Test 0

Question 1

1. A UTM is deployed on the external edge of the main corporate office. The office connects to the WAN port of the edge router. The edge router at the main office connects to the remote offices using GRE IPSec tunnels. A network administrator notices that a worm that was not detected by the UTM has spread from the remote sites into the corporate network. The UTM currently has traffic rules applied that should block the port used by the worm. Which of the following steps would MOST likely correct this issue?

A. Move the UTM onto the LAN side of the network
B. Enable TLS inspection on the UTM
C. Enable stateful inspection on the UTM
D. Configure the UTM to deny encrypted files from being transferred

Answer 1

C. Enable stateful inspection on the UTM

Stateful-inspection firewalls: Unlike packet-filtering firewalls, stateful-inspection firewalls can track and “understand” when a TCP connection has occurred. This allows for reply traffic to be allowed through the firewall without the need for explicit rules. As a result, stateful-inspection firewalls make configuration easier, but can add a bit more inspection overhead and slow down traffic slightly more than packet-filtering firewalls. so C could be the correct answer

Question 2

2. A technician has racked a new access switch and has run multimode fiber to a new location. After installing an extended-range 10Gb SFP in the core switch, the technician installed a 10Gb SFP in the access switch and connected the port to the new extension with a fiber jumper. However, the link does not display, and the technician cannot see light emitting from the core switch. Which of the following solutions is MOST likely to resolve the problem?

A. Swap the fiber pairs in one of the SFPs
B. Replace the jumpers with single-mode fiber
C. Set the correct MTU on the new interface
D. Install an optic that matches the fiber type

Answer 2

B. Replace the jumpers with single-mode fiber

“extended-range 10Gb SFP” is the key here. And their use of the word “jumpers” means all the mm fiber is getting changed.

Question 3

3. A network technician has implemented ACLs to limit access to cloud-based file storage. Which of the following security mechanisms has the technician enforced?

A. DLP
B. IDS
C. WAF
D. WPA
E. TPM

Answer 3

C. WAF
Web Application Firewall

Option C is correct: The clue here is “ cloud-based file storage”. The only security mechanism here is Web Application Firewall (WAF).

Data Lost prevention (DLP): A security technique that detects potential data breaches/data ex-filtration transmissions and prevent them by monitoring, detecting and blocking sensitive data while in use, in motion, and at rest.
Intrusion Detection System (IDS): A device or software application that monitors a network or systems for malicious activity or policy violations.
Wi-Fi Protected Access (WPA): A security protocol designed to create secure wireless (Wi-Fi) networks.
Trusted Platform Module (TPM): A cryptographic module that enhances computer security and privacy.

Question 4

4. A network technician receives a call from a user in the accounting department stating that Internet connectivity has been lost after receiving a new workstation. No other users in accounting are reporting similar issues. The network technician is able to ping the machine from the accounting departmentג€™s router, but is not able to ping the machine from the IT network. Which of the following is MOST likely the cause?

A. Incorrect default gateway
B. Duplicate IP address
C. Misconfigured OSPF
D. Improper VLAN assignment

Answer 4

A. Incorrect default gateway

If the technician can ping the workstation from the accounting department’s router (and there is no mention of the staff person having difficulties connecting to accounting resources), we can assume the workstation is in the correct VLAN. The only other answer that makes sense is an incorrect default gateway - likely due to manual misconfiguration (they make no mention of using DHCP, so manual entry errors should be considered). A makes sense - it’s just a poorly worded question to make you think it through.

Question 5

5. A firewall administrator is implementing a rule that directs HTTP traffic to an internal server listening on a non-standard socket. Which of the following types of rules is the administrator implementing?

A. NAT
B. PAT
C. STP
D. SNAT
E. ARP

Answer 5

B. PAT

The answer is PAT.

Static Network Address Translation (SNAT) would be used to translate from one address to another. The question asks how to convert from one port to another; this is called Port Address Translation (PAT)

Question 6

6. A technician is installing a new wireless badging system on a hospital network. The requirements of the badging system are for it to have its own SSID and low power levels. The badging system has to cover 99.9% of the hospital. Which of the following is the BEST action to take to meet the system requirements?

A. Install additional WAPs
B. Install external antennas
C. Move the WAPs closer to the more populated area
D. Change the antenna types

Answer 6

A. Install additional WAPs

Question 7

7. A technician attempts to replace a switch with a new one of similar model from the same vendor. When the technician moves the fiber and SFP plug, the switch does not completely boot up. Considering that the config files are the same, which of the following is the MOST likely cause of the failure?

A. Damaged fiber
B. Corrupted operating system
C. VLAN mismatch
D. Bad port

Answer 7

B. Corrupted operating system

If the switch doesn’t boot up, it’s likely due to the operating system, not the configuration of the switch itself. Even with a vlan mismatch, the switch should completely boot up.

Question 8

8. A company has hundreds of nodes on a single subnet and has decided to implement VLANs. Which of the following BEST describes the benefit of this approach?

