Practice Test Flashcards
1
Q
You suspect that someone is capturing the data sent on your network. You want to capture data to ensure that it is encrypted and cannot be read by intruders. Which of the following network utilities can both intruders and administrators use
to capture network traffic?
A. Port scanner
B. Packet filter
C. Data watcher
D. Packet sniffer
A
D. Both administrators and hackers use packet sniffers on networks to capture
network data. They are either a hardware device or software and eavesdrop on network transmissions traveling throughout the network. The packet sniffer
quietly captures data and saves it to be reviewed later. Answer A is incorrect because port scanners monitor traffic into and out of ports such as those
connected to a switch. Answers B and C are not valid traffic-monitoring technologies.
2
Q
- You have been hired to review the security of a company’s network. Upon investigation, you notice that a wireless AP has been installed in a wiring closet without the consent of the administrator. The AP is actively used by remote users to access resources on the company’s network. Which security problem does this represent?
A. Rogue protocol interception
B. Rogue AP
C. Network sniffing
D. Social engineering
A
B. A rogue access point describes a situation in which a wireless access point has been placed on a network without the administrator’s knowledge. The result is that it is possible to remotely access the rogue access point, because it likely does not adhere to company security policies. Answers A and C are not valid security risk types. Answer D is a type of attack that involves tricking people into performing actions or divulging confidential information such as passwords or usernames.
3
Q
- You have been employed by a small company to implement a fault-tolerant hard
disk configuration. You have purchased four 4TB hard disks, and you plan to
install RAID 5 on the server. What is the storage capacity of the RAID solution?
A. 12TB
B. 4TB
C. 8TB
D. 16TB
A
A. RAID 5 reserves the equivalent space of one disk in the array for parity information. The parity information is used to rebuild the data in the event of a hard disk crash. This scenario has four 4TB hard disks. With one reserved for parity, you have 16TB total space; with 4TB removed for parity, there are 12TB of actual data storage
4
Q
You have been called in to troubleshoot a small network. The network uses
TCP/IP and statically assigned IPv4 information. You add a new workstation to
the network. It can connect to the local network but not to a server on a remote
network. Which of the following is most likely the cause of the problem?
❍ A. Incorrect IP address.
❍ B. Incorrect default gateway.
❍ C. The DHCP server is unavailable.
❍ D. Duplicate IP addresses are being used.
A
B. To connect to systems on a remote network, the default gateway address
must be correctly assigned. If this address is manually entered, the number
might have been incorrectly entered. Because the system can connect to the
local network, the address is correctly assigned. Answer C is incorrect because
IP addresses are statically assigned. Answer D is incorrect because duplicate
addresses prevent the system from logging on to the network.
5
Q
Under what circumstance would you change the default channel on an access
point?
❍ A. When channel overlap occurs between access points
❍ B. To release and renew the SSID
❍ C. To increase the security settings
❍ D. To decrease the security settings
A
A. Ordinarily the default channel used with a wireless device is adequate.
However, it may be necessary to change the channel if overlap with another
nearby access point occurs. The channel should be changed to another,
nonoverlapping channel. Answer B is not valid. Answers C and D are incorrect
because changing the channel would not inherently impact the security
settings.
6
Q
On several occasions your wireless router has been compromised, and intruders
are logging onto it. Which of the following strategies could you use to increase
the security of the wireless routers? (Choose the two best answers.)
❍ A. Use SSL
❍ B. Disable SSID broadcast
❍ C. Use MAC filtering
❍ D. Use wireless filtering
A
B, C. Administrators can take several security steps to help secure a wireless
access point. This includes disabling the SSID broadcast. This makes it more
difficult for intruders to get the name of your wireless network. MAC filtering
is used to accept or deny client systems based on their MAC address. MAC
filtering is an example of an access control list (ACL). Answer A is incorrect
because SSL is a security protocol used to increase data transmission
security. Answer D is incorrect because wireless filtering is not a valid security
measure.
7
Q
You have just purchased a new wireless access point. You change the security
settings to use 128-bit encryption. How must the client systems be configured?
❍ A. All client systems must be set to 128-bit encryption.
❍ B. The client system inherits security settings from the AP.
❍ C. Wireless security does not support 128-bit encryption.
❍ D. The client wireless settings must be set to autodetect
A
A. On a wireless connection between an access point and the client, each system
must be configured to use the same settings, which includes the SSID,
and security settings. In this question, both the client and the AP must be
configured to use 128-bit encryption. Answer B is incorrect because the client
does not inherit the information from the AP. Answer C is incorrect because
wireless security (including WEP) does support 128-bit encryption (with
WPA and WPA2 supporting 256-bit encryption). Answer D is incorrect
because not all wireless clients have an autodetect feature.
8
Q
8. Which of the following topology type offers the greatest amount of redundancy? ❍ A. Star ❍ B. Bus ❍ C. Ring ❍ D. Mesh
A
D. In a mesh topology, each device is connected directly to every other device
on the network. Such a structure requires that each device have at least two
network connections. Answers A, B, and C do not offer the same level of
redundancy as a mesh topology.
9
Q
You need to install a network printer, and you require the printer’s MAC address
to finish the installation. Which of the following is a valid MAC address?
❍ A. 192.168.2.13
❍ B. 0x00007856
❍ C. 00:04:e2:1c:7b:5a
❍ D. 56g78:00h6:1415
A
C. A MAC address contains six hexadecimal number sets. The first three sets
represent the manufacturer’s code, whereas the last three identify the unique
station ID. Answer A is incorrect because the number is a valid internal IP
address. Answers B and D are not valid MAC addresses.
10
Q
You have been called in to replace a faulty ST connector. Which of the following media types are you working with? ❍ A. RG-58 ❍ B. RG-62 ❍ C. Single-mode fiber ❍ D. SCSI
A
C. ST connectors are a twist-type connector used with single-mode fiber.
Answer A is incorrect because RG-58 (thin coax) uses BNC-type connectors.
Answer B is incorrect because RG-62 (thick coax) uses vampire-type AUI connectors.
Answer D is incorrect because SCSI cables use a variety of connector
types, none of which include ST connectors.
11
Q
- Your manager asks you to recommend a secure way to copy files between a
server on your network and a remote server in another location. Which of the following
solutions are you most likely to recommend?
❍ A. TFTP
❍ B. FTP
❍ C. SFTP
❍ D. IGMP
A
C. Secure File Transfer Protocol (SFTP) enables you to securely copy files
from one location to another. SFTP provides authentication and encryption
capabilities to safeguard data. Answer A is incorrect because TFTP is a mechanism
that provides file-transfer capabilities, but it does not provide security.
Answer B is incorrect because FTP provides basic authentication mechanisms,
but it does not provide encryption. Answer D is incorrect because IGMP is a
protocol associated with multicast group communications. It is not a file
transfer protocol.
12
Q
- You are setting up a wide area network between two school campuses, and you
decide to use BRI ISDN. What is the maximum throughput of your connection?
