indicates that the test failed. What can you determine about that workstation? A. Its network cable is faulty or not connected to the wall jack. B. Its TCP/IP stack is not installed properly. C. Its IP address has been prevented from transmitting data past the default gateway. D. Its DHCP settings are incorrect. E. Its DNS name server specification is incorrect.

Answer: B

You are a support technician working in a data closet in a remote office. You suspect that a connectivity problem is related to a broken RJ-45 plug on a patch cable that connects a switch to a patch panel. You need to replace that connection, but you forgot to bring an extra patch cable. You decide to install a new RJ-45 connector to replace the broken RJ-45 connector. What two tools do you need to successfully accomplish this task? A. Punch-down tool B. Crimping tool C. Wire stripper D. Cable tester E. Multimeter

Answer: B, C

``` In IPv6, which of the following is the loopback address? A. 1.0.0.1 B. 127:0:0:0:0:0:0:1 C. FE80::1 D. ::1 E. 127.0.0.1 ```

Answer: D

``` Which two of the following devices operate only at the Physical layer of the OSI model? A. Hub B. Switch C. Router D. Bridge E. Repeater ```

Answer: A, E

Which of the following is a reason for using subnetting? A. To facilitate easier migration from IPv4 to IPv6 addressing B. To enable a network to use DHCP C. To limit broadcast domains D. To reduce the likelihood for user error when modifying TCP/IP properties E. To reduce the number of routing table entries

Answer: C

``` Which of the following is often used to secure data traveling over VPNs that use L2TP? A. PPTP B. PPoE C. Kerberos D. SSH E. IPsec ```

Answer: E

``` Which two of the following routing protocols offer fast convergence time and can be used on interior or border routers? A. RIP B. RIPv2 C. OSPF D. BGP E. EIGRP ```

Answer: C, E

At the beginning of the school year, students at your school must configure their computers and other devices to obtain trusted access to the student portion of the school’s network. What is this process called? A. Authenticating B. Remote wiping C. Backleveling D. Onboarding E. Updating

Answer: D

``` Which signaling protocol is modeled after HTTP and is limited to IP networks? A. H.323 B. RTCP C. SIP D. MGCP E. RTP ```

Answer: C

Due to popular demand from employees who need to roam from one floor of your office building to another, you are expanding your wireless network. You want to ensure that mobile users enjoy uninterrupted network connectivity without having to reconfigure their workstations’ wireless network connection settings. Which of the following variables must you configure on your new access points to match the settings on existing access points? A. Administrator password B. Scanning rate C. SSID D. IP address E. Signal strength

Answer: C

``` Which transport protocol and TCP/IP port does telnet use? A. UDP, port 23 B. TCP, port 21 C. UDP, port 22 D. TCP, port 23 E. UDP, port 21 ```

Answer: D

What is the purpose of an AAAA resource record in your DNS zone file? A. It identifies a host’s IPv4 address. B. It identifies a host’s IPv6 address. C. It identifies a host’s MAC address. D. It identifies a mail server address. E. It indicates an alternate name for the host.

Answer: B

``` What protocol is used to transfer mail between a Sendmail server and a Microsoft Exchange server? A. SMTP B. SNMP C. IMAP4 D. POP3 E. TFTP ```

Answer: A

What would the command route del default gw 192.168.5.1 eth1 accomplish on your Linux workstation? A. Delete the default gateway’s route to the host whose IP address is 192.168.5.1 B. Remove the assignment of IP address 192.168.5.1 from the eth1 interface C. Remove the workstation’s route to the default gateway whose IP address is 192.168.5.1 D. Add a route from the workstation to the default gateway whose IP address is 192.168.5.1 E. Remove the designation of default gateway, but keep the route for the host whose IP address is 192.168.5.1

Answer: C

``` Your 100Base-T network is wired following the TIA/EIA 568B standard. As you make your own patch cable, which wires do you crimp into pins 1 and 2 of the RJ-45 connector? A. White with green stripe and green B. White with brown stripe and brown C. White with blue stripe and blue D. White with red stripe and red E. White with orange stripe and orange ```

Answer: E

A regional bank manager asks you to help with an urgent network problem. Because of a sudden and severe network performance decline, the manager worries that the bank’s network might be suffering a DoS attack. Viewing which of the following types of network documentation would probably give you the quickest insight into what’s causing this problem? A. Wiring schematic B. Firewall log C. Logical network diagram D. The main file server’s system log E. Physical network diagram

Answer: B

You have connected to your bank’s home page. Its URL begins with “https://.” Based on this information, what type of security can you assume the bank employs for receiving and transmitting data to and from its Web server? A. Kerberos B. SSL C. IPsec D. L2TP E. Packet-filtering firewall