A. It segments broadcast domains in the network infrastructure
B. It provides a faster port to all servers
C. It provides multiple collision domains on one switchport
D. It provides multiple broadcast domains within a single collision domain

Answer 8

A. It segments broadcast domains in the network infrastructure

Question 9

9. A company has completed construction of a new datacenter, and the IT staff is now planning to relocate all server and network equipment from the old site to the new site. Which of the following should the IT staff reference to determine the location of the equipment being moved?

A. Rack diagrams
B. Network topology
C. Standard operating procedures
D. Wiring documentation

Answer 9

A. Rack diagrams

It asked for “reference to determine the location of the equipment being moved”. Keyword is the physical location, you need the rack diagrams to determine the space and the positions of the servers/network equipment.

network topology refers to… Bus, Star, Mesh, Ring topologies.. not physical location of equipment.

Question 10

10. Which of the following would allow a device to maintain the same IP address lease based on the physical address of the network card?

A. MAC address reservation
B. Static IP address
C. IP address exclusion
D. Custom DNS server entry

Answer 10

A. MAC address reservation

Because it says the ‘physical address’ and physical address is another word for MAC address. Launch CMD in windows and type ‘ipconfig/all’ next to physical address you will find the MAC address of your device.

Question 11

11. A technician wants to prevent an unauthorized host from connecting to the network via Ethernet. Which of the following is a Layer 2 access control the technician should implement?

A. Access control lists
B. Captive portal
C. WPA2
D. Port security

Answer 11

D. Port security

keyword “via Ethernet” aka port

They want to prevent an unauthorized host from connecting to the network via Ethernet. Anyone can hook up their laptop to an open Ethernet port. Port Security (Layer 2) would only allow certain computers to connect via a given port. ACL is associated with Layer 3 of the OSI model. Therefore, answer is D.

Question 12

12. A network engineer is configuring wireless access for guests at an organization. Access to other areas in the organization should not be accessible to guests.
    Which of the following represents the MOST secure method to configure guest access to the wireless network?

A. Guests should log into a separate wireless network using a captive portal
B. Guests should log into the current wireless network using credentials obtained upon entering the facility
C. The existing wireless network should be configured to allow guest access
D. An additional wireless network should be configured to allow guest access

Answer 12

A. Guests should log into a separate wireless network using a captive portal

A captive portal is a Web page that the user of a public-access network is obliged to view and interact with before access is granted.

Question 13

13. The server team has just installed an application across three different servers. They are asking that all requests to the application are spread evenly across the three servers. Which of the following should the network team implement to fulfil the request?

A. Proxy server
B. UTM appliance
C. Content filter
D. Load balancer

Answer 13

D. Load balancer

Load balancing refers to the process of distributing a set of tasks over a set of resources, with the aim of making their overall processing more efficient. Load balancing can optimize the response time and avoid unevenly overloading some compute nodes while other compute nodes are left idle.

Question 14

14. A network technician is deploying mobile phones for a company’s sales staff. Salespeople frequently travel nationally and internationally to meet with clients and often have to roam or switch cellular providers. Which of the following standards is the BEST option to fit the requirements?

A. GSM
B. TDM
C. CDMA
D. PSTN
E. MIMO

Answer 14

A. GSM

The Global System for Mobile Communications (GSM) is a standard developed by the European Telecommunications Standards Institute (ETSI) to describe the protocols for second-generation (2G) digital cellular networks used by mobile devices such as mobile phones and tablets. It was first deployed in Finland in December 1991. By the mid-2010s, it became a global standard for mobile communications achieving over 90% market share and operating in over 193 countries and territories.

Question 15

15. A network administrator has been given a network of 172.16.85.0/21 and wants to know the usable range of IP addresses on that subnet. Which of the following indicates the correct IP address range?

A. 172.16.80.0-172.16.85.254
B. 172.16.80.0-172.16.88.255
C. 172.16.80.1-172.16.87.254
D. 172.16.80.1-172.16.85.255

Answer 15

C. 172.16.80.1 - 172.16.87.254

16 (classful subnet - 255.255.0.0)
21 ( classless subnet - 255.255.248.0) 5 bits borrowed from host portion count in bit format to get your magic number ( block size) 128,192,224,240,248 = 5 bits which equals 8 block size, so you count in 8’s to for your networks in this case .80-87 (88 is the last IP which is broadcast so you cannot use that)

Question 16

16. A network technician is troubleshooting wireless network issues in a crowded office complex and suspects there is interference from nearby wireless networks.
    Which of the following should the technician perform to discover possible interference?

A. Site survey
B. Vulnerability scanning
C. Wardriving
D. Checking logical diagram
E. Bandwidth test

Answer 16

A. Site survey

The site survey will allow us to see the overlap of networks, being able to pinpoint where the interference is coming from.

Installing and configuring a Wi-Fi network requires a number of discrete steps. You should start with a site survey to determine any obstacles (existing wireless, interference, and so on) you need to overcome and to determine the best location for your access points.

because bandwidth deals with the AMOUNT OF DATA TRANSMITTED over an internet connection at a given time. So a bandwidth test would just be checking the upload/download times of the network.

Question 17

17. A network technician is troubleshooting an issue and has established a theory of probable cause. Which of the following steps should the network technician take NEXT?

A. Test the possible solution
B. Question the users
C. Determine what has changed
D. Document the theory

Answer 17

A. Test the possible solution

A good mnemonic for the CompTia troubleshooting steps is: I Go To Poland Via Denmark.

