Practice Questions Flashcards by Phil Hoff

Which tool is most commonly used for analyzing and detecting network-based attacks?
A - Wireshark
B - PuTTY
C - Firewall
D - IPS

A Wireshark

Wireshark is used for analysis, firewall and IPS detect but aren’t used for analysis

How well did you know this?

Not at all

Perfectly

Which is NOT an DNS record type associated with email routing and security?
A - MX
B - SPF
C - SRV
D - TXT

C - SRV

SRV links services on network

How well did you know this?

Not at all

Perfectly

Which access control model can be used to ensure only people with the right clearance level have access to sensitive information?
A - DAC
B - MAC
C - RBAC
D - ABAC

B - MAC

Mandatory Access Control

How well did you know this?

Not at all

Perfectly

Which is a distance-vector routing protocol used in smaller networks to route between routers?
A - FTP
B - STP
C - OSPF
D - RIP

D - RIP

Limited to 16 hops

OSPF is a link state protocol, not distance vector

How well did you know this?

Not at all

Perfectly

How to ensure employees can only access work-related websites during working hours
A - Configure firewall to block ports used by these websites
B - Deploy proxy server with content filtering
C - Enable port mirroring to monitor employee web traffic in real time
D - Set up logging on the router to capture all employee traffic

B - Proxy Server with content filtering

How well did you know this?

Not at all

Perfectly

Which term refers to the backup route that EIGRP uses when the primary route fails?
A - Alternate Path
B - Feasible Successor
C - Secondary Route
D - Standby Route

B - Feasible Successor

How well did you know this?

Not at all

Perfectly

Which OSI layer is responsible for data segmentation?

Transport

How well did you know this?

Not at all

Perfectly

What is the purpose of a network with an assigned address 10.61.54.18 and mask 255.255.255.252?
A - Network with more than 200 devices
B - Multiple IP addresses assigned to a server
C - Point-to-point link between two routers
D - Reserved for use as a broadcast address

C - Point to Point

The network only contains 4 addresses, including the network address and the broadcast address, so only 2 usable addresses. Must be point to point

How well did you know this?

Not at all

Perfectly

Which technology should be used to connect 2 ports from an access switch to the core switch for redundancy and increased bandwidth without creating a loop?
A - Port Spanning
B - Port Mirroring
C - LACP
D - VTP

C - LACP

Link Aggregation Control Protocol

How well did you know this?

Not at all

Perfectly

What is best to use to identify the port on a switch that an IP phone is connected? The protocol allows devices to advertise their identity and capabilities across the net.

A - DHCP
B - LLDP
C - DNS
D - SNMP

B - LLDP

Link Layer Discovery Protocol

How well did you know this?

Not at all

Perfectly

Which technology uses an X-509 certificate to establish trust between server and client?
A - IPSec
B - PKI
C - SSH
D - WPA2

B - PKI

How well did you know this?

Not at all

Perfectly

What to use to enable routing between VMs on different networks without using a dedicated virtual router?
A - NAT
B - NFV
C - VLAN trunking
D - Bridging the virtual NICs

B - NFV

Network Function Virtualization

How well did you know this?

Not at all

Perfectly

Which WiFi frequency is most likely to get interference from a microwave?
A - 900 MHz
B - 2.4 GHz
C - 5 GHz
D - 6 GHz

B - 2.4 GHz

How well did you know this?

Not at all

Perfectly

What is the primary benefit of using a CDN?
A - Balances server load
B - Caches content, decreases latency, and improve access speed
C - Automatically blocks malicious traffic
D - Reduces cost by eliminating need for multiple data centers

Content Distribution Network

B - Caches content, decreases latency, and improve access speed

Like YouTube - stream data from your local server instead of one on the other side of the world

How well did you know this?

Not at all

Perfectly

A computer system or an application that acts as an intermediary between another computer and the Internet:
A - Bridge
B - Proxy
C - Server
D - Gateway

B - Proxy

“Intermediary”

How well did you know this?

Not at all

Perfectly

A dedicated storage appliance that can be added to a local network:
A - SAN
B - NAS
C - SSD
D - DAS

B - NAS

Network Attached Storage

How well did you know this?

Not at all

Perfectly

A dedicated local network that provides access to shared storage devices:
A - SDN
B - NAS
C - iSCSI
D - SAN

D - SAN

Storage Area Network

How well did you know this?

Not at all

Perfectly

A solution that enables the replacement of traditional network hardware functionalities with software via virtualization:
A - SDN
B - VM
C - SVI
D - NFV

D - NFV

Network Function Virtualization

How well did you know this?

Not at all

Perfectly

Characteristics of a Network Security Group (NSG)
(Select 3 answers)

A - Primarily used in traditional/non-virtualized network environments
B - Detects or prevents intrusion attempts or malicious activities within the network traffic
C - Provides firewall-like capabilities
D - Applies security rules to specific virtual NICs (more granular control)
E - Used for controlling inbound and outbound traffic in cloud computing environments
F - Applies security rules at the subnet level (less granular control)

C - Provides firewall-like capabilities

D - Applies security rules to specific virtual NICs (more granular control)

E - Used for controlling inbound and outbound traffic in cloud computing environments

How well did you know this?

Not at all

Perfectly

Characteristics of a Network Security List (NSL)
(Select 3 answers)

A - Provides firewall-like capabilities
B - Applies security rules at the subnet level (less granular control)
C - Used for controlling inbound and outbound traffic in cloud computing environments
D - Applies security rules to specific virtual NICs (more granular control)
E - Primarily used in traditional/non-virtualized network environments
F - Detects or prevents intrusion attempts or malicious activities within the network traffic

A - Provides firewall-like capabilities

C - Used for controlling inbound and outbound traffic in cloud computing environments

F - Detects or prevents intrusion attempts or malicious activities within the network traffic

How well did you know this?

Not at all

Perfectly

A type of network gateway that allows instances within a cloud environment to send and receive unencrypted traffic to and from the Internet:

A - NAT gateway
B - Internet Gateway
C - VPN Gateway
D - Default Gateway

B - Internet Gateway

How well did you know this?