❍ A. 64Kbps
❍ B. 128Kbps
❍ C. 128Mbps
❍ D. 64Mbps
A
B. BRI ISDN uses two 64-Kbps data channels. Combined, BRI ISDN offers a
128-Kbps transfer rate.
13
Q
- You are troubleshooting an older 100BaseT network, and you suspect that the
maximum cable length has been exceeded. What is the maximum length of a
100BaseT network segment?
❍ A. 25 meters
❍ B. 100 meters
❍ C. 185 meters
❍ D. 500 meters
A
100BaseT is an Ethernet network standard implemented using thin twisted-
pair cable. The maximum length of a segment is 100 meters. When cable
is run beyond 100 meters, repeaters can be used to regenerate the signal for
longer transmission distances.
14
Q
- Which of the following is a valid IPv6 address?
❍ A. 42DE:7E55:63F2:21AA:CBD4:D773
❍ B.42CD:7E55:63F2:21GA:CBD4:D773:CC21:554F
❍ C. 42DE:7E55:63F2:21AA
❍ D.42DE:7E55:63F2:21AA:CBD4:D773:CC21:554F
A
D. IPv6 uses a 128-bit address, which is expressed as eight octet pairs in hexadecimal
format, separated by colons. Because it is hexadecimal, only numbers
and the letters A through F can be used.
15
Q
While troubleshooting a network connectivity problem on a Windows Server system,
you need to view a list of the IP addresses that have been resolved to MAC
addresses. What command would you use to do this?
❍ A. arp -a
❍ B. nbtstat -a
❍ C. arp -d
❍ D. arp -s
A
A. The arp -a command is used to display the IP addresses that have been
resolved to MAC addresses. The nbtstat command (answer B) is used to
view protocol statistics for NetBIOS connections. arp -d (answer C) is used
to delete entries in the ARP cache. The arp -s command (answer D) enables
you to add static entries to the ARP cache.
16
Q
- While troubleshooting a DNS issue from a UNIX server, you suspect that the
DNS record for one of your other servers is incorrect. Which of the following utilities
are you most likely to use to troubleshoot this problem?
❍ A. ipconfig
❍ B. dig
❍ C. netstat
❍ D. nbtstat
A
B. The dig command is used on UNIX and Linux systems to perform manual
name resolutions against a DNS server. This can be useful in troubleshooting
DNS-related issues. The ipconfig, netstat, and nbtstat commands
are all Windows-based commands, so they would not be used in this scenario.
17
Q
A miscreant has added a rogue access point to your wireless network. Users are
mistakenly connecting to that access point instead of the legitimate one they
should connect to. What is this type of attack which eavesdrops on the wireless
network known as?
❍ A. Evil twin
❍ B. War driving
❍ C. WEP cracking
❍ D. DDoS
A
A. An evil twin is a type of attack in which a rogue access point poses as a
legitimate one and eavesdrops on the network communications. Answer B is
incorrect because war driving involves the act of seeking out wireless networks
(usually from a vehicle, hence the name) and not setting up a rogue access
point. Answer C is incorrect because WEO cracking involves breaking the
WEP encryption on an existing access point and not installing a rogue one.
Answer D is incorrect because DDoS is a Distributed Denial of Service attack
intended to bring down a server by keeping it too busy responding to echo
requests that it cannot service legitimate requests for data.
18
Q
- You are experiencing problems with the network connectivity of a Windows 7
system. You suspect that there might be a problem with an incorrect route in the
routing table. Which of the following TCP/IP utilities can you use to view the
routing table? (Choose two.)
❍ A. tracert
❍ B. nbstat
❍ C. route
❍ D. netstat
❍ E. ping
A
C, D. Both the route and netstat commands can be used to view the routing
table on a Windows 7 system. Answer A is incorrect because the tracert
utility is used to track the route a packet takes between two destinations.
Answer B is incorrect because the nbtstat command is used to view statistical
information for NetBIOS connections. Answer E is incorrect because the
ping utility is used to test network connectivity.
19
Q
- Which of the following best describes the function of asymmetric key encryption?
❍ A. It uses both a private and public key to encrypt and decrypt messages.
❍ B. It uses two private keys to encrypt and decrypt messages.
❍ C. It uses a single key for both encryption and decryption.
❍ D. It uses three separate keys for both encryption and decryption.
A
A. Asymmetric key encryption uses both a private and public key to encrypt
and decrypt messages. The public key is used to encrypt a message or verify a
signature, and the private key is used to decrypt the message or sign a document.
In a symmetric key encryption strategy, a single key is used for both
encryption and decryption. None of the other answers represents asymmetric
key encryption.
20
Q
- Which of the following services provides name resolution services for FQDNs?
❍ A. DNS ❍ B. DHCP ❍ C. WINS ❍ D. ARP ❍ E. NTP
A
A. The Domain Name System (DNS) resolves Fully Qualified Domain
Names (FQDNs) to IP addresses. Answer B is incorrect because Dynamic
Host Configuration Protocol (DHCP) provides automatic IP address assignment.
Answer C is incorrect because the Windows Internet Naming Service
(WINS) provides NetBIOS computer name to IP address resolution. Answer
D is incorrect because Address Resolution Protocol (ARP) resolves IP
addresses to MAC addresses. Answer E is incorrect because Network Time
Protocol (NTP) facilitates the communication of time information between
systems.
21
Q
- You are installing a 100BaseFX network, and you need to purchase connectors.
Which of the following might you purchase? (Choose two.)
❍ A. RJ-45
❍ B. ST
❍ C. BNC
❍ D. SC
A
B, D. 100BaseFX networks use fiber media, which can use either ST or SC
connectors. Answer A is incorrect because RJ-45 connectors are used with
UTP media. Answer C is incorrect because BNC connectors are used with
thin coax media on 10Base2 networks.
22
Q
- To increase wireless network security, you have decided to implement portbased
security. Which of the following standards specifies port-based access
control?
❍ A. 802.11x
❍ B. 802.1x
❍ C. 802.11b
❍ D. 802.1b
A
B. 802.1x is an IEEE standard specifying port-based network access control.
Port-based network access control uses the physical characteristics of a
switched local area network (LAN) infrastructure to authenticate devices
attached to a LAN port and to prevent access to that port in cases where the
authentication process fails. Answer A is incorrect because 802.11x is not a
security standard but sometimes is used to refer to all wireless network standards,
such as 802.11b/g/a/n. Answer C, 802.11b, is an actual wireless standard
specifying transmission speeds of 11Mbps.
23
Q
- When designing a network, you have been asked to select a cable that offers the
most resistance to crosstalk. Which of the following are you likely to choose?
❍ A. Multimode fiber-optic
❍ B. Shielded twisted pair
❍ C. UTP
❍ D. Shielded mesh
A
A. Unlike copper-based media, fiber-optic media is resistant to crosstalk
because it uses light transmissions. Answer B is incorrect because STP offers
greater resistance to crosstalk than regular UTP but is not as resistant as
fiber-optic cable. Answer C is incorrect because UTP cable is more susceptible
to crosstalk than either STP or fiber-optic. Answer D is incorrect because
shielded mesh is not a type of cable.