1. Identify
2. Guess
3. Test
4. Plan
5. Verify
6. Document
7. Identify the problem.
8. Establish a theory of probably cause. (Question the obvious)
9. Test the theory to determine cause.
10. Establish a plan of action to resolve the problem and implement the solution.
11. Verify full system functionality and if applicable implement preventative measures.
12. Document findings, actions, and outcomes.

Question 18

18. A network technician has discovered a rogue access point placed under an empty cubicle desk. Which of the following should the technician perform to ensure another cannot be placed on the network?

A. Disable unused ports on switches
B. Enable DHCP guard to detect rogue servers
C. Configure WPA2 on all access points
D. Use TACACS+ authentication

Answer 18

B. Enable DHCP guard to detect rogue servers

Enabling DHCP guard will protect the network from another rogue AP in all the ports. Disabling unused ports will just protect unused ports, it’s a good option but it doesn’t erradicates the issue.

Question 19

19. Which of the following provides the ability to deploy consistent access point configurations from a central location?

A. Wireless controller
B. AAA server
C. WiFi-protected setup
D. Proxy server
E. VPN concentrator

Answer 19

A. Wireless controller

What Is a Wireless LAN Controller?
A wireless LAN controller, or WLAN controller, monitors and manages wireless access points in bulk and allows wireless devices to connect to WLAN, a wireless network architecture. As a centralized device in the network, the wireless LAN controller is usually located at the data center, to which all the wireless APs on the network are directly or indirectly connected.

How a Wireless LAN Controller Functions?
The wireless access controller takes the bandwidth produced coming from a router and stretches it to fit the network needs. Similar to an amplifier in a stereo system, the wireless controller allows devices from farther distances to connect. Besides, it enables the network administrators to check all the data related to the network and is able to detect rogue access points and recent traps generated by the access points.

Question 20

20. A network technician is configuring a wireless network at a branch office. Users at this office work with large files and must be able to access their files on the server quickly. Which of the following 802.11 standards provides the MOST bandwidth?

A. a
B. ac
C. g
D. n

Answer 20

B. ac

Question 21

21. A network administrator configures a router with the following IP address information:
    Gigabit Ethernet 1 Interface: 10.10.0.1/24
    Serial 0 Interface: 10.10.0.253/30
    Clients are connected to a switch on the gigabit Ethernet interface; the ISP is connected to the Serial 0 interface. When the router configuration is complete and client devices are reconfigured, all clients report that they are unable to connect to the Internet. Which of the following is the MOST likely reason?

A. The router was configured with an incorrect IP address
B. The router was configured with an incorrect default gateway
C. The router was configured with an incorrect subnet mask
D. The router was configured with an incorrect loopback address

Answer 21

C. The router was configured with an incorrect subnet mask

The subnet mask is incorrectly configured.
A /30 would give you a subnet mask of 255.255.255.252
First available would be 10.10.255.253
If the (ISP) is conNECTED to the 253 itS WRONG
It should be 252 which is the network ID

Question 22

22. A penetration tester has been tasked with reconnaissance to determine which ports are open on the network. Which of the following tasks should be done FIRST? (Choose two.)

A. Network scan
B. Banner grab
C. Tracert
D. DHCP server check
E. Brute-force attack

Answer 22

A. Network scan
C. Tracert

The answer is A and C because the question is asking what they should do FIRST. Banner Grab is done AFTER you determine what systems have open ports.

First start with;
A penetration test is an active test that attempts to exploit
discovered vulnerabilities. It starts with a vulnerability scan and then
bypasses or actively tests security controls to exploit vulnerabilities.

A Network/port scanner scans systems for open ports and attempts to
discover what services and protocols are running.

Banner grabbing queries remote systems to detect their operating
system, along with services, protocols, and applications running on
the remote system.

Pick your answer this.
Tracert—A command-line tool used to trace the route between two systems.

Question 23

23. Users are reporting Internet connectivity issues. The network administrator wants to determine if the issues are internal to the company network or if there is an issue with the ISP. Which of the following tools should be used to BEST determine where the outage is occurring?

A. traceroute
B. ping
C. nslookup
D. netstat

Answer 23

A. traceroute

Using traceroute, you can see where the connection drops and determine whether that specific point is located within your network or on the way to the ISP.

Question 24

24. Which of the following is a vulnerable system designed to detect and log unauthorized access?

A. SIEM
B. Honeypot
C. DMZ
D. Proxy server

Answer 24

A. SIEM

Security information and event management (SIEM) gather and analyze the log data you send to it.

Security Information and Event Management (SIEM) software has been in use in various guises for over a decade and has evolved significantly during that time. SIEM solutions provide a holistic view of what is happening on a network in real-time and help IT teams to be more proactive in the fight against security threats.

What is unique about SIEM solutions is that they combine Security Event Management (SEM) - which carries out analysis of event and log data in real-time to provide event correlation, threat monitoring an incident response - with Security Information Management (SIM) which retrieves and analyzes log data and generates a report. For the organization that wants complete visibility and control over what is happening on their network in real-time, SIEM solutions are critical.