Not at all

Perfectly

Functions of a cloud gateway using NAT
(Select 3 answers)
A - Enables instances within a VPC to access external networks
B - Translates private IP addresses to a public IP address
C - Restricts inbound connections from external networks
D - Translates public IP addresses to a private IP address
E - Enables inbound connections from external networks
F - Prevents instances within a VPC from accessing external networks

A - Enables instances within a VPC to access external networks
B - Translates private IP addresses to a public IP address
C - Restricts inbound connections from external networks

How well did you know this?

Not at all

Perfectly

Enables a secure, encrypted Internet connection between an on-premises network and cloud resources
A - SSH
B - IPsec
C - SSL/TLS
D - VPN

D - VPN

How well did you know this?

Not at all

Perfectly

Provides a dedicated, private connection between an on-premises network and a cloud provider
A - Direct Connect
B - VPN
C - Leased Line
D - Fibre Channel

A - Direct Connect

Private network connection between an organization’s data center and a cloud service provider’s data center.

Bypasses the public internet

How well did you know this?

Not at all

Perfectly

Automatic and dynamic adjustment of resources based on real-time demand changes A - Rapid elasticity B - Adaptive Computing C - Load Balancing D - Resource Pooling

A - Rapid elasticity Adaptive Computing is similar but expands resources as an app requires them where Rapid Elasticity concerns fluctuating demand for a service

Software architecture where multiple users, each with their own isolated environment and resources, are served by a single application instance A - Virtualization B - Multitenancy C - Sandboxing D - Containerization

B - Multitenancy

Network protocol for secure file transfer over SSH A - TFTP B - SFTP C - Telnet D - FTPS

B - SFTP SFTP uses SSH for FTP on port 22 FTPS uses SSL or TLS, using port 21 for ctrl and 990 for data

Telnet: (Select 3 answers) A - Encrypts network connection B - Provides username & password authentication C - Transmits data in an unencrypted form D - Does not provide authentication E - Enables remote login and command execution

B - Provides username & password authentication C - Transmits data in an unencrypted form E - Enables remote login and command execution

SMTP is used for: (Select 2 answers) A - Sending email messages between mail servers B - Name resolution services C - Serving of web pages D - Retrieving email messages from mail servers E - Sending email messages from a client device

A - Sending email messages between mail servers E - Sending email messages from a client device

Microsoft-proprietary protocol that provides a graphical interface for connecting to and controlling another networked host A - VDI B - RDP C - SSH D - VNC

B - RDP | Port 3389

Part of the IPsec protocol suite provides data integrity and authentication but not encryption A - ESP B - AH C - IKE D - SHA

B - AH Authentication Header

IPsec component that provides (among other security features) data confidentiality A - DES B - ESP C - AH D - RC4

B - ESP Encapsulating Security Payload

IPsec protocol used to set up secure connections and exchange cryptographic keys A - TLS B - IKE C - ESP D - DHE

B - IKE Internet Key Exchange

Which port enables the FTP data connection for transferring file data? A - UDP port 20 B - TCP port 20 C - UDP port 21 D - TCP port 21

B - TCP port 20

The FTP control connection to administer a session is established through: A - TCP port 20 B - UDP port 20 C - TCP port 21 D - UDP port 21

C - TCP port 21

The SSH protocol runs on: A - TCP port 21 B - UDP port 22 C - TCP port 20 D - TCP port 22

D - TCP port 22

Unblocking TCP port 22 enables which type(s) of traffic? (Select all that apply) A - FTPS B - SSH C - SFTP D - FTP E - Telnet

B - SSH C - SFTP SFTP is an extension of SSH and runs by default on TCP port 22

A DHCP server runs on UDP port: A - 66 B - 67 C - 68 D - 69

B - 67 | 67 - listen for client requests 68 - DHCP communication

A DHCP client runs on UDP port: A - 66 B - 67 C - 68 D - 69

C - 68

An SNMP agent receives requests on UDP port: A - 160 B - 161 C - 162 D - 163

B - 161 | UDP 161 - Mgr polls Agents UDP 162 - Agents send Traps to Mgr

An SNMP management station receives SNMP notifications from agents on UDP port: A - 160 B - 161 C - 162 D - 163

C - 162

TCP port 389 is the default network port for: A - RDP B - LDAP C - SMB D - LDAPS

B - LDAP

TCP port 445 is assigned to: A - HTTPS B - SMB C - IMAP D - LDAPS

B - SMB

The Syslog protocol runs on UDP port: A - 445 B - 514 C - 587 D - 636

B - 514

Which TCP port is used by the SMTP protocol for secure email transmission over TLS? A - 445 B - 514 C - 587 D - 636

C - 587

A network administrator wants to secure the existing access to a directory service with SSL/TLS encryption. Which of the TCP ports listed below needs to be opened to implement this change? A - 587 B - 389 C - 636 D - 514

C - 636

Which of the TCP/UDP ports listed below is used for non-encrypted SIP traffic? A - 6051 B - 5060 C - 6050 D - 5061

B - 5060

Which TCP port is used by SIP over TLS? A - 5061 B - 6050 C - 5060 D - 6051

A - 5061

Which of the following answers refer(s) to the IEEE 802.11a standard? (Select all that apply) A - 2.4 GHz frequency band B - Maximum speed: 11 Mbps C - 5 GHz frequency band D - Maximum speed: 54 Mbps E - 6 GHz frequency band F - Maximum speed: 600 Mbps

C - 5 GHz frequency band D - Maximum speed: 54 Mbps

Characteristic features of the IEEE 802.11b standard include: (Select all that apply) A - 2.4 GHz frequency band B - Maximum speed: 11 Mbps C - 5 GHz frequency band D - Maximum speed: 54 Mbps E - 6 GHz frequency band F - Maximum speed: 600 Mbps

A - 2.4 GHz frequency band B - Maximum speed: 11 Mbps

Which of the answers listed below refer(s) to the IEEE 802.11g standard? (Select all that apply) A - 2.4 GHz frequency band B - Maximum speed: 11 Mbps C - 5 GHz frequency band D - Maximum speed: 54 Mbps E - 6 GHz frequency band F - Maximum speed: 600 Mbps