24
Q
- Which of the following are considered disaster recovery measures? (Choose
two. )
❍ A. Backups
❍ B. UPS
❍ C. RAID 5
❍ D. Offsite data storage
A
A, D. Both backups and offsite data storage are considered disaster recovery
measures. Answer B is incorrect because a UPS is considered a fault-tolerance
measure, not a disaster recovery measure. Answer C is incorrect because
RAID 5 is considered a fault-tolerance measure, not a disaster recovery
measure.
25
25. Which command produces the following output?
Interface: 24.77.218.58 --- 0x2
Internet Address Physical Address Type
24.77.216.1 00-00-77-99-a4-4c dynamic
❍ A. arp
❍ B. tracert
❍ C. ipconfig
❍ D. netinf
A. The output is from the arp -a command, which shows information related
to IP address-to-MAC address resolutions. Answer B is incorrect because
the tracert command displays the route a packet takes between two points.
Answer C is incorrect because the ipconfig command displays a system’s
network configuration. Answer D is incorrect because there is no such command
as netinf.
26
26. You are working with a wireless network that is using channel 1 (2412MHz). What
RF range would be used if you switched to channel 3?
❍ A. 2417
❍ B. 2422
❍ C. 2427
❍ D. 2408
B. IEEE 802.11g/b wireless systems communicate with each other using radio
frequency signals in the band between 2.4GHz and 2.5GHz. Neighboring
channels are 5MHz apart. Therefore, channel 3 would use the 2422 RF
(2412+5+5).
27
27. What is the basic purpose of a firewall system?
❍ A. It provides a single point of access to the Internet.
❍ B. It caches commonly used web pages, thereby reducing the bandwidth
demands on an Internet connection.
❍ C. It allows hostnames to be resolved to IP addresses.
❍ D. It protects one network from another by acting as an intermediary
system.
D. The purpose of a firewall system is to protect one network from another.
One of the most common places to use a firewall is to protect a private network
from a public one such as the Internet. Answer A is incorrect because
although a firewall can provide a single point of access, that is not its primary
purpose. Answer B more accurately describes the function of a proxy server.
Answer C describes the function of a DNS server.
28
28. As part of a network upgrade, you have installed a router on your network, creating
two networks. Now, workstations on one side of the router cannot access
workstations on the other side. Which of the following configuration changes
would you need to make to the workstations to enable them to see devices on
the other network? (Choose two.)
❍ A. Change the IP address assignments on one side of the router so that
the router is on a different IP network from the other one.
❍ B. Update the default gateway information on all systems so that they
use the newly installed router as the gateway.
❍ C. Update the default gateway information on all systems so that they
use a workstation on the other network as the default gateway.
❍ D. Make sure that the IP address assignments on all network workstations
are the same.
A, B. The devices on one side of the router need to be configured with a different
IP network address than when the network was a single segment. Also,
the default gateway information on all systems needs to be updated to use the
newly installed router as the default gateway. Answer C is incorrect because
the default gateway address should be the address of the router, not another
workstation on the network. Answer D is incorrect because for systems to
communicate on an IP network, all devices must be assigned a unique IP
address. Assigning systems the same address would cause address conflicts,
thus keeping the systems from communicating.
29
29. Which type of cable should be used to swap out a bad run in a 1000BaseT network?
❍ A. RG-58
❍ B. Category 5 UTP
❍ C. Category 5e UTP
❍ D. Multimode fiber
C. 1000BaseT is implemented using a minimum of Category 5e UTP cable.
Answer A is incorrect because RG-58 is a type of coaxial cable with a maximum
speed of 10Mbps. Answer B is incorrect because Category 5 UTP cable
is not intended for use on a 1000BaseT network: it will support 10/100 but
was superseded by 5e for Gigabit Ethernet. Answer D is incorrect because
multimode fiber is used in fiber-optic networks. The 1000BaseT standard
defines 1000Mbps networking using UTP cable.
30
30. Which of the following network types is easiest to add new nodes to?
```
❍ A. Bus
❍ B. Ring
❍ C. Star
❍ D. Mesh
❍ E. Hybrid
```
C. Each node on a star network uses its own cable, which makes it easy to add
users without disrupting current ones. Adding a node to a bus network can
sometimes involve breaking the segment, which makes it inaccessible to all
other nodes on the network. This makes answer A incorrect. Answer B is
incorrect because a true ring network model would require that the ring be
broken to add a new device. Answer D is incorrect because a mesh topology
requires that every device be connected to every other device on the network.
Therefore, it is quite difficult to expand a mesh network. Answer E is incorrect
because a hybrid topology requires mixing elements from at least two different
topologies and is always more difficult than using only one.
31
31. You are troubleshooting a network connectivity error, and you need to issue a
continuous ping command. Which of the following switches is used with ping
to send a continuous ping message?
❍ A. -p
❍ B. -t
❍ C. -c
❍ D. -r
B. The ping -t command issues a continuous stream of ping requests until it
is interrupted. A regular ping sends four requests, but sometimes this is not
enough to troubleshoot a connectivity issue. None of the other answers are
valid switches for a continuous ping command.
32
32. You recently installed a DHCP server to replace static IP addressing. You configure
all client systems to use DHCP and then reboot each system. After they are
rebooted, they all have an IP address in the 169.254.0.0 range. Which of the following
statements is true?
❍ A. The DHCP server has been configured to assign addresses in the
169.254.0.0 IP range.
❍ B. The DHCP server must be rebooted.
❍ C. Client systems cannot access the new DHCP server.
❍ D. Client systems receive IP address information from the HOSTS file.
C. When a client system first boots up, it looks for a DHCP server. If the
server cannot be found, Automatic Private IP Addressing (APIPA) automatically
assigns IP addresses to the client systems. The addresses are not routable
and cannot be used to access remote segments. The addresses assigned are in
the 169.254.0.0 address range. All clients configured with valid APIPA address
can communicate with each other
33
33. Placing a node on which of the following types of networks would require that
you obtain an address from the IANA (whether you do so directly or an ISP does
so on your behalf)?
❍ A. Private network
❍ B. Public network
❍ C. Ethernet network
❍ D. LAN
B. The Internet Assigned Numbers Authority (IANA) manages the address
assignments for public networks such as the Internet. Often, an ISP requests a
number on your behalf when needed. Answers A and D are incorrect because
on a private network or LAN, you can use any internal IP addressing scheme
that is compatible with your local network. Answer C is incorrect because an
Ethernet network can be either private or public. It does not directly need an
IANA assigned addressing scheme.
34
34. You are troubleshooting a client’s network. From the network specifications, you
learn that you will be using the 1000BaseCX standard. What type of cable will
you use?