Answer: B

What is the function of protocols and services at the Network layer of the OSI model? A. To manage the flow of communications over a channel B. To add segmentation and assembly information C. To encode and encrypt data D. To add logical addresses and properly route data E. To apply electrical pulses to the wire

Answer: D

``` Which of the following utilities could you use to log on to a UNIX host? A. NTP B. ARP C. Ping D. SSH E. SNMP ```

Answer: D

While attempting to load a video to YouTube.com, the operation freezes and the upload fails. Which characteristic of the connection is being affected? A. Signaling B. Signal-to-noise ratio C. Throughput D. Goodput E. Attenuation

Answer: D

As a networking professional, you might use a multimeter to do which of the following? (Choose all that apply.) A. Determine where the patch cable for a specific server terminates on the patch panel B. Verify that the amount of resistance presented by terminators on coaxial cable networks is appropriate C. Check for the presence of noise on a wire (by detecting extraneous voltage) D. Confirm that a fiber-optic cable can transmit signals from one node to another E. Validate the processing capabilities of a new router

Answer: B, C

``` A virtual switch includes several virtual ports, each of which can be considered a: A. Virtual repeater B. Virtual router C. Virtual gateway D. Virtual hub E. Virtual bridge ```

Answer: E

``` What is the default subnet mask for the following IP address: 154.13.44.87? A. 255.255.255.255 B. 255.255.255.0 C. 255.255.0.0 D. 255.0.0.0 E. 0.0.0.0 ```

Answer: C

``` Which of the following diagrams illustrates a SONET network? A. [Insert Figure D-Q59A here] B. [Insert Figure D-Q59B here] C. [Insert Figure D-Q59C here] D. [Insert Figure D-Q59D here] E. [Insert Figure D-Q59E here] ```

Answer: B

How do most modern FTP servers prevent FTP bounce attacks? A. They will not issue data to hosts other than the client that originated the request. B. They will deny requests to ports 21 or 22. C. They will not allow anonymous logons. D. They require clients to communicate using SSH. E. They maintain an access list to determine which clients are legitimate.

Answer: A

``` At what layer of the TCP/IP model is routing information interpreted? A. Physical layer B. Data Link layer C. Network layer D. Application layer E. Transport layer ```

Answer: C

You work for a soft drink company where the temperature of the sodas must be monitored before the drinks are bottled. What device does this industrial network require that can detect this information but is not capable of adjusting the thermostat of the food processing equipment in reaction to temperature changes? A. PLC B. MTU C. RTU D. Actuator E. HMI

Answer: A

You have been asked to help improve network performance on a store’s small office network, which relies on two switches, two access points, and a router to connect its 18 employees to the Internet and other store locations. You decide to determine what type of traffic the network currently handles. In particular, you’re interested in the volume of unnecessary broadcast traffic that might be bogging down shared segments. Which of the following tools will help you identify the percentage of traffic that comprises broadcasts? A. Butt set B. OTDR C. Protocol analyzer D. Multimeter E. Cable tester

Answer: C

A colleague calls you for help with his home office Internet connection. He is using an 802.11n access point/router connected to a DSL modem. The access point/router’s private IP address is 192.168.1.1 and it has been assigned an Internet routable IP address of 76.83.124.35. Your friend cannot connect to any resources on the Internet using his new Windows workstation. You ask him to run the ipconfig command and read the results to you. He says his workstation’s IP address is 192.168.1.3, the subnet mask is 255.255.255.0, and the default gateway address is 192.168.1.10. What do you advise him to do next? A. Display his DNS information. B. Change his gateway address. C. Change his subnet mask. D. Try pinging the loopback address. E. Use the tracert command to contact the access point/router.

Answer: B

You are setting up a new Windows 8.1 client to connect with your LAN, which relies on DHCP. You made certain that the client has the TCP/IP protocol installed and is bound to its NIC. Which of the following must you do next to ensure that the client obtains correct TCP/IP information via DHCP? A. Make certain the client’s computer name and host name are identical. B. Enter the client’s MAC address in the DHCP server’s ARP table. C. Make sure the Client for Microsoft Networks service is bound to the client’s NIC. D. Enter the DHCP server address in the Windows 8.1 TCP/IP configuration. E. Nothing; in Windows 8.1, the DHCP option is selected by default, and the client will obtain IP addressing information upon connecting to the network.

Answer: E

``` Which OSI layer(s) operate differently in wired versus wireless network connections? A. Layers 5, 6, and 7 B. Layers 1, 2, and 3 C. Layer 1 D. Layer 2 E. Layers 1 and 2 ```