In computer terminology, the term honeypot refers to a security structure or mechanism that is built to deflect the attackers. In other words, a honeypot is there to distract the attackers from valuable assets of the organization.

Honeypot can be defined as a system that is attached to the network. It is set up to be a decoy. It lures the hackers and wastes their time as they try to gain unauthorized access to the network or systems of the organization.

Question 25

25. According to the OSI model, at which of the following layers is data encapsulated into a packet? ``` A. Layer 2 B. Layer 3 C. Layer 4 D. Layer 5 E. Layer 6 ```

Answer 25

B. Layer 3 Some People Fear Birthdays ``` Start at layer four and work down: Some -- Segments People -- Packets Fear -- Frames Birthdays -- Bits ``` Some -- Segments --> Layer 4 Transport Layer: Datagram (UDP) or Segment (TCP) People -- Packets --> Layer 3 Network Layer: Packet (IP) Fear -- Frames --> Layer 2 Data Link Layer: Frame Birthdays -Bits --> Layer 1 Physical Layer: Bit

Question 26

``` 26. Which of the following WAN technologies is MOST preferred when developing a VoIP system with 23 concurrent channels? A. DSL B. POTS C. T1 D. DOCSIS ```

Answer 26

C. T1 OBJ-2.5: A T1 can transmit 24 telephone calls at a time because it uses a digital carrier signal (DS-1). DS-1 is a communications protocol for multiplexing the bit streams of up to 24 telephone calls simultaneously. The T1's maximum data transmission rate is 1.544 Mbps. DOCSIS is the standard for a cable modem. DSL is a Digital Subscriber Line which has variable speeds from 256 Kbps and up. POTS is the Plain Old Telephone System, and provides only a single phone connection at a time. Out of these options, the T1 is the BEST to ensure you can reliably provide 23 simultaneous phone connections.

Question 27

27. Which of the following security mechanisms dynamically assigns a Layer 2 address and restricts traffic only to that Layer 2 address? A. Sticky MAC B. 802.1x C. ACL D. NA

Answer 27

A. Sticky MAC Persistent MAC learning, also known as Sticky MAC, is a port security feature that enables an interface to retain dynamically learned MAC addresses when the switch is restarted or if the interface goes down and is brought back online. This is a security feature that can be used to prevent someone from unplugging their office computer and connecting their own laptop to the network jack without permission since the switch port connected to that network jack would only allow the computer with the original MAC address to gain connectivity using Sticky MAC.

Question 28

28. A junior network technician is setting up a new email server on the company network. Which of the following default ports should the technician ensure is open on the firewall so the new email server can relay email? A. 23 B. 25 C. 110 D. 143

Answer 28

B. 25 This is clearly the function of SMTP (25). POP (110) and IMAP (143) are used in receiving and retrieving emails, respectively. The question clearly asks which port is to be left open so the server can relay/send emails.

Question 29

29. In a service provider network, a company has an existing IP address scheme. Company A's network currently uses the following scheme: Subnet 1: 192.168.1.0/26 Subnet 2: 192.168.1.65/26 Company B uses the following scheme: Subnet 1: 192.168.1.50/28 The network administrator cannot force the customer to update its IP scheme. Considering this, which of the following is the BEST way for the company to connect these networks? A. DMZ B. PAT C. NAT D. VLAN

Answer 29

C. NAT in a nutshell: when you are at home on your private network your devices have a private Ip normally in the 192.168.1.0/24 range. These devices use their assigned private ip's to communicate locally however when a private ip needs to talk to a website like amazon, NAT will assigns/masks/translates (however you want to say it) that private IP to your public IP. Your public ip is provided by your ISP. NAT was created to address the ever depleting usable IPv4 address

Question 30

30. A network engineer is designing a new network for a remote site. The remote site consists of ten desktop computers, ten VoIP phones, and two network printers. In addition, two of the desktop computers at the remote site will be used by managers who should be on a separate network from the other eight computers. Which of the following represents the BEST configuration for the remote site? A. One router connected to one 24-port switch configured with three VLANS: one for the managers computers and printer, one for the other computers and printer, and one for the VoIP phones B. Two routers with each router connected to a 12-port switch, with a firewall connected to the switch connected to the managers desktop computers, VoIP phones, and printer C. One router connected to one 12-port switch configured for the managers computers, phones, and printer, and one 12-port switch configured for the other computers, VoIP phones, and printer D. One router connected to one 24-port switch configured with two VLANS: one for the managers computers, VoIP phones, and printer, and one for the other computers, VoIP phones, and printer

Answer 30

A. One router connected to one 24-port switch configured with three VLANS: one for the managers computers and printer, one for the other computers and printer, and one for the VoIP phones. One 24-port router and 3 VLANs is the most correct solution. Remote site hosts 22 devices so 24 ports are needed. Management gets one VLAN, remaining users get another, and phones also get another. Getting two routers is incorrect as this is not cost effective. Connecting a firewall only to one router is not feasible for security. This setup also does not split each group by network. Single 12-port router for each group is incorrect; this is neither efficient nor cost effective. 24-port router with two VLANs is incorrect; there are not enough VLANs to properly separate hosts.

Question 31

``` 31. A network technician is troubleshooting an end-user connectivity problem. The network technician goes to the appropriate IDF but is unable to identify the appropriate cable due to poor labeling. Which of the following should the network technician use to help identify the appropriate cable? A. Tone generator B. Multimeter C. OTDR D. Loopback adapter ```

Answer 31

A. Tone generator Tone generator is the most correct answer. A tone generator sends a signal through a cable so a technician can find its termination easier. A multimeter checks and measures electrical signals and is incorrect. An OTDR is incorrect as it would not help the technician identify the cable termination. A loopback adapter is incorrect as this only allows testing of the local host device.