❍ A. Multimode fiber
❍ B. STP
❍ C. Single-mode fiber
❍ D. CoreXtended fiber
B. The 1000BaseCX standard specifies Gigabit Ethernet over STP cabling.
Answer A is incorrect because 1000BaseSX and 1000BaseLX specify Gigabit
Ethernet over two types of multimode fiber. Answer C is incorrect because
single-mode fiber-optic cable is used with the 100BaseFX standard. Answer D
is incorrect because there is no such thing as CoreXtended fiber-optic cable.
35
35. Which of the following network protocols can recover from lost or corrupted
packets in a network transmission?
❍ A. L2TP
❍ B. TCP
❍ C. FTP
❍ D. ARP
B. TCP is a connection-oriented protocol, so it can recover from failed transmissions.
Answer A is incorrect because L2TP is used in remote-access connections.
Answer C is incorrect because FTP is a connectionless file transfer
protocol and cannot recover from lost packets. Answer D is incorrect because
ARP is part of the TCP/IP protocol suite that resolves IP addresses to MAC
addresses.
36
36. Your colleague decides to close all unused ports on the corporate firewall to further
secure the network from intruders. The open ports are 25, 80, 110, and 53.
Your colleague knows that ports 25 and 110 are required for email and that port
80 is used for nonsecure web browsing, so he decides to close port 53 because
he doesn’t think it is necessary. Which network service is now unavailable?
❍ A. Secure HTTP
❍ B. FTP
❍ C. Telnet
❍ D. DNS
D. The DNS service uses port 53. If this port is accidentally blocked, the
DNS service will be unavailable. Answer A is incorrect because secure HTTP
uses port 443. Answer B is incorrect because FTP uses port 21. Answer C is
incorrect because Telnet uses port 23.
37
37. You are working on a Linux system, and you suspect that there might be a problem
with the TCP/IP configuration. Which of the following commands would you
use to view the system’s network card configuration?
❍ A. config
❍ B. ipconfig
❍ C. winipcfg
❍ D. ifconfig
D. On a Linux system, the ifconfig command shows the network card configuration.
Answer A is incorrect because the config command shows the
network configuration on a NetWare server. Answer B is incorrect because
the ipconfig command shows the network configuration information on a
Windows system. Answer C is incorrect because the winipcfg command
shows the network configuration information on a certain Windows system,
such as Windows 95/98
38
38. You have configured network clients to obtain IP addresses using APIPA. Which
of the following IP ranges would be assigned to client systems?
❍ A. 10.10.0.0 to 10.254.254.0
❍ B. 169.168.0.0 to 169.168.255.255
❍ C. 192.168.0.0 to 192.168.254.254
❍ D. 169.254.0.1 to 169.254.255.254
D. The Internet Assigned Numbers Authority (IANA) has reserved addresses
169.254.0.1 to 169.254.255.254 for Automatic Private IP Addressing. APIPA
uses a Class B address with a subnet mask of 255.255.0.0. None of the other
IP address ranges listed are associated with APIPA address ranges.
39
39. Your manager asks you to implement a fault-tolerant disk solution on your server.
You have two 3TB hard disks and two controllers, so you decide to implement
RAID 1. After the installation, your manager asks you how much storage space is
now available for storing data. What do you tell her?
❍ A. 3TB
❍ B. 4TB
❍ C. 6TB
❍ D. 12TB
A. In a RAID 1 scenario in which two controllers are used (disk duplexing),
one disk carries an exact copy of the other. Therefore, the total volume of one
disk (3TB in this case) is lost to redundancy.
40
40. Which of the following statements best describes PRI ISDN?
❍ A. PRI ISDN uses 128 B channels and two D channels.
❍ B. PRI ISDN uses 23 B channels and one D channel.
❍ C. PRI ISDN uses two B channels and one D channel.
❍ D. PRI ISDN uses 23 D channels and one B channel
B. Primary Rate ISDN (PRI) uses 23 B channels to carry data and one D
channel to carry signaling information. Answer C is incorrect because it
describes Basic Rate ISDN (BRI). Answers A and D are invalid.
41
1. What is the basic purpose of a local area network (LAN)?
A. To interconnect networks in several different buildings
B. To connect one or more computers together so they can share resources
C. To interconnect 2 to 10 routers
D. To make routers unnecessary
1. B. LANs generally have a geographic scope of a single building or smaller. They can be simple (two hosts) to complex (with thousands of hosts). See Chapter 1 for more information.
42
2. You need a topology that is easy to troubleshoot and scalable. Which would you use?
A. Bus
B. Star
C. Mesh
D. Ring
2. B. Star topologies are the easiest to troubleshoot and can easily scale to large sizes. See Chapter 1 for more information.
43
3. IP resides at which layer of the OSI model?
A. Application
B. Data Link
C. Network
D. Physical
3. C. IP is a Network layer protocol. Internet Explorer is an example of an Application layer protocol. Ethernet is an example of a Data Link layer protocol, and T1 can be considered a Physical layer protocol. See Chapter 2 for more information.
44
4. Layer 2 of the OSI model is named ___________________.
A. Application layer
B. Network layer
C. Transport layer
D. Data Link layer
Lammle, Todd (2012-01-09). CompTIA Network+ Study Guide Authorized Courseware: Exam N10-005 . Wiley. Kindle Edition.
4. D. Layer 2 of the OSI model is the Data Link layer, which provides the physical transmission of the data and handles error notification, network topology, and flow control. See Chapter 2 for more information.
45
5. Which RG rating of coax is used for cable modems?
A. RG-59
B. RG-58
C. RG-6 D.
RG-8
5. C. Cable modems use RG-6 coax cables. See Chapter 3 for more information.
46
6. Which UTP wiring uses four twisted wire pairs (eight wires) and is rated for 250MHz?
A. Category 3 UTP
B. Category 5 STP
C. Category 5 UTP
D. Category 6 UTP
6. D. To get the high data-transfer speed, like 1Gbps, you need to use a wire standard that is highly rated, such as Category 5e or Category 6. See Chapter 3 for more information.
47
7. If you are running half-duplex Internet, which of the following is true?
A. Your digital signal cannot transmit and receive data at the same time.
B. Hosts use the CSMA/CD protocol to prevent collisions.
C. The physical connection consists of one wire pair.
D. All of the above.
7. D. A, B, and C are true. With half duplex, you are using one wire pair with a digital signal either transmitting or receiving (but not both at once). Carrier Sense Multiple Access with Collision Detection (CSMA/CD) helps packets that are transmitted simultaneously from different hosts share bandwidth evenly. See Chapter 4 for more information.
48
8. You need to connect a hub to a switch. You don’t like this idea because you know that it will create congestion. What type of cable do you need to use to connect the hub to the switch?
A. EtherIP
B. Crossover
C. Straight-through
D. Cable Sense, Multiple Access
8. B. To connect two switches together or a hub to a switch, you need a crossover cable. See Chapter 4 for more information.
.
49
9. Your boss asks you why you just put in a requisition to buy a bunch of switches. He said he just bought you a bunch of hubs five years ago! Why did you buy the switches?