A - 2.4 GHz frequency band D - Maximum speed: 54 Mbps

Which of the following answers refer(s) to the IEEE 802.11n standard? (Select all that apply) A - Wi-Fi 4 B - 2.4 GHz frequency band C - Maximum speed of up to 54 Mbps D - Wi-Fi 5 E - 5 GHz frequency band F - Maximum speed of up to 600 Mbps G - Wi-Fi 6 H - 6 GHz frequency band I - Maximum speed: 6.9 Gbps

A - Wi-Fi 4 B - 2.4 GHz frequency band E - 5 GHz frequency band F - Maximum speed of up to 600 Mbps

Which of the answers listed below refer(s) to Wi-Fi 5? (Select all that apply) A - IEEE 802.11n standard B - 2.4 GHz frequency band C - Maximum speed: 600 Mbps D - IEEE 802.11ac standard E - 5 GHz frequency band F - Maximum speed: 6.9 Gbps G - IEEE 802.11ax standard H - 6 GHz frequency band I - Maximum speed: 9.6 Gbps

D - IEEE 802.11ac standard E - 5 GHz frequency band F - Maximum speed: 6.9 Gbps

Which of the following answers refer(s) to Wi-Fi 6? (Select all that apply) A - IEEE 802.11n standard B - 2.4 GHz frequency band C - Maximum speed: 600 Mbps D - IEEE 802.11ac standard E - 5 GHz frequency band F - Maximum speed: 6.9 Gbps G - IEEE 802.11ax standard H - 6 GHz frequency band I - Maximum speed: 9.6 Gbps

B - 2.4 GHz frequency band E - 5 GHz frequency band G - IEEE 802.11ax standard I - Maximum speed: 9.6 Gbps

Which of the answers listed below refer to Wi-Fi 6E? (Select all that apply) A - IEEE 802.11n standard B - Maximum speed: 600 Mbps C - IEEE 802.11ac standard D - Maximum speed: 6.9 Gbps E - IEEE 802.11ax standard F - Maximum speed: 9.6 Gbps

E - IEEE 802.11ax standard F - Maximum speed: 9.6 Gbps

Which of the following frequency bands are supported by Wi-Fi 6E-compatible devices? A - 2.4 GHz B - 5 GHz C - 6 GHz

All of the above

Amendment to the IEEE 802.11 standard, introduced to address spectrum and power management issues in wireless networks A - 802.11h B - 802.11k C - 802.11s D - 802.11x

A - 802.11h

A shared secret authentication method used in WPA and WPA2 A - IKE B - SAE C - MFA D - PSK

D - PSK Pre-Shared Key

Which of the following wireless security protocols uses a pre-shared key for authentication and encryption? A - 802.1X B - WPA3-SAE C - TKIP D - WPA2-Enterprise E - None of the above

E - None of the above

Which of the names listed below refers to 10-gigabit Ethernet over twinaxial cable? A - 10GBASE-LR B - 10GBASE-T C - 10GBASE-SR D - 10GBASE-CR

D - 10GBASE-CR

Short-range Ethernet over multimode fiber (Select 2 answers) A - 10GBASE-CR B - 1000BASE-LX C - 10GBASE-SR D - 1000BASE-SX E - 10GBASE-LR

C - 10GBASE-SR D - 1000BASE-SX

Long-range Ethernet over single-mode fiber (Select 2 answers) A - 10GBASE-LR B - 1000BASE-SX C - 10GBASE-CR D - 1000BASE-LX E - 10GBASE-SR

A - 10GBASE-LR D - 1000BASE-LX

What are the characteristic traits of single-mode fiber optics? (Select 3 answers) A - Supports transmission distances of up to 2 km B - Typically costs more than multimode fiber optics C - Uses LED as the source of light D - Supports transmission distances of up to 100 km or more E - Uses laser as the source of light F - Typically costs less than multimode fiber optics

B - Typically costs more than multimode fiber optics D - Supports transmission distances of up to 100 km or more E - Uses laser as the source of light

Which of the following answers accurately describe(s) DAC cable? (Select all that apply) A - Long-distance cable runs B - A cabling type commonly used in data centers C - Low-speed connections D - Commonly implemented using twinaxial cabling E - Short-range cable runs F - General-purpose network cabling G - High-speed connections

Direct Attach Copper cable B - A cabling type commonly used in data centers D - Commonly implemented using twinaxial cabling E - Short-range cable runs G - High-speed connections

Which of the following answers refer to the characteristics of multimode fiber optics? (Select 3 answers) A - Uses laser as the source of light B - Supports transmission distances of up to 2 km C - Typically costs more than single-mode fiber optics D - Supports transmission distances of up to 100 km or more E - Typically costs less than single-mode fiber optics F - Uses LED as the source of light

B - Supports transmission distances of up to 2 km E - Typically costs less than single-mode fiber optics F - Uses LED as the source of light

Maximum data transfer rate for Cat 7 cabling over a standard 100-meter cable segment length A - 10 Gbps B - 25 Gbps C - 40 Gbps D - 100 Gbps

C - 40 Gbps

Characteristics of Category 8 (Cat 8) cabling (Select all that apply) A - Long-distance, high-speed links B - 25GBASE-T C - Optimized for datacenter equipment D - 40GBASE-T E - Short-distance (approx. 30 meters), high-speed links F - 100GBASE-T G - General-purpose network cabling

B - 25GBASE-T C - Optimized for datacenter equipment D - 40GBASE-T E - Short-distance (approx. 30 meters), high-speed links

Two-layer, full-mesh topology commonly used in data centers A - Spine and leaf B - Client-server C - Point-to-multipoint D - Collapsed core

A - Spine and leaf

Distribution layer of the three-tier hierarchical model Select 2 answers A - Acts as an intermediary between the core and access layers B - Provides direct connectivity to end devices C - Handles high-speed traffic between different parts of the network D - Manages physical connections and cabling E - Provides routing, filtering, and traffic management functions