Question 32

32. A network technician is considering opening ports on the firewall for an upcoming VoIP PBX implementation. Which of the following protocols is the technician MOST likely to consider? (Choose three.) ``` A. SIP B. NTP C. H.323 D. SMB E. ICMP F. RTP G. IPSec H. RDP ```

Answer 32

A. SIP C. H.323 F. RTP SIP, H.323, and RTP are the most correct answers. Session Initiation Protocol is used for multimedia communication sessions. H.323 is used to define how real-time audio, video and data information is transmitted. It provides signaling, multimedia and bandwidth control mechanisms over RTP. Real-time Transport Protocol is a packet-formatting standard for delivering audio and video over the Internet, and is popularly implemented for VoIP solutions. NTP is incorrect; Network Time Protocol's functions are not relevant to a VoIP PBX. SMB is incorrect; Server Message Block is a Windows protocol for sharing access to files and printers between hosts. ICMP is incorrect; Internet Control Message Protocol is not relevant to the functions of a PBX. IPsec is incorrect; IP security is not relevant to the function of the PBX. RDP is incorrect; Remote Desktop Protocol features are not relevant to the function of the PBX.

Question 33

33. A network technician notices the site-to-site VPN and Internet connection have not come back up at a branch office after a recent power outage. Which of the following is an out-of-band method the technician would MOST likely utilize to check the branch offices router status? A. Use a modem to console into the router B. Walk a user through troubleshooting the connection C. Travel to the branch office D. Hire a contractor to go on-site

Answer 33

A. Use a modem to console into the router

Question 34

34. A device operating at Layer 3 of the OSI model uses which of the following protocols to determine the path to a different network? ``` A. STP B. RTP C. RIP D. NTP E. SIP ```

Answer 34

C. RIP RIP is the most correct answer. Routing Information Protocol is used at the Network layer to determine the next hop for a travelling packet. STP is incorrect; Spanning Tree Protocol is a Data Link layer protocol. RTP is incorrect; Remote Desktop Protocol is an Application layer protocol and has no bearing on where data routes to. NTP is incorrect; Network Time Protocol is not relevant to routing in this context. SIP is incorrect; Session Initiation Protocol is an Application layer protocol designed to establish connections for multimedia communication sessions.

Question 35

35. A network administrator is setting up a web-based application that needs to be continually accessible to the end users. Which of the following concepts would BEST ensure this requirement? A. High availability B. Snapshots C. NIC teaming D. Cold site

Answer 35

A. High availability Key words "continually accessible" This makes option A most appropriate.

Question 36

36. Which of the following devices should a network administrator configure on the outermost part of the network? A. Media converter B. Switch C. Modem D. Firewall

Answer 36

D. Firewall

Question 37

37. A company finds that many desktops are being reported as missing or lost. Which of the following would BEST assist in recovering these devices? A. Asset tracking tags B. Motion detectors C. Security guards D. Computer locks

Answer 37

A. Asset tracking tags The tags are entered into a tracking database, which also usually has a map of the coverage area so that a particular asset can be located.

Question 38

38. A technician is connecting a router directly to a PC using the G1/0/1 interface. Without the use of auto-sensing ports, which of the following cables should be used? A. Straight-through B. Console C. Rollover D. Crossover

Answer 38

D. Crossover ``` Router to router cross Pc to router cross switch to switch cross pc to switch straight switch to router straight ``` "...without the use of autosensing ports...". If you had autosensing ports then you could use a straight cable