A. Because each switch port is its own collision domain.
B. The cable connecting devices to the hub wore out, and switches were cheaper than new cable. C. There were too many broadcast domains, and a switch breaks up broadcast domains by default. D. The hubs kept repeating signals but quit recognizing frames and data structures.
9. A. For the most part, switches are not cheap; however, one of the biggest benefits of using switches instead of hubs in your internetwork is that each switch port is actually its own collision domain. A hub creates one large collision domain. Switches still can’t break up broadcast domains (do you remember which devices do?). Hubs do not recognize frames and data structures but switches do. See Chapter 5 for more information.
50
10. Which device would connect network segments together, creating separate collision domains for each segment but only a single broadcast domain?
A. Hub
B. Router
C. Switch
D. Modem
10. C. A switch creates separate collision domains for each port but does not break up broadcast domains by default. See Chapter 5 for more information.
51
11. Most Application layer protocols use only UDP or TCP at the Transport layer. Which of the following could use both?
A. TCP
B. Microsoft Word
C. Telnet
D. DNS
11. D. DNS uses TCP for zone exchanges between servers and UDP when a client is trying to resolve a hostname to an IP address. See Chapter 6 for more information.
52
12. HTTP, FTP, and Telnet work at which layer of the OSI model?
A. Application
B. Presentation
C. Session
D. Transport
12. A. HTTP, FTP and Telnet use TCP at the Transport layer; however, they are all Application layer protocols, so the Application layer is the best answer for this question. See Chapter 6 for more information.
53
13. IPv6 uses multiple types of addresses. Which of the following would describe an anycast address used by an IPv6 host?
A. Communications are routed to the most distant host that shares the same address.
B. Packets are delivered to all interfaces identified by the address. This is also called one-to-many addressing.
C. This address identifies multiple interfaces, and the anycast packet is only delivered to one address. This address can also be called one-to-one-of-many.
D. Anycast is a type of broadcast.
13. C. Anycast is a new type of communication that replaces broadcasts in IPv4. Anycast addresses identify multiple interfaces, which is the same as multicast; however, the big difference is that the anycast packet is delivered to only one address: the first one it finds defined in the terms of routing distance. This address can also be called one-to-one-of-many. See Chapter 7 for more information.
54
14. Which of the following IP addresses are not allowed on the Internet? (Choose all that apply.)
A. 11.255.255.1
B. 10.1.1.1
C. 172.33.255.0
D. 192.168.0.1
14. B, D. The addresses in the range 10.0.0.0 through 10.255.255.255 and 172.16.0.0 through 172.31.255.255 as well as 192.168.0.0 through 192.168.255.255 are all considered private, based on RFC 1918. Use of these addresses on the Internet is prohibited so that they can be used simultaneously in different administrative domains without concern for conflict. See Chapter 7 for more detail on IP addressing and information on private IP addresses.
55
15. What is the subnetwork address for a host with the IP address 200.10.5.168/28?
```
A. 200.10.5.156
B. 200.10.5.132
C. 200.10.5.160
D. 200.10.5.0
E. 200.10.5.255
```
15. C. This is a pretty simple question. A /28 is 255.255.255.240, which means that our block size is 16 in the fourth octet. 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, and so on. The host is in subnet 160. See Chapter 8 for more information.
56
16. If you wanted to verify the local IP stack on your computer, what would you do?
```
A. Ping 127.0.0.0
B. Ping 127.0.0.1
C. Telnet 1.0.0.127
D. Ping 169.5.3.10
E. Telnet 255.255.255.255
```
16. B. To test the local stack on your host, ping the loopback interface of 127.0.0.1. As a matter of fact, the entire range from 127.0.0.1-127.255.255.254 will test the IP stack. See Chapter 8 for more information.
57
17. The OSI model uses an encapsulation method to describe the data as it is encapsulated at each layer. What is the encapsulation named at the Data Link layer?
```
A. Bits
B. Packets
C. Frames
D. Data
E. Segments
```
17. C. The Data Link layer is responsible for encapsulating IP packets into frames and for providing logical network addresses. See Chapter 9 for more information.
58
18. Where does a Data Link layer frame have to carry a Network layer packet if the packet is destined for a remote network?
A. Router
B. Physical medium
C. Switch
D. Another host
18. A. Packets specifically have to be carried to a router in order to be routed through a network. See Chapter 9 for more information.
59
19. Which of the following are not distance vector routing protocols? (Choose all that apply.)
A. OSPF
B. RIP
C. RIPv2
D. IS-IS
19. A, D. RIP and RIPv2 are distance vector routing protocols. OSPF and IS-IS are link state. See Chapter 10 for more information.
60
20. Which of the following uses both distance vector and link state properties?
```
A. IGRP
B. OSPF
C. RIPv1
D. EIGRP
E. IS-IS
```
20. D. EIGRP is called a hybrid routing protocol because it uses the characteristics of both distance vector and link state routing protocols. However, EIGRP can only be run on Cisco routers and is not vendor neutral. See Chapter 10 for more information.
61
21. You need to break up broadcast domains in a Layer 2 switched network. What strategy will you use?
A. Implement a loop-avoidance scheme.
B. Create a flatter network structure using switches.
C. Create a VLAN.
D. Disable spanning tree on individual ports.
21. C. Virtual LANs break up broadcast domains in Layer 2 switched internetworks. See Chapter 11 for more information.
62
22. Why do most switches run the Spanning Tree Protocol by default?
A. It monitors how the network is functioning.
B. It stops data from forwarding until all devices are updated.
C. It prevents switching loops.
D. It manages the VLAN database.
22. C. The Spanning Tree Protocol (STP) was designed to stop Layer 2 loops. All enterprise model switches have STP by default. See Chapter 11 for more information.
63
23. Which of the following describes MIMO correctly?
A. A protocol that requires acknowledgment of each and every frame
B. A data-transmission technique in which several frames are sent by several antennae over several paths and are then recombined by another set of antennae
C. A modulation technique that allows more than one data rate
D. A technique that packs smaller packets into a single unit, which improves throughput
23. B. Part of the 802.11n wireless standard, MIMO sends multiple frames by several antennae over several paths; they are then recombined by another set of antennae to optimize throughput and multipath resistance. This is called spatial multiplexing. See Chapter 12 for more information.
64
24. Which two practices help secure your wireless access points from unauthorized access? (Choose all that apply.)
A. Assigning a private IP address to the AP
B. Changing the default SSID value
C. Configuring a new administrator password
D. Changing the mixed-mode setting to single mode
E. Configuring traffic filtering
24. B, C. At a minimum, you need to change the default SSID value on each AP and configure new usernames and passwords on the AP. See Chapter 12 for more information.
65
25. IPSec is defined at what layer of the OSI model?
A. Network
B. Physical
C. Layer 4
D. Layer 7
25. A. IPSec works at the Network layer of the OSI model (Layer 3) and secures all applications that operate above it (Layer 4 and above). Additionally, because it was designed by the IETF and designed to work with IPv4 and IPv6, it has broad industry support and is quickly becoming the standard for VPNs on the Internet. See Chapter 13 for more information.