A - Acts as an intermediary between the core and access layers E - Provides routing, filtering, and traffic management functions

Access layer of the three-tier hierarchical model Select 3 answers A - Ensures that critical traffic receives priority over less important traffic (QoS) B - Acts as an intermediary between the core and distribution layers C - Implements security measures to control network access D - Provides the physical or wireless connections for end devices to access the network E - Handles high-speed traffic between different parts of the network

A - Ensures that critical traffic receives priority over less important traffic (QoS) C - Implements security measures to control network access D - Provides the physical or wireless connections for end devices to access the network

Traffic flow between external networks (such as the Internet) and internal network resources (like servers or data centers) A - Inter-network traffic B - East-west traffic C - Cross-network traffic D - North-south traffic

D - North-south traffic

Traffic flow between devices within the same data center or network A - Intra-network traffic B - East-west traffic C - Cross-network traffic D - North-south traffic

B - East-west traffic

APIPA uses the address block range A - 169.254.0.0 to 169.254.255.255 B - 172.16.0.0 to 172.31.255.255 C - 192.168.0.0 to 192.168.255.255 D - 127.0.0.0 to 127.255.255.255

A - 169.254.0.0 to 169.254.255.255

Which RFC describes the concept of private IP addressing? A - RFC 4949 B - RFC 1918 C - RFC 1208 D - RFC 1983

B - RFC 1918

IPv4 address range used for loopback addresses A - 128.0.0.0 – 128.255.255.255 (128.0.0.0/8) B - 0.0.0.0 – 0.255.255.255 (0.0.0.0/8) C - 169.254.0.0 – 169.254.255.255 (169.254.0.0/16) D - 127.0.0.0 – 127.255.255.255 (127.0.0.0/8)

D - 127.0.0.0 – 127.255.255.255 (127.0.0.0/8)

The operational status of a NIC can be checked by pinging: Select all that apply A - FE80::/10 B - ::/127 C - localhost D - ::1 E - 127.0.0.1 F - 0:0:0:0:0:0:0:1

C - localhost E - 127.0.0.1 D - ::1

Increases the efficiency of IP address space management by allowing network administrators to divide networks into subnets of different sizes A - DHCP B - VLAN C - IPAM D - VLSM

D - VLSM Variable Length Subnet Mask

What are the characteristic features of the 192.168.0.0 - 192.168.255.255 (192.168.0.0/16) IPv4 address space? Select 2 answers A - Class A range B - Public IP address range C - Class B range D - Non-routable (private) IP address range E - Class C range

D - Non-routable (private) IP address range E - Class C range

Which of the following answers refer to the IPv4 multicast address block? Select 2 answers A - 128 - 191 B - Class B range C - 192 - 223 D - Class C range E - 224 - 239 F - Class D range

E - 224 - 239 F - Class D range

Which of the answers listed below refer to 172.16.0.0 - 172.31.255.255 (172.16.0.0/12) ? Select 2 answers A - Class A range B - Public IP address range C - Class B range D - Non-routable (private) IP address range E - Class C range

C - Class B range D - Non-routable (private) IP address range

What are the characteristic features of 192.168.0.0 - 192.168.255.255 (192.168.0.0/16) ? Select 2 answers A - Class A range B - Public IP address range C - Class B range D - Non-routable (private) IP address range E - Class C range

D - Non-routable (private) IP address range E - Class C range

How to calculate the number of available hosts in a subnet

Hosts = 2^(32-N) - 2 Where N = number of Network Bits (CIDR /#)

What is the binary representation of the 255.255.128.0 subnet mask?

11111111.11111111.10000000.00000000

What is the first valid host address for a node residing in the 10.119.136.143/20 network?

10.119.128.1

What is the CIDR notation for 255.255.224.0 subnet mask?

/19

What is the binary notation of the decimal number 252?

11111100

How many usable IP addresses can be assigned to hosts on a /26 subnet?

What is the network address for the 192.168.223.15 255.255.255.252 host?

192.168.223.12

What is the broadcast address for the 46.28.247.109/10 network?

46.63.255.255

What is the maximum valid range for IP addresses that can be assigned to hosts on the 134.170.185.46 255.255.128.0 network?

134.170.128.1 - 134.170.255.254

What is the broadcast address for the 192.168.50.155/20 network?

192.168.63.255

What is the maximum number of subnets and hosts per subnet for the 192.168.50.247 255.255.255.224 network?

8 subnets, 30 hosts per subnet

What is the binary representation of the 255.254.0.0 subnet mask?

11111111.11111110.00000000.00000000

What is the decimal notation of the binary number 11100000?

224

What is the maximum valid range for IP addresses that can be assigned to hosts on the 192.168.100.248 255.255.255.248 network?

192.168.100.249 - 192.168.100.254

What is the dot-decimal representation of a /13 subnet mask?

255.248.0.0

What is the CIDR notation of the 255.192.0.0 subnet mask?

/10

What is the last usable host IP address on the 192.168.32.9/30 network?

192.168.32.10

What is the maximum number of hosts per subnet for the 10.47.255.1/20 network?

4094 hosts

What is the network address for the 154.24.67.147/22 host?

154.24.64.0

What is the last usable host IP address for the 172.45.120.0/23 network?

172.45.121.254

What is the first usable host IP address on the 172.26.56.110/27 network?

172.45.121.254

What is the first usable host IP address on the 172.26.56.110/27 network?

172.26.56.97

What is the CIDR notation of the 255.255.255.224 subnet mask?