Answer: E

``` Which of the following devices separates broadcast domains? A. Hub B. Switch C. Bridge D. Repeater E. Router ```

Answer: E

``` Which one of the following media is most resistant to EMI? A. Coaxial cable B. UTP cable C. STP cable D. Fiber-optic cable E. Microwave ```

Answer: D

In the following figure, if router B suffers a failure, how will this failure affect nodes 1 through 9? [Insert Figure D-Q69 here] A. They will only be unable to access the Internet. B. They will be unable to access the Internet and either nodes 10 through 14 or 15 through 20. C. They will be unable to access the Internet, and all other nodes on the LAN. D. They will be unable to access the Internet and nodes 10 through 20. E. Their connectivity will not be affected.

Answer: D

``` Which of the following routing protocols has the poorest convergence time? A. RIP B. EIGRP C. OSPF D. BGP E. IGRP ```

Answer: A

``` Which of the following ports would be used during a domain name lookup? A. 22 B. 23 C. 53 D. 110 E. 443 ```

Answer: C

``` Suppose you have created six subnets on your network, which leases a group of Class C IPv4 addresses. What subnet mask must you specify in your clients’ configurations to adhere to your subnetting scheme? A. 255.255.255.6 B. 255.255.255.128 C. 255.255.255.192 D. 255.255.255.224 E. 255.255.255.0 ```

Answer: D

``` Which of the following protocols encapsulates data for transmission over VPNs? A. CHAP B. SNMP C. L2TP D. SFTP E. MPLS ```

Answer: C

You are configuring a DHCP server. Which of the following variables refers to the range of IP addresses that you will make available to all nodes on a segment? A. Scope B. Lease C. Zone D. Prefix E. Period

Answer: A

``` Which of the following wireless networking standards can reliably transmit data the farthest? A. LTE B. WiMAX C. 802.11b D. 802.11c E. 802.11n ```

Answer: A

How does STP (Spanning Tree Protocol) prevent or stop broadcast storms? A. It examines the source IP address field in each broadcast packet and temporarily blocks traffic from that address. B. It enables routers to choose one set of best paths and ensures that alternate paths are used only when the best paths are obstructed. C. It enables switches to calculate paths that avoid potential loops and artificially blocks the links that would complete a loop. D. It enables firewalls to keep access lists that name hosts known for high-volume broadcast traffic and block those hosts from transmitting to the network. E. It helps routers define the boundaries of a broadcast domain.

Answer: C

Which of the following standards describes a security technique, often used on wireless networks, in which a port is prevented from receiving traffic until the transmitter’s credentials are verified by an authentication server? A. EAPoL B. SSH C. SSL D. Kerberos E. MS-CHAP

Answer: A

``` If a Windows workstation is configured to use DHCP, but cannot find a DHCP server, it will assign itself an address and subnet mask. Which of the following IPv4 addresses might it assign itself? A. 129.0.0.1 B. 255.255.255.255 C. 123.45.67.89 D. 169.254.1.120 E. 987.65.432.1 ```

Answer: D

Suppose your Windows laptop’s wireless network adapter is configured to use the 802.11n wireless networking standard. Also, suppose a café you visit has an 802.11ac access point. Assuming you have the correct SSID and logon credentials, what will happen when you attempt to associate with the café’s wireless network? A. Your wireless networking client will be able to see the access point, but will be unable to associate with it. B. Your wireless networking client will not be able to see the access point. C. Your wireless networking client will be able to see the access point and attempt to associate with it, but the incompatible frequencies will prevent successful authentication. D. Your wireless networking client will be able to see the access point and attempt to associate with it, but the incompatible security techniques will prevent successful authentication. E. Your wireless networking client will be able to see the access point and successfully associate with it.

Answer: E

Routers use IGMP to: A. Identify nodes belonging to a multicast group B. Communicate with other routers about the best path between nodes C. Reserve bandwidth for priority transmissions, ensuring high QoS D. Filter out potentially harmful packets E. Predict the expected round-trip time of a packet over a WAN

Answer: A

``` A virtual PBX would provide your organization with which of the following services? A. Data storage in the cloud B. VoIP call connection C. Expedited Internet routing D. QoS guarantees for video streaming E. Load balancing for WAN connections ```

Answer: B

You work for a large fashion design firm. Because of a recent TV promotion, your company has received national recognition. At the same time, your WAN has received more security threats. To help fend off these threats, you decide to implement an IPS/IDS. Following is a simplified network diagram that represents your private network and its public network connection. Where on this diagram would you place the IPS/IDS device? [Insert Figure D-Q82 here]

Answer: E

An implementation of multiple 5-GHz APs that talk to each other in order to obtain 802.11n-type speeds is accomplished with what unofficial wireless standard? A. 802.11a-ht B. 802.11g-ht C. 802.11ac D. Super G E. 802.11i

Answer: A