66
26. You want your users to log in and authenticate before they can get onto your network. Which of the following services would you use?
A. RADIUS
B. DNS
C. Virtual Network Computing
D. Remote Desktop Protocol
26. A. RADIUS combines user authentication and authorization into one profile. See Chapter 13 for more information.
67
27. Someone calls you and asks for your bank account number because the bank is having problems with your account. You give them this information and later find out that you were scammed. What type of attack is this?
```
A. Phishing
B. Calling scam
C. Analog scam
D. Trust-exploration attack
E. Man-in-the-middle attack
F. Rogue access point
```
27. A. Social engineering, or phishing, refers to the act of attempting to illegally obtain sensitive information by pretending to be a credible source. Phishing usually takes one of two forms: an email or a phone call. See Chapter 14 for more information.
68
28. Which three of the following are types of denial of service attacks?
A. Ping of Death
B. Stacheldraht
C. SYN flood
D. Virus FloodSyn
28. A, B, C. A denial of service (DoS) attack prevents users from accessing the system. All of the options are all possible denial of service attacks except Virus FloodSyn. See Chapter 14 for more information.
69
29. You want to stop a hacker in their tracks. Which of the following devices are proactive in providing this service?
```
A. Access control list (ACL)
B. Content filtering
C. Security zones
D. Intrusion prevention system (IPS)
E. Network Address Translation
```
29. D. Changing network configurations, terminating sessions, and deceiving the attacker are all actions that can be taken by an intrusion prevention system (IPS) device. These are all proactive approaches to security. See Chapter 15 for more information.
70
30. You connected your company to the Internet, and security is a concern. What should you install?
A. Higher-quality cables
B. Firewall
C. DNS
D. Switches
30. B. Firewalls help provide perimeter network security by allowing or denying connections and types of traffic in or out of the network. See Chapter 15 for more information.
71
31. Which of the following are WAN protocols or technologies? (Choose all that apply.)
A. ATM
B. ISDN
C. MPLS
D. RIP
31. A, B, C. Routing Information Protocol (RIP) is not a WAN protocol but a routing protocol used in local area connections. See Chapter 16 for more information.
72
32. The rate at which the Frame Relay switch agrees to transfer data is referred to as ___________________.
A. BE
B. FECN
C. CIR
D. BECN
32. C. The Committed Information Rate (CIR) is the rate, in bits per second, at which the Frame Relay switch agrees to transfer data. See Chapter 16 for more information.
73
33. Which two arp utility switches perform the same function?
```
A. –g
B. –Z
C. –d
D. –a
E. -h
F. -b
```
33. A, D. The arp utility’s –a and –g switches perform the same function. They both show the current ARP cache. See Chapter 17 for more information.
74
34. You need to purge and reload the remote NetBIOS name table cache. Which nbtstat utility switch will you use?
```
A. –r
B. –R
C. /r
D. /R
E. -a
F. -A
```
34. B. To purge and reload the remote NetBIOS name cache, you must use nbtstat –R. Remember that the R must be uppercase, and it will not work correctly without the hyphen before it. See Chapter 17 for more information.
75
35. Which tool is used to attach ends to network cables?
```
A. Punch-down tool
B. Crimper
C. VLAN tool
D. Strippers
E. ARP tool
```
35. B. A wire crimper or crimper is used to attach ends onto different types of network cables. See Chapter 18 for more information.
76
36. You are using a TDR. Which three of the following actions can you do with this device?
A. Estimate cable lengths
B. Find splice and connector locations and their associated loss amounts
C. Display unused services
D. Define cable-impedance characteristics
36. A, B, D. Due to sensitivity to any variation and impedance to cabling, options A, B, and D are all reasons you’d use a TDR. See Chapter 18 for more information.
77
37. Which of the following are considered cabling issues? (Choose all that apply.)
A. Crosstalk
B. Shorts
C. Open impedance mismatch
D. DNS configurations
37. A, B, C. Because most of today’s networks still consist of large amounts of copper cable, they can continue to suffer from the physical issues (the options are not a complete list) that have plagued all networks since the very beginning of networking. See Chapter 19 for more information.
78
38. You have just tested your theory of a problem to determine the cause. Based on the standard troubleshooting model, what is your next step?
A. Question the obvious.
B. Establish a theory of probable cause.
C. Establish a plan of action to resolve the problem and identify potential effects.
D. Verify full system functionality and if applicable implement preventative measures.
38. C. You have just tested your theory of a problem to determine the cause. Based on the standard troubleshooting model, the next step would be to Establish a plan of action to resolve the problem and identify potential effects. See Chapter 19 for more information.
79
39. Which network performance optimization technique can delay packets that meet certain criteria to guarantee usable bandwidth for other applications?
```
A. Traffic shaping
B. Jitter control
C. Logical network mapping
D. Load balancing
E. Access lists
```
39. A. Traffic shaping, also known as packet shaping, is another form of bandwidth optimization. See Chapter 20 for more information.
80
40. You need to optimize network traffic by spreading it across multiple connections. Which strategy should be used?
```
A. Load balancing
B. Traffic shaping
C. Add VLANs
D. A 1Gbps connection
E. Following the regulations
```
40. A. Load balancing refers to a technique used to spread work out to multiple computers, network links, or other devices. You can load-balance work on servers by clustering servers so that multiple machines all provide the same service. See Chapter 20 for more information.
81
1. UTP cables use which type of connector?
A. RJ-11
B. RJ-25
C. RJ-45
D. BCN
1. C. UTP cables use an RJ-45 connector. RJ-11 and RJ-25 are often used for terminating telephone lines.
82
2. Which type of cable will have the pins in the same order on both connectors?
A. Crossover cable
B. Straight-through cable
C. Console cable
D. Telephone cable
2. B. Straight-through cables, known as drop cables or patch cables, will have the pins in the same order on both connectors.
83
3. Which pins are switched in a crossover cable?
A. 1 and 2, 3 and 4
B. 1 and 3, 2 and 6
C. 2 and 4, 5 and 7
D. 1 and 4, 5 and 8
3. B. On a crossover cable, one connector has flipped the wires. Specifically, pins 1 and 3 get switched, and pins 2 and 6 get switched.
84
4. UTP cable has specific colors for the wire associated with each pin. Based on the TIA/EIA 568B wiring standard, what is the correct color order, starting with pin 1?
A. White/Orange, Orange, Blue, White/Green, White/Blue, Green, White/Brown, Brown
B. Orange, White/Orange, White/Green, Blue, White/Blue, White/Brown, Brown, Green
C. White/Orange, Orange, White/Green, Blue, White/Blue, Green, White/Brown, Brown
D. White/Green, Green, White/Orange, Blue, White/Blue, Orange, White/Brown, Brown
4. C. If you are going to make your own UTP cables (drop/patch cables) to customize length, you need to make sure that the right wires get to the right pins.