/27

An IPv6 link-local address is an equivalent of IPv4's: A - APIPA address B - Routable IP address C - Public IP address D - MAC address

A - APIPA address

Compress FE80:00A7:0000:0000:02AA:0000:4C00:FE9A

FE80:A7::2AA:0:4C00:FE9A

IPv6 link-local address

FE80::/10

IPv6 address range for Globally-Routable addresses

between 2000 and 3FFF (or simply with a 2 or 3 as the first digit)

Technique that encapsulates IPv6 packets within IPv4 headers, allowing IPv6 traffic to traverse IPv4 networks A - NAT64 B - Dual stack IP C - Tunneling D - DHCPv6

C - Tunneling

IPv6 loopback address

::1

Which of the following statements describes IaC playbooks? A - A set of user roles and permissions used to enforce access control and security policies B - Step-by-step instructions for automating processes such as deployments, configurations, or updates C - Dynamic content or configurations, which can be filled in with specific values at runtime D - Scripts used to automate repetitive system administration tasks and functions

B - Step-by-step instructions for automating processes such as deployments, configurations, or updates

Which of the answers listed below refers to IaC templates? A - Step-by-step instructions for automating processes such as deployments, configurations, or updates B - A set of user roles and permissions used to enforce access control and security policies C - Scripts used to automate repetitive system administration tasks and functions D - Dynamic content or configurations, which can be filled in with specific values at runtime

D - Dynamic content or configurations, which can be filled in with specific values at runtime

Which IaC automation component enables the real-time retrieval, storage, and management of configuration data? A - Configuration templates B - Dynamic repositories C - State files D - Version control systems

B - Dynamic repositories

Match Routing Type with Protocol Distance Vector EIGRP Link State ISIS Path Vector RIP Hybrid OSPF BGP

Distance Vector RIP Link State OSPF, ISIS Path Vector BGP Hybrid EIGRP

Which of the following answers can be used to describe FHRP? (Select 3 answers) A - Virtual IP address shared among several routers B - Automatic failover between devices C - Redundancy for gateway devices D - Static IP address assignment to all routers E - Load balancing across all active routers

A - Virtual IP address shared among several routers B - Automatic failover between devices C - Redundancy for gateway devices

Which of the following answers refer link-state routing protocols? (Select 3 answers) A - Routers periodically share their routing tables with immediate neighbors to maintain up-to-date route information B - Each router maintains a complete map of the network topology C - Routers send updates only when there are network changes, reducing unnecessary traffic D - Converge quickly after network changes, improving reliability in larger networks E - Routes are determined based on the shortest distance, typically measured in hops

B - Each router maintains a complete map of the network topology C - Routers send updates only when there are network changes, reducing unnecessary traffic D - Converge quickly after network changes, improving reliability in larger networks

Which of the answers listed below describe the features of path-vector routing protocols? (Select 2 answers) A - Combines distance-vector and link-state features B - Used for inter-domain routing between ASs, such as in the Internet C - Routers store and share the full path (sequence of ASs) to each destination, rather than simple distance metrics D - Primarily used for intra-domain routing within a single AS E - Routes are determined based on the shortest distance, typically measured in hops

B - Used for inter-domain routing between ASs, such as in the Internet C - Routers store and share the full path (sequence of ASs) to each

Which of the following is an example of a distance-vector routing protocol? A - EIGRP B - BGP C - OSPF D - RIP E - IS-IS

D - RIP

Which of the following is an example of a link-state routing protocol? A - EIGRP B - BGP C - OSPF D - RIP E - IS-IS

C - OSPF E - IS-IS

Which of the following is an example of a hybrid routing protocol? A - EIGRP B - BGP C - OSPF D - RIP E - IS-IS

A - EIGRP

Which of the following is an example of a path-vector routing protocol? A - EIGRP B - BGP C - OSPF D - RIP E - IS-IS

B - BGP

Which of the following terms refers to a logical grouping of computers that allows computer hosts to act as if they are attached to the same broadcast domain regardless of their physical location? A - VPN B - Intranet C - Screened subnet D - VLAN

D - VLAN

Which feature should the administrator use to centrally store and maintain a record of all configured VLANs? A - VLAN database B - MAC address table C - Network topology map D - IP routing table

A - VLAN database

A logical interface that enables communication between devices that belong to different VLANs (inter-VLAN routing) A - NAT B - SVI C - VTP D - STP

B - SVI

Which of the following solutions enables combining several physical ports of a switching device into a single logical channel? A - RSTP B - VRRP C - LACP D - HSRP

C - LACP Link Aggregation Control Protocol

Which of the following refers to a network protocol designed to enhance network convergence speed and prevent switching loops? A - RTP B - SRTP C - STP D - RSTP

D - RSTP Rapid Spanning Tree Protocol is an enhanced version of STP, offering faster convergence times and improved network stability

A single non-standard Ethernet frame that allows for a much larger maximum payload size is called: A - Giant frame B - STP frame C - Jumbo frame D - Magic packet

C - Jumbo frame

Which of the acronyms listed below refers to a cable rack type that interconnects wiring between the MDF and end devices within a specific area or floor? A - DCI B - PDU C - DTE D - IDF

D - IDF Intermediate Distribution Frame

Which of the following handles the flow of hot air within the equipment rack? A - Rack-mounted filter B - Port-side exhaust C - Air deflector D - Cross-flow ventilation

B - Port-side exhaust

A type of design in which a network equipment's ports face the cold aisle enabling direct and unobstructed flow of cool air into the equipment is referred to as: A - Front-to-back cooling B - Vertical airflow design C - Port-side intake D - Cold aisle containment

C - Port-side intake

Which of the following answers refers to a device designed to supply (and monitor the quality of) electric power to multiple outlets? A - PSU B - RPS C - PDU D - SVC

C - PDU Power Distribution Unit

An agreement between a service provider and users defining the nature, availability, quality, and scope of the service to be provided is referred to as: A - SOW B - MSA C - SLA D - MOU

C - SLA Service Level Agreement

Which of the following terms refers to an agreement that specifies performance requirements for a vendor? A - MSA B - SLA C - MOU D - SOW

B - SLA Service Level Agreement

An SNMP community string provides the functionality of a(n): A - Session token B - Password C - Encryption key D - Device ID

B - Password

Core functionalities of SIEM A - Monitors bandwidth usage across the network B - Conducts vulnerability assessments C - Enforces security policies on endpoints D - Collects, aggregates, and analyzes log data

D - Collects, aggregates, and analyzes log data Security Information and Event Management