Question 39

``` 39. A technician is diagnosing an issue with a new T1 connection. The router is configured, the cable is connected, but the T1 is down. To verify the configuration of the router, which of the following tools should the technician use? A. Loopback adapter B. Cable tester C. Tone generator D. Multimeter ```

Answer 39

A. Loopback adapter Loop back adapters are used to test T1 lines. The question is asking for 'to verify the configuration of the router' which only leaves us with A.

Question 40

40. Which of the following policies would Joe, a user, have to agree to when he brings in his personal tablet to connect to the company's guest wireless Internet? A. NDA B. IRP C. BYOD D. SLA

Answer 40

C. BYOD Bring your own device (BYOD) refers to the trend of employees using personal devices to connect to their organizational networks and access work-related systems and potentially sensitive or confidential data. Personal devices could include smartphones, personal computers, tablets, or USB drives.

Question 41

41. A network technician receives a call from a user who is experiencing network connectivity issues. The network technician questions the user and learns the user brought in a personal wired router to use multiple computers and connect to the network. Which of the following has the user MOST likely introduced to the network? A. Rogue DHCP server B. Evil twin C. VLAN mismatch D. Honeypot

Answer 41

A. Rogue DHCP server Rogue DHCP server is the most correct answer. The user's router is distributing its own DHCP leases to the hosts, causing conflict when these devices try to access the network. Evil twin is incorrect. Evil twin is an AP placed outside a network disguised as a legitimate network point to gather sensitive information from baited users. VLAN mismatch is incorrect, though the hosts past the user's router may not be able to gather VLAN data because of the router. Honeypot is incorrect; a honeypot is deployed by a network to bait attackers into wasting time in a false network environment instead of the real one.

Question 42

42. A technician is setting up a direct connection between two older PCs so they can communicate but not be on the corporate network. The technician does not have access to a spare switch but does have spare Cat 6 cables, RJ-45 plugs, and a crimping tool. The technician cuts off one end of the cable. Which of the following should the technician do to make a crossover cable before crimping the new plug? A. Reverse the wires leading to pins 1 and 2 B. Reverse the wires leading to pins 1 and 3 C. Reverse the wires leading to pins 2 and 3 D. Reverse the wires leading to pins 2 and 4

Answer 42

B. Reverse the wires leading to pins 1 and 3 This question is weird because of the "older PC" part, so only 4 pins should be used. However, for traditional Crossover Cable for memorization, I think of these rules: 1) reverse 1/3 2) reverse 2&6 3) -3 brown (pin 7 -> pin 4 / pin 8 -> pin 5) 4) +3 blue (pin 4 -> pin 7 / pin 5 -> pin 8) Or T568A -> T568B

Question 43

43. Which of the following is the number of broadcast domain that are created when using an unmanaged 12-port switch? ``` A. 0 B. 1 C. 2 D. 6 E. 12 ```

Answer 43

B. 1 The switch creates 12 collision domains and 1 broadcast domain. A switch creates a single broadcast domain, not separate broadcast domains so any answer with 12 broadcast domains is incorrect.

Question 44

44. The Chief Information Officer (CIO) has noticed the corporate wireless signal is available in the parking lot. Management requests that the wireless network be changed so it is no longer accessible in public areas, without affecting the availability inside the building. Which of the following should be changed on the network? A. Power levels B. Overcapacity C. Distance limitations D. Channel overlap

Answer 44

A. Power levels

Question 45

45. A network technician is assisting the security team with some traffic captures. The security team wants to capture all traffic on a single subnet between the router and the core switch. To do so, the team must ensure there is only a single collision and broadcast domain between the router and the switch from which they will collect traffic. Which of the following should the technician install to BEST meet the goal? A. Bridge B. Crossover cable C. Hub D. Media converter

Answer 45

C. Hub " team must ensure there is only a single collision and broadcast domain between the router and the switch from which they will collect traffic" That's your clue.

Question 46

46. A network engineer wants to segment the network into multiple broadcast domains. Which of the following devices would allow for communication between the segments? A. Layer 2 switch B. Layer 3 switch C. Bridge D. Load balancer

Answer 46

B. Layer 3 switch L3 switch because L3 switch will acts as a switch to connect devices that are on the same subnet or virtual LAN into multiple broadcast domain (router).

Question 47

47. Based on networks 10.8.16.0/22 and 10.8.31.0/21, which of the following is the BEST summarized CIDR notation? A. 10.8.0.0/16 B. 10.8.0.0/19 C. 10.8.0.0/20 D. 10.0.0.0/24

Answer 47

A. 10.8.0.0/16 The Answer is A the only thing you need to know is what they have in common and that would be only the first 2 octets so CIDR notation tells you 16 uses the full range of the first 2 Octets.

Question 48

48. A technician discovers that multiple switches require a major update. Which of the following policies should be followed? A. Change management policy B. Remote access policy C. Acceptable use policy D. Memorandum of understanding

Answer 48

A. Change management policy

Question 49

49. A technician is troubleshooting a point-to-point fiber-optic connection. The technician is at a remote site and has no connectivity to the main site. The technician confirms the switch and the send-and-receive light levels are within acceptable range. Both fiber SFPs are confirmed as working. Which of the following should the technician use to reveal the location of the fault? A. OTDR B. Light meter C. Tone generator D. CSU/DSU

Answer 49

A. OTDR OTDR is the most correct solution. The wording of the question gives it away; an optical time-domain reflectometer will help you find faults in a fiber line. A light meter is incorrect; the technician has already established light levels are sufficient. A tone generator is incorrect; the technician would need to go to the far end of the fiber to verify tone. Still, it is established that light levels are sufficient. CSU/DSU is incorrect. A Channel service unit/data service unit connects serial ports on a router to an ISP's network and to the demarc.