85
5. A baseline contains information about which resources on a network component? (Choose all that apply.)
A. Hard disk
B. Memory
C. Processor
D. Network adapter
5. A, B, C, D. A baseline is the standard level of performance of a network component or a system of components. For networks and networked devices, the four key components are hard disk, memory, processor, and network adapter.
86
6. Which of the following govern how the network is configured and operated as well as how people are expected to behave on the network?
A. Baselines
B. Laws
C. Policies
D. Procedures
6. C. Policies govern how the network is configured and operated as well as how people are expected to behave on the network, such as how users are able to access resources and which types of employees get network access.
87
7. You have upgraded the firmware on your switches and access points. What documentation do you need to update?
A. Baselines and configuration documentation
B. Physical network diagram
C. Logical network diagram
D. Wiring schematics
7. A. A physical network diagram contains all the physical devices and connectivity paths on your network and should accurately picture how your network physically fits together in detail. This document will also have the firmware revision on all the switches and access points in your network.
88
8. A user reports slowness on a network. The network administrator can begin to monitor the system by using what to look into the problem?
A. IPS
B. Load balancing
C. Packet sniffing
D. Regulations
8. C. A good choice here would be to use a packet sniffer. Packet sniffers allow you to examine network traffic down to details of individual packets. The key piece that network administrators are usually looking for is the packet header, or the beginning of each packet. The packet header will contain the protocol being used as well as the source and destination IP addresses.
89
9. Load testing, connectivity testing, and throughput testing are all examples of what?
A. Load balancing
B. Network monitoring
C. Packet sniffer
D. Traffic shaping
9. B. Network monitoring can have several names, including load testing, connectivity testing, and throughput testing. You will also hear network monitors referred to as protocol analyzers.
90
10. Which type of Windows server log will give information about specific programs?
A. Application
B. Security
C. System
D. None of the above
10. A. The application log contains events triggered by applications or programs. These events are determined by the programmers. Examples of software that provide application logs are LiveUpdate, the Microsoft Office suite, and SQL and Exchange servers.
91
11. Which type of Windows server log will give you information about drivers and services?
A. Application
B. Security
C. System
D. None of the above
11. C. The system log contains events generated by Windows system components. It includes events such as drivers and services starting or failing to start.
92
12. What can provide different priority levels to different applications, data flows, or users to help guarantee performance levels?
A. 1Gbps connection
B. Bandwidth
C. Uptime
D. Quality of service
12. D. QoS provides different priority levels to different applications, data flows, or users so that they can be guaranteed a certain performance level.
93
13. Which of the following provides increased availability to firewalls and gateways?
A. DHCP
B. CARP
C. SaaS
D. NaaS
13. B. Common Address Redundancy Protocol (CARP) can be used to increase availability of gateways and firewalls.
94
14. You have added a new cable segment to your network. You need to make sure you document this for troubleshooting purposes. What should you update?
A. The disaster recovery plan
B. The wiring schematics
C. The router connections document
D. The baseline document
14. B. If you add a new cable segment to the network, you need to update the wiring schematics document.
95
15. What is the basic purpose of QoS? (Choose two.)
A. Block access to certain websites
B. Make your entire network run faster
C. Provide priority of one of more types of traffic over others
D. Block access to web resources for just certain users or groups
E. Prioritize delay-sensitive traffic
15. C, E. Quality of service (QoS) is basically the ability to provide different priority to one or more types of traffic over other levels for different applications, data flows, or users so that they can be guaranteed a certain performance level.
96
16. Which network-performance optimization technique can delay packets that meet certain criteria to guarantee usable bandwidth for other applications?
A. Traffic shaping
B. Jitter
C. Logical
D. Load balancing
16. A. Traffic shaping, also known as packet shaping, is a form of bandwidth optimization. It delays packets that meet a certain criteria to guarantee usable bandwidth for other applications. Essentially, with traffic shaping, you’re delaying some traffic so other traffic can get through. Traffic shaping uses bandwidth throttling to ensure that certain data streams don’t send too much data in a specified period of time.
97
17. Which of the following is neither a virtualization component nor a service made available through virtualization?
A. Virtual servers
B. SaaS
C. CARP
D. Virtual switches
17. C. Common Address Redundancy Protocol (CARP) can be used to increase availability of gateways and firewalls. It is not related to virtualization.
98
18. Which of the following are reasons to optimize network performance? (Choose all that apply.)
```
A. Maximizing uptime
B. Minimizing latency
C. Using VoIP
D. Using video applications
E. B and D F. All of the above
```
18. F. There are many bandwidth-intensive programs, like VoIP and video streaming. These are just a few of the reasons why it’s necessary to try to optimize network performance.
99
19. What term describes technologies that can deliver voice communications over the Internet?
A. Jitter
B. Uptime
C. Voice over Internet Protocol
D. None of the above
19. C. Voice over Internet Protocol (VoIP) is a general term that describes several technologies that are able to deliver voice communications over the Internet or other data networks.
100
20. To optimize performance on your network, which of the following control traffic in some way?
```
A. QoS
B. Traffic shaping
C. Load balancing
D. Caching services
E. All of the above
```
20. E. There are many theories and strategies you can apply to optimize performance on your network. All of them deal with controlling the traffic in some way. Strategies include QoS, traffic shaping, load balancing, high availability, and the use of caching servers. You want to ensure that you have plenty of bandwidth available for those applications that need it, such as critical service operations, VoIP, and real-time multimedia streaming.
101
1. Which of the following are not steps in the Network+ troubleshooting model? (Choose all that apply.)
A. Reboot the servers.
B. Identify the problem.
C. Test the theory to determine the cause.
D. Implement the solution or escalate as necessary.
E. Document findings, actions, and outcomes.
F. Reboot all the routers.
1. A, F. Rebooting servers and routers are not part of the troubleshooting model.
102
2. You have a user who cannot connect to the network. What is the first thing you could check to determine the source of the problem?
A. Workstation configuration
B. Connectivity
C. Patch cable
D. Server configuration
2. B. You need to check basic connectivity. The link light indicates that the network card is making a basic-level connection to the rest of the network. It is a very easy item to check, and if the link light is not lit, it is usually a very simple fix (like plugging in an unplugged cable).
103
3. When wireless users complain that they are losing their connection to applications during a session, what is the source if the problem?
A. Incorrect SSID
B. Latency
C. Incorrect encryption
D. MAC address filter
3. B. When wireless uses complain that the network is slow (latency) or that they are losing their connection to applications during a session, it is usually latency arising from a capacity issue.
104
4. Several users can’t log in to the server. Which action would help you to narrow the problem down to the workstations, network, or server?
A. Run tracert from a workstation.
B. Check the server console for user connections. C. Run netstat on all workstations.
D. Check the network diagnostics.
4. B. Although all of these are good tests for network connectivity, checking the server console for user connections will tell you whether other users are able to log into the server. If they can, the problem is most likely related to one of those users’ workstations. If they can’t, the problem is either the server or network connection. This helps narrow down the problem.