Examples of protocols specifically designed to provide confidentiality and privacy for DNS data include: (Select all that apply) A - DNSSEC B - DoH C - DTLS D - DoT E - SSL/TLS

B - DoH D - DoT DNS over HTTPS DNS over TLS

Which of the following can be used on a local machine to override DNS settings? A - NIC settings B - Hosts file C - DNS cache D - Routing table

B - Hosts file simple text file that maps hostnames (like "www.example.com") to IP addresses

Which of the answers listed below refers to a dedicated, secure system that acts as an intermediary to access devices or systems in a different, typically more secure, network segment? A - Jump box/host B - Authentication server C - Network firewall D - Access gateway

A - Jump box/host Also known as a Bastion Host

The practice of managing devices through the same network channels that are used for regular data traffic is called A - In-path management B - Inline management C - In-band management D - Integrated management

C - In-band management

Which of the answers listed below can be used to describe self-signed digital certificates? (Select 3 answers) A - Backed by a well-known and trusted third party B - Not trusted by default by web browsers and other applications C - Used in trusted environments, such as internal networks and development environments D - Suitable for websites and other applications that are accessible to the public E - Trusted by default by web browsers and other applications F - Not backed by a well-known and trusted third party

B - Not trusted by default by web browsers and other applications C - Used in trusted environments, such as internal networks and development environments F - Not backed by a well-known and trusted third party

Which of the following answers refers to a framework for managing access control to digital resources? A - PAM B - SSO C - IAM D - MFA

C - IAM Identity and Access Management

Which of the answers listed below refers to a markup language used to exchange authentication and authorization data? A - JSON B - XML C - SAML D - XHTML

C - SAML Security Assertion Markup Language

Which of the following answers refers to a AAA protocol primarily used for managing access to network devices? A - SNMP B - TACACS+ C - SSH D - RADIUS

B - TACACS+ Terminal Access Controller Access-Control System

The purpose of PCI DSS is to provide protection for: A - Credit cardholder data B - Licensed software C - User passwords D - Personal health information

A - Credit cardholder data Payment Card Industry - Data Security Standard

Which of the answers listed below refers to a specific type of ICS? A - SoC B - CMS C - SCADA D - RTOS

C - SCADA Supervisory Control and Data Acquisition

Which of the acronyms listed below refers to a technology that encompasses all hardware and software systems used for monitoring and controlling physical devices, processes, and industrial operations? A - IIoT B - OT C - SCADA D - ICS

B - OT Operational Technology

Which operational state indicates that a port has been shut down by the switch due to network errors, security violations, or configuration issues? A - Blocking B - Error disabled C - Administratively down D - Suspended

B - Error disabled

Which port interface status indicates that a switch port is temporarily inactive due to network conditions, configuration settings, or security policies? A - Standby B - Disabled C - Suspended D - Dormant

C - Suspended

Which troubleshooting step would NOT be helpful in resolving the issue of the total power consumption of connected PoE devices exceeding the available power budget of a PoE switch? A - Checking the total power budget of the PoE switch and the power requirements of all connected devices B - Using a multimeter to measure and verify the power consumption of individual devices C - Disconnecting non-essential PoE devices to reduce the load on the power budget D - Upgrading to a PoE switch with a higher power budget or adding an external PoE injector if necessary E - Ensuring the switch's firmware is up to date, as it can improve power consumption metrics in some cases

B - Using a multimeter to measure and verify the power consumption of individual devices

A bridge ID is a unique identifier (a combination of a switch's priority value and its MAC address) used to determine the root bridge in a network. Based on its bridge ID, which of the devices listed below would be selected as the root bridge? Switch A: 40960-00:0A:95:9D:68:16 Switch B: 32768-00:0A:95:9D:68:17 Switch C: 40960-00:0A:95:9D:68:18 Switch D: 32768-00:0A:95:9D:68:19

Switch B: 32768-00:0A:95:9D:68:17

Which of the following answers refers to a switch port that has the lowest path cost to the root bridge on a particular network segment? A - Default port B - Priority port C - Designated port D - Active port

C - Designated port

The port on a non-root bridge switch with the best path cost to the root bridge is referred to as: A - Designated port B - Root port C - Default port D - Forwarding port

B - Root port

Which of the following answers refers to a switch port that has been manually shut down and does not forward any type of traffic? A - Suspended port B - Disabled port C - Blocked port D - Non-active port

B - Disabled port

Inactive switch ports that are not part of the best path are said to be in: A - Standby state B - Idle state C - Listening state D - Blocking state

D - Blocking state

Which of the answers listed below describes a switch port in the blocking state? A - Prepares to forward traffic and listens for BPDU messages, but does not forward frames B - Learns MAC addresses to populate the MAC table, but does not forward frames C - Forwards traffic and updates the MAC table, actively participating in network communication D - Does not forward traffic and only listens to BPDU messages to prevent loops

D - Does not forward traffic and only listens to BPDU messages to prevent loops

Which of the following answers refers to a command-line packet capturing utility? A - netcat B - tcpreplay C - nmap D - tcpdump

D - tcpdump

Which netstat parameter allows displaying all active TCP connections and the TCP/UDP ports on which the computer is listening? -a -p -e -r

-a

Which of the following netstat parameters allows displaying the names of applications and executable file components that are accessing the network? -a -n -b -p

-b

The arp command can be used to perform what kind of resolution? A - IP to FQDN B - MAC to IP C - IP to MAC ( Missed) D - FQDN to IP

C - IP to MAC ( Missed)

Which of the following answers refers to a vendor-neutral protocol used for network devices to advertise their identity, capabilities, and neighbors on a LAN? A - LACP B - Syslog C - LLDP D - SNMP

C - LLDP Link Layer Discovery Protocol

Which of the answers listed below refers to a Cisco-proprietary network protocol used by Cisco devices to share information about directly connected devices, such as device identity, capabilities, and IP address information? A - LLDP B - NDP C - CDP D - LACP

C - CDP Cisco Discovery Protocol

A Wi-Fi analyzer is not designed for: A - Measuring the strength of the Wi-Fi signal ( Your answer) B - Detecting interference from other devices or networks C - Analyzing wireless channel usage D - Capturing and inspecting network traffic data