Question 50

50. A Chief Information Officer (CIO) wants to move some IT services to a cloud service offering. However, the network administrator still wants to be able to control some parts of the cloud services networking components. Which of the following should be leveraged to complete this task? A. IaaS B. PaaS C. SaaS D. DaaS

Answer 50

B. PaaS PaaS is a service model that provides you with a platform to develop or to upload your own applications, you're able to deploy and manage the application over the platform they provide, but you're not able to control the cloud infrastructure and resources the cloud is providing to maintain the platform. The net admin just wants to be able to have that platform available to burst some of the data center applications during peak hours

Question 51

51. Client PCs are unable to receive addressing information from a newly configured interface on a router. Which of the following should be added to allow the clients to connect? A. DHCP lease time B. IP helper C. TTL D. DNS record type

Answer 51

B. IP helper Mike Meyers Network + book page 406: "Cisco implements DHCP relay through a configuration command called IP helper (the command is technically ip helper-address)."

Question 52

52. When enabling jumbo frames on a network device, which of the following parameters is being adjusted? A. Speed B. Duplex C. MTU D. TTL

Answer 52

C. MTU MTU is the most correct answer. The maximum transmission unit is the largest protocol data unit (PDU) that can be sent over a single network layer transaction. Speed is incorrect; network speed has no bearing on jumbo frames. Duplex is incorrect; duplexing has no bearing on jumbo frames but instead defines when communication can occur. TTL is incorrect; the time to live or hop count of data defines how long data can persist in a network. Once this limit is met, the data is discarded.

Question 53

53. A technician logs onto a system using Telnet because SSH is unavailable. SSH is enabled on the target device, and access is allowed from all subnets. The technician discovers a critical step was missed. Which of the following would allow SSH to function properly? A. Perform file hashing B. Generate new keys C. Update firmware D. Change default credentials

Answer 53

B. Generate new keys Generating new keys is the most correct answer. SSH uses RSA public key infrastructure for both signature and encryption. With new keys the technician's device should have no issue using SSH to access the remote system. File hashing is incorrect. This has no impact on connectivity. Updating firmware is incorrect. This is too broad a measure and may require a change document. Changing default credentials is incorrect. Since the remote system is already up it is implied that its default credentials are already changed.

Question 54

54. A network administrator wants to ensure sensitive data is not exfiltrated from the system electronically. Which of the following should be implemented? A. DLP B. AUP C. NDA D. SLA

Answer 54

A. DLP DLP is the most correct solution. Data Loss Prevention can be a hardware or software solution that actively combs outbound traffic, including email, for sensitive data and stops any violating traffic. AUP is incorrect; while an acceptable use policy would strongly deter would-be leakers, it does not do so outright. NDA is incorrect. A non-disclosure agreement would legally prohibit internal staff from divulging sensitive information it does not do so outright, legal interventions aside. SLA is incorrect. A service level agreement is a contract between a service provider and client on what each party expects from the other (money for Internet access and tech support, mean time between failures, expected downtime, etc.)

Question 55

55. An office network consists of one two-port router connected to a 12-port switch. A four-port hub is also connected to the switch. On this particular network, which of the following is the number of collision domains that exist? ``` A. 3 B. 12 C. 13 D. 14 E. 15 ```

Answer 55

D. 14 The router has one collision domain, the hub has one collision domain and the switch has one collision domain per port. That makes 14 (1(router)+1(hub)+12(switch)=14)

Question 56

56. A network technician wants to remotely and securely access the desktop of a Linux workstation. The desktop is running remote control software without encryption. Which of the following should the technician use to secure the connection? A. SSH in tunnel mode B. RDP set to console connection C. EAP-PEAP D. SFTP

Answer 56

A. SSH in tunnel mode ``` Secure Shell (SSH) for Linux-based machines Remote Desktop Protocol (RDP) for Windows-based machines. ssh in tunnel mode is the same as port forwarding, ```

Question 57

57. Which of the following should current network performance be compared against to determine network anomalies? A. Baseline B. Traffic analysis C. Packet capture D. Logs

Answer 57

A. Baseline Network baselining is the act of measuring and rating the performance of a network in real-time situations. Providing a network baseline requires testing and reporting of the physical connectivity, normal network utilization, protocol usage, peak network utilization, and average throughput of the network usage. Such in-depth network analysis is required to identify problems with speed and accessibility, and to find vulnerabilities and other problems within the network. Once a network baseline has been established, this information is then used by companies and organizations to determine both present and future network upgrade needs as well as assist in making changes to ensure their current network is optimized for peak performance.

Question 58

58. A network administrator configures an email server to use secure protocols. When the upgrade is completed, which of the following ports on the firewall should be configured to allow for connectivity? (Choose three.) ``` A. TCP 25 B. TCP 110 C. TCP 143 D. TCP 389 E. TCP 587 F. TCP 993 G. TCP 995 ```

Answer 58

E. TCP 587 F. TCP 993 G. TCP 995 587 is SMTP 993 is IMAP over SSL 995 is POP3 over SSL 995 TCP - Post Office Protocol 3 over TLS/SSL (POP3S) (Official) 993 TCP - Internet Message Access Protocol over SSL (IMAPS) (Official) 587 TCP - e-mail message submission (SMTP) 443 TCP - HTTPS (Hypertext Transfer Protocol over SSL/TLS)

Question 59