105
5. A user can’t log in to the network. She can’t even connect to the Internet over the LAN. Other users in the same area aren’t experiencing any problems. You attempt to log in as this user from your workstation with her username and password and don’t experience any problems. However, you cannot log in with either her username or yours from her workstation. What is a likely cause of the problem?
A. Insufficient rights to access the server
B. A bad patch cable
C. Server down
D. Wrong username and password
5. B. Because of all the tests given and their results, you can narrow the problem down to the network connectivity of that workstation. And because no other users in her area are having the same problem, it can’t be the hub or server. You can log in as the user from your workstation, so you know it isn’t a rights issue or username/password issue. The only possible answer listed is a bad patch cable.
106
6. A user is experiencing problems logging in to a Unix server. He can connect to the Internet over the LAN. Other users in the same area aren’t experiencing any problems. You attempt logging in as this user from your workstation with his username and password and don’t experience any problems. However, you cannot log in with either his username or yours from his workstation. What is a likely cause of the problem?
A. The Caps Lock key is pressed.
B. The network hub is malfunctioning.
C. You have a downed server.
D. You have a jabbering NIC.
6. A. Because other users in the same area aren’t having a problem, it can’t be a downed server, network hub, or jabbering NIC. And because both you and the user can’t log in, more than likely it’s a problem specific to that workstation. The only one that would affect your ability to log in from that station is the Caps Lock key being pressed. That will cause the password to be in all uppercase (which most server operating systems treat as a different password), and thus it will probably be rejected.
107
7. You receive a call from a user who is having issues connecting to a new VPN. Which is the first step you should take?
A. Find out what has changed.
B. Reboot the workstation.
C. Document the solution.
D. Identify the symptoms and potential causes.
7. D. Since this is a new connection, you need to start by troubleshooting and identify the symptoms and potential causes.
108
8. A workstation presents an error message to a user. The message states that a duplicate IP address has been detected on the network. After establishing what has changed in the network, what should be the next step using the standard troubleshooting model?
A. Test the result.
B. Select the most probable cause.
C. Create an action plan.
D. Identify the results and effects of the solution.
8. B. According to the Network+ troubleshooting model, the next step would be step 2, establishing the most probable cause.
109
9. You have gathered information on a network issue and determined the affected areas of the network. What is your next step in resolving this issue?
A. You should implement the best solution for the issue.
B. You should test the best solution for the issue. C. You should check to see if there have been any recent changes to this affected part of the network. D. You should consider any negative impact to the network that might be caused by a solution.
9. C. After determining the affected area, you need to find out if any changes have taken place.
110
10. A user calls you, reporting a problem logging in to the corporate intranet. You can access the website without problems using the user’s username and password. At your request, the user has tried logging in from other workstations but has been unsuccessful. What is the most likely cause of the problem?
A. The user is logging in incorrectly.
B. The network is down.
C. The intranet server is locked up.
D. The server is not routing packets correctly to that user’s workstation.
10. A. Because the user can’t log in correctly from any machine, more than likely he is using the wrong procedure for logging in. Because no one else is having that problem (including yourself), the problem must be related to that user.
111
11. You have just implemented a solution and you want to celebrate your success. But what should you do next before you start your celebration?
A. Gather more information about the issue.
B. Document the issue and the solution that was implemented.
C. Test the solution and identify other effects it may have.
D. Escalate the issue.
11. C. After you have implemented a solution, you need to test if the solution works and identify other effects it may have.
112
12. You can ping the local router and web server that a local user is trying to reach, but you cannot reach the web page that resides on that server. From step 2 of the troubleshooting model, what is a possible problem that would lead to this situation?
A. Your network cable is unplugged.
B. There is a problem with your browser.
C. Your NIC has failed.
D. The web server is unplugged.
12. B. Because you cannot reach the web page that resides on the server, the problem is most likely related to a problem with your browser.
113
13. When troubleshooting an obscure network problem, what physical conditions should be reviewed to make sure the network device is operating correctly?
A. Excessive heat
B. Low/excessive humidity
C. ESD problems
D. All of the above
13. D. From a design standpoint, the physical environment for a server should be optimized for items such as placement, temperature, and humidity. When troubleshooting, don’t forget to check the physical conditions under which the network device is operating. Check for problems such as those mentioned here as well as EMI/RFI problems, power problems, and unplugged cables.
114
14. Which of the following is not a basic physical issue that can occur on a network when a user is connected via cable?
A. Crosstalk
B. Shorts
C. Open impedance mismatch
D. DNS configurations
14. D. Because most of today’s networks still consist of large amounts of copper cable, networks can suffer from the physical issues that have plagued all networks since the very beginning of networking (and the answers here are not a complete list). Newer technologies and protocols have lessened these issues but have not resolved them completely.
115
15. You are troubleshooting a LAN switch and have identified the symptoms. What is the next step you should take?
A. Escalate the issue.
B. Create an action plan.
C. Implement the solution.
D. Determine the scope of the problem.
15. A. Once you have determined that the switch is the problem or the configuration of the switch is the problem, you need to escalate the issue.
116
16. A user calls you, complaining that he can’t access the corporate intranet web server. You try the same address, and you receive a Host Not Found error. Several minutes later, another user reports the same problem. You can still send email and transfer files to another server. What is the most likely cause of the problem?
A. The hub is unplugged.
B. The server is not routing protocols to your workstation.
C. The user’s workstation is not connected to the network.
D. The web server is down.
16. D. Because other people are experiencing the problem, most likely it is either network or server related. Because you can transfer files to and from another server, it can’t be the network. Thus, the problem is related to the web server.
117
17. You have implemented and tested a solution and identified any other effects the solution may have. What is your next step?
A. Create an action plan.
B. Close the case and head home for the day.
C. Reboot the Windows server.
D. Document the solution.
17. D. After investigating the problem thoroughly and successfully testing and resolving an issue, you need to document the solution.
118
18. Users are reporting that they can access the Internet but not the internal company website. Which of the following is the most likely problem?
A. The DNS entry for the server is non-authoritative. B. The intranet server is down.
C. The DNS address handed out by DHCP is incorrect.
D. The default gateway is incorrect.
18. B. Since users can get to the Internet, this means the DNS server is working and they have the correct default gateway. The intranet server is probably down.
119
19. Several users have complained about the server’s poor performance as of late. You know that the memory installed in the server is sufficient. What could you check to determine the source of the problem?
A. Server’s NIC link light
B. Protocol analyzer
C. Performance-monitoring tools
D. Server’s system log file
19. C. Performance-monitoring tools can give you an idea of how busy the server and the rest of the network are. These tools use graphs to indicate how much traffic is going through the server.
120
come back up when everything is brought online. After you have identified the affected areas, established the cause, and escalated this problem, what do you do next?
A. Start to implement a solution to get those users back online ASAP.
B. Create an action plan and solution.
C. Meet with the emergency response team to determine the next step.
D. Copy all the working routers’ configurations to the nonworking switches.
20. C. Once you escalate the problem, you are done with the seven-step model. Meet with the escalation team to determine the next step.