D - Capturing and inspecting network traffic data

Which of the following commands displays the MAC address table of a switch or router, showing which MAC addresses are associated with which ports? A - ip link show B - arp -a C - show mac-address-table D - getmac

C - show mac-address-table

Which of the commands listed below would be useful for diagnosing and troubleshooting issues on devices with PoE capabilities? A - show voltage B - show power C - show wattage D - show load

B - show power

At which OSI layers is the protocol data unit referred to simply as data? Application Layer Presentation Layer Session Layer Transport Layer Network Layer Data Link Layer Physical Layer

Application Layer Presentation Layer Session Layer

A dedicated storage appliance that can be added to a local network is known as: SAN NAS SSD DAS

NAS A share drive

A dedicated local network consisting of devices providing data access is called: SDN NAS iSCSI SAN

SAN SharePoint

One of the key benefits provided by a CDN is the improvement of: Content load times Host security User management process Network storage capacity

Content load times Content Delivery Network Caches data at the outer edge of the network for faster delivery outside the network

SFTP vs FTPS

SFTP: - FTP using SSH FTPS - FTP using SSL/TLS

Which of the answers listed below can be used to describe the concept of a Network Security Group (NSG)? (Select 3 answers) A - Primarily used in traditional/non-virtualized network environments B - Detects or prevents intrusion attempts or malicious activities within the network traffic C - Provides firewall-like capabilities D - Applies security rules to specific virtual NICs (more granular control) E - Used for controlling inbound and outbound traffic in cloud computing environments F - Applies security rules at the subnet level (less granular control)

C - Provides firewall-like capabilities D - Applies security rules to specific virtual NICs (more granular control) E - Used for controlling inbound and outbound traffic in cloud computing environments NSG - More Granular - Rules to individual NICs

Which of the following answers refer to the characteristics of a Network Security List (NSL)? (Select 3 answers) A - Provides firewall-like capabilities B - Applies security rules at the subnet level (less granular control) C - Used for controlling inbound and outbound traffic in cloud computing environments D - Applies security rules to specific virtual NICs (more granular control) E - Primarily used in traditional/non-virtualized network environments F - Detects or prevents intrusion attempts or malicious activities within the network traffic

Which of the statements listed below describe the functions of a cloud gateway using NAT? (Select 3 answers) A - Enables instances within a VPC to access external networks B - Translates private IP addresses to a public IP address C - Restricts inbound connections from external networks D - Translates public IP addresses to a private IP address E - Enables inbound connections from external networks F - Prevents instances within a VPC from accessing external networks

A - Enables instances within a VPC to access external networks B - Translates private IP addresses to a public IP address C - Restricts inbound connections from external networks

Which of the terms listed below refers to the automatic and dynamic adjustment of resources based on real-time demand changes? A - Rapid elasticity B - Adaptive computing C - Load balancing D - Resource pooling

A - Rapid elasticity

B - Provides username & password authentication C - Transmits data in an unencrypted form ( Your answer) E - Enables remote login and command execution ( Your answer)

Which port enables the FTP data connection for transferring file data? UDP port 20 TCP port 20 UDP port 21 TCP port 21

TCP port 20

The FTP control connection to administer a session is established through: TCP port 20 UDP port 20 TCP port 21 UDP port 21

TCP port 21

An SNMP agent receives requests on UDP port: 160 161 162 163

161

An SNMP management station receives SNMP notifications from agents on UDP port: 160 161 162 163

162

TCP port 389 is the default network port for: RDP LDAP SMB LDAPS

LDAP

TCP port 445 is assigned to: HTTPS SMB IMAP LDAPS

SMB

The Syslog protocol runs on UDP port: 445 514 587 636

514

Which TCP port is used by the SMTP protocol for secure email transmission over TLS? 445 514 587 636

587

636

Which of the following services runs on TCP port 1433? SMTPS SIP IMAPS SQL Server

SQL Server

Which of the TCP/UDP ports listed below is used for non-encrypted SIP traffic? 6051 5060 6050 5061

5060

Which TCP port is used by SIP over TLS? 5061 6050 5060 6051

5061

Which of the following protocols is used by network devices to send error messages and operational information, enabling administrators to diagnose and troubleshoot issues with IP packet delivery? CCMP RSTP ICMP SNMP

ICMP

The IEEE 802.3 is a collection of standards for: Token ring LANs Wired Ethernet Cable modems Wireless Ethernet

Wired Ethernet

Which of the answers listed below refer(s) to the IEEE 802.11g standard? (Select all that apply) 2.4 GHz frequency band Maximum speed: 11 Mbps 5 GHz frequency band Maximum speed: 54 Mbps 6 GHz frequency band Maximum speed: 600 Mbps

2.4 GHz frequency band Maximum speed: 54 Mbps

Which of the following answers refer(s) to the IEEE 802.11n standard? (Select all that apply) Wi-Fi 4 2.4 GHz frequency band Maximum speed of up to 54 Mbps Wi-Fi 5 5 GHz frequency band Maximum speed of up to 600 Mbps Wi-Fi 6 6 GHz frequency band Maximum speed: 6.9 Gbps

Wi-Fi 4 2.4 GHz frequency band 5 GHz frequency band Maximum speed of up to 600 Mbps

Which of the answers listed below refer(s) to Wi-Fi 5? (Select all that apply) IEEE 802.11n standard 2.4 GHz frequency band Maximum speed: 600 Mbps IEEE 802.11ac standard 5 GHz frequency band Maximum speed: 6.9 Gbps IEEE 802.11ax standard 6 GHz frequency band Maximum speed: 9.6 Gbps

IEEE 802.11ac standard 5 GHz frequency band Maximum speed: 6.9 Gbps

Which of the following answers refer(s) to Wi-Fi 6? (Select all that apply) IEEE 802.11n standard 2.4 GHz frequency band Maximum speed: 600 Mbps IEEE 802.11ac standard 5 GHz frequency band Maximum speed: 6.9 Gbps IEEE 802.11ax standard 6 GHz frequency band Maximum speed: 9.6 Gbps