``` A user watching a YouTube video over the Internet is an example of what type of communication? A. Unicast B. Multicast C. Broadcast D. Point-to-multipoint E. Multipoint-to-point ```

Answer: A

You are configuring a connection between two backbone switches, and you want to make sure the connection doesn’t fail or become overwhelmed by heavy traffic. Which of the following techniques would help you achieve both aims? A. Round-robin DNS B. CARP C. Clustering D. Trunking E. NIC teaming

Answer: E

``` Using RIPv2, what is the maximum number of hops a packet can take between its source and its destination? A. 3 B. 5 C. 10 D. 15 E. 18 ```

Answer: D

Which of the following QoS techniques enables packet-switched technologies to travel over traditionally circuit-switched connections? A. ATM B. SONET C. MPLS D. Frame relay E. Clustering

Answer: C

``` What kind of management does SSH provide for a switch? A. Remote configuration B. Management console C. In-band management D. Virtual terminal E. KVM ```

Answer: C

``` How many bits are in an IPv6 address? A. 16 B. 32 C. 64 D. 128 E. 256 ```

Answer: D

``` Which of the following makes use of channel bonding to maximize throughput? A. Bluetooth B. Satellite C. 802.11g D. 802.11n E. WiMAX ```

Answer: D

``` The following graph, which represents traffic activity for an ISP’s client, indicates that the ISP is utilizing what traffic-shaping technique? [Insert Figure D-Q91 here] A. Traffic policing B. Caching C. Load balancing D. Access list controls E. Fault tolerance ```

Answer: A

Your organization is reassessing its WAN connections to determine how much more bandwidth it will need to purchase in the next five years. As a network administrator, which of the following data can you share that will help management make the right decision? A. Wiring schematic B. Logical network diagram C. Syslogs D. Baselines E. Physical network diagram

Answer: D

``` If an organization follows structured cabling standards, where would its demarc be located? A. Entrance facility B. Work area C. IDF D. Cross-connect facility E. Backbone ```

Answer: A

You are helping to troubleshoot a recurring problem related to obtaining and keeping a DHCP-distributed IP address on a colleague’s Windows 7 workstation. What application would allow you to configure the workstation to tally these errors and send you an email message every time such a problem occurred? A. Network and Internet Connections B. System Logger C. PuTTY D. System Manager E. Event Viewer

Answer: E

You are creating a new Linux server as a virtual machine on your Windows 8.1 workstation. Which of the following commands will tell you the IP address that is assigned to your virtual server? A. ipconfig /all at the Windows command prompt B. ifconfig –a at the Linux server’s shell prompt C. ethtool –a at the Linux server’s shell prompt D. ip addr at the Windows command prompt E. ipconfig –a at the Linux server’s shell prompt

Answer: B

``` In IPv6 addressing, which of the following prefixes indicates that an address belongs to a multicast group? A. 00FF B. 1F3E C. FF02 D. 0001 E. FEC0 ```

Answer: C

Suppose your WAN contains a segment that relies on the l0GBase-EW standard. Which of the following transmission technologies might it use? A. SONET B. Satellite C. Broadband cable D. DSL E. Metro Ethernet

Answer: A

The software on a firewall you recently installed on your network examines each incoming packet. Based on a set of criteria, including source IP address, source and destination ports, and protocols, it blocks or allows traffic. What type of system is this? (Choose all that apply.) A. Content-filtering firewall B. Stateful firewall C. Stateless firewall D. Packet-filtering firewall E. Application layer firewall

Answer: C, D

Ethernet and ATM both specify Data Link layer framing techniques. How do they differ? A. Ethernet uses CRC fields to confirm the validity of the frame, whereas ATM uses no error detection. B. Ethernet uses variably sized packets, whereas ATM uses fixed-sized cells. C. Ethernet uses synchronous transmission, whereas ATM uses asynchronous transmission. D. Ethernet uses frame headers, whereas ATM does not. E. Ethernet offers no guarantee of timely delivery, whereas ATM ensures that packets are delivered within 10 ms.

Answer: B

``` What STP configuration ensures that a laptop connected to a switch cannot alter the STP paths on the network? A. BPDU filter B. BPDU guard C. Root bridge D. BID E. Designated port ```

Answer: B