2.4 GHz frequency band 5 GHz frequency band IEEE 802.11ax standard Maximum speed: 9.6 Gbps

Which of the answers listed below refer to Wi-Fi 6E? (Select 2 answers) IEEE 802.11n standard Maximum speed: 600 Mbps IEEE 802.11ac standard Maximum speed: 6.9 Gbps IEEE 802.11ax standard Maximum speed: 9.6 Gbps

IEEE 802.11ax standard Maximum speed: 9.6 Gbps

Which of the names listed below refers to 10-gigabit Ethernet over twinaxial cable? 10GBASE-LR 10GBASE-T 10GBASE-SR 10GBASE-CR

10GBASE-CR

Which of the following answers refer to short-range Ethernet over multimode fiber? (Select 2 answers) 10GBASE-CR 1000BASE-LX 10GBASE-SR 1000BASE-SX 10GBASE-LR

10GBASE-SR 1000BASE-SX

Which of the answers listed below refer to long-range Ethernet over single-mode fiber? (Select 2 answers) 10GBASE-LR 1000BASE-SX 10GBASE-CR 1000BASE-LX 10GBASE-SR

10GBASE-LR 1000BASE-LX

Which of the following answers accurately describe(s) DAC cable? (Select all that apply) Long-distance cable runs A cabling type commonly used in data centers Low-speed connections Commonly implemented using twinaxial cabling Short-range cable runs General-purpose network cabling High-speed connections

A cabling type commonly used in data centers Commonly implemented using twinaxial cabling Short-range cable runs High-speed connections

Which of the following answers refer(s) to the characteristics of Category 8 (Cat 8) cabling? (Select all that apply) A - Long-distance, high-speed links B - 25GBASE-T C - Optimized for data center equipment D - 40GBASE-T E - Short-distance (approx. 30 meters), high-speed links F - 100GBASE-T G - General-purpose network cabling

B - 25GBASE-T C - Optimized for data center equipment D - 40GBASE-T E - Short-distance (approx. 30 meters), high-speed links

What are the speed/distance limitations of twinaxial cabling? (3 speed/distance pairs)

10 Gbps at a distance of up to 10 meters 40 Gbps at a distance of up to 7 meters 100 Gbps at a distance of up to 5 meters

Which of the answers listed below refers to a two-layer, full-mesh topology commonly used in data centers? Spine and leaf Client-server Point-to-multipoint Collapsed core

Spine and leaf

Which of the answers listed below refer to the distribution layer of the three-tier hierarchical model? (Select 2 answers) A - Acts as an intermediary between the core and access layers B - Provides direct connectivity to end devices C - Handles high-speed traffic between different parts of the network D - Manages physical connections and cabling E - Provides routing, filtering, and traffic management functions

A - Acts as an intermediary between the core and access layers E - Provides routing, filtering, and traffic management functions

Which of the following acronyms refers to a cybersecurity framework that combines networking and security functions into a single cloud-based service? SASE SWG SSE SD-WAN

SASE Secure Access Service Edge

Which of the answers listed below refers to a framework focused exclusively on delivering cloud-based security services? SASE SSE SOAR SIEM

SSE Security Service Edge

Which of the following answers lists the broadcast address for the 192.168.50.155/20 network? 192.168.31.255 192.168.47.255 192.168.63.255 192.168.79.255

192.168.63.255

Which VXLAN feature enables the creation of a single, unified network that spans multiple locations? Frame tagging Layer 2 encapsulation IP tunneling Zero-touch provisioning

Layer 2 encapsulation

D - Dynamic content or configurations, which can be filled in with specific values at runtime

Which of the answers listed below does not describe the characteristics of a distance-vector protocol? A - Routes are determined based on the shortest distance, typically measured in hops B - Simple setup, slower convergence time C - Routers periodically share their routing tables with immediate neighbors to maintain up-to-date route information D - Each router maintains a complete map of the network topology

D - Each router maintains a complete map of the network topology

A type of VLAN used to handle untagged frames on a trunk port is known as: Default VLAN Trunk VLAN Data VLAN Native VLAN

Native VLAN

Which of the following wireless security protocols uses a pre-shared key for authentication and encryption? 802.1X WPA3-SAE TKIP WPA2-Enterprise None of the above

None of the above

Which of the acronyms listed below refers to a cable rack type that interconnects wiring between the MDF and end devices within a specific area or floor? DCI PDU DTE IDF

IDF Intermediate Distribution Frame

Which of the following answers refers to a framework for managing access control to digital resources? PAM SSO IAM MFA

IAM Identity Access Management

Which of the following terms refers to a broad category of control and automation systems used in industrial settings to monitor and control physical processes and machinery? ICS SCADA OT IIoT

ICS Industrial Control System

OT Operational Technology

A network security technique that controls access to specific websites or categories of websites by blocking or allowing access based on the website address is known as: Domain blacklisting URL filtering Web address exclusion Content filtering

URL filtering

Which of the answers listed below refers to a network security technique that involves inspecting data streams for specific criteria, such as keywords, file types, or patterns that could indicate inappropriate, harmful, or malicious content? Packet filtering Stateful inspection Content filtering Malware inspection

Content filtering

Which of the following answers refers to a network security solution providing a single point of protection against various types of threats? IDP AV UTM NGFW

UTM Unified Threat Management

Which of the following answers refers to a switch port that has the lowest path cost to the root bridge on a particular network segment? Default port Priority port Designated port Active port

Designated port

Which of the following answers refers to a vendor-neutral protocol used for network devices to advertise their identity, capabilities, and neighbors on a LAN? LACP Syslog LLDP SNMP

LLDP Link Layer Discovery Protocol

CDP Cisco Discovery Protocol

Which command on a router or switch would be used to display the mapping between IP addresses and MAC addresses? show interface show config show arp show mac-address-table

show arp

Which of the commands listed below would be useful for diagnosing and troubleshooting issues on devices with PoE capabilities? show voltage show power show wattage show load

show power