59. After a server outage, a technician discovers that a physically damaged fiber cable appears to be the problem. After replacing the cable, the server will still not connect to the network. Upon inspecting the cable at the server end, the technician discovers light can be seen through one of the two fiber strands. Which of the following should the technician do FIRST to reconnect the server to the network? A. Reverse the fiber strands of the cable and reconnect them to the server B. Use a TDR to test both strands of a new replacement cable prior to connecting it to the server C. Replace the servers single-mode fiber cable with multimode fiber D. Move the fiber cable to different port on the switch where both strands function

Answer 59

A. Reverse the fiber strands of the cable and reconnect them to the server Tx and Rx sides are flipped, and need to be crisscrossed on the server side to be able to produce a signal.

Question 60

60. The backup server connects to a NAS device using block-level storage over Ethernet. The performance is very slow, however, and the network technician suspects the performance issues are network related. Which of the following should the technician do to improve performance? A. Utilize UDP to eliminate packet overhead B. Turn off MDIX settings on the NAS and server switchports C. Enable jumbo frames on the NAS and server D. Encapsulate the storage traffic in a GRE tunnel

Answer 60

C. Enable jumbo frames on the NAS and server you're reducing packet overhead by enabling jumbo frames. Block storage is a category of data storage mostly used in storage area network (SAN) environments, where data is saved in huge volumes known as blocks. Each block in block storage is configured by a storage administrator and acts like an individual hard drive.

Question 61

61. A technician is trying to determine the IP address of a customers router. The customer has an IP address of 192.168.1.55/24. Which of the following is the address of the customer's router? ``` A. 192.168.0.55 B. 192.168.1.0 C. 192.168.1.1 D. 192.168.5.5 E. 255.255.255.0 ```

Answer 61

C. 192.168.1.1 The subnet mask is /24 which means that this is a classfull ip address so traditionally the router would be the first IP address in the node space which is 192.168.1.1. The broadcast address would be the last IP in the node space which is 192.168.1.255. The nodes on the subnet which would be devices would populate the 192.168.1.2 - 192.168.1.254 space.

Question 62

62. A network technician is able to connect the switches between two offices, but the offices cannot communicate with each other, as each office uses a different IP addressing scheme. Which of the following devices needs to be installed between the switches to allow communication? A. Bridge B. Access point C. Router D. Range extender

Answer 62

C. Router if switches are already connected MDF-IDF setup then 802.1Q (aka Dot1q)is needed so l3 device is required base on answers pick router to be correct.

Question 63

63. A network technician is working on a proposal for email migration from an on-premises email system to a vendor-hosted email in the cloud. The technician needs to explain to management what type of cloud model will be utilized with the cloud-hosted email. Which of the following cloud models should the technician identify in the proposal? A. IaaS B. PaaS C. SaaS D. MaaS

Answer 63

C. SaaS

Question 64

64. Which of the following is the correct port number for NTP? A. 25 B. 69 C. 123 D. 161

Answer 64

C. 123 NTP uses UDP port 123. SMTP uses TCP port 25. TFTP uses UDP port 69. SNMP uses UDP port 161.

Question 65

65. A network technician is connecting two switches together. Which of the following protocols should the technician use to increase speed and fault tolerance? A. SIP B. BGP C. LACP D. LLDP

Answer 65

C. LACP LACP is the most correct answer. Link Aggregation Control Protocol can combine multiple physical ports together to make a single local channel. It allows for both redundancy and load balancing. SIP is incorrect; Session Initiation Protocol is for establishing multimedia connections and would have no impact on speed or fault tolerance. BGP is incorrect; Border Gateway Protocol is meant for linking routers and would be inappropriate to resolve the needs outlined here. LLDP is incorrect; Link Layer Discovery Protocol is used in local Ethernet networks for advertising device identity, capability, and neighbours, defined in 802.1AB. This would help organize network paths but do not increase speed or fault tolerance.

Question 66

66. A company has a web-based application that is used by many different departments. The company has experienced some overload of resources on the database server. The network administrator implements a network device in between the servers and the database. Which of the following BEST describes the purpose of this device? A. Content filtering and network analysis B. Load balancing and providing high availability C. Port sniffing and protocol analysis D. Clustering and NIC teaming

Answer 66

B. Load balancing and providing high availability Keyword is "overload of resources" and the only plausible answer for that would be load balancing

Question 67

67. A technician is replacing a switch at a branch office and discovers the existing backbone cable does not fit in the new switch. The fiber patch panel has circular connections. The new switch has a transceiver that accepts a smaller square adapter of two strands. Which of the following patch cables would the technician need to complete the installation? ``` A. LC to SC B. SC to ST C. LC to ST D. ST to ST E. SC to SC ```

Answer 67

C. LC to ST ``` Local Connectors are two-pronged square fiber connectors. This matches the transceiver at the switch which calls for a square two-strand adapter. Straight Tip connectors are round with the fiber tip extruding out. This corresponds to the circular connections in the patch panel. Square Connector (SC) is square but only has one fiber end at each connector. This does not satisfy either media requirement. ```

Question 68

68. A computer lab on a campus network was recently reconfigured using recycled network cables. One of the 24 computers in the lab is unable to connect to the network after the upgrade. A network technician successfully uses the cable in question to connect directly to another computer. Which of the following is MOST likely the issue with the cable? A. The cable is a crossover cable B. The cable is a rollover cable C. The cable has bent pins D. The cable is a Cat 5 cable

Answer 68

A. The cable is a crossover cable

Question 69

69. Which of the following is a reason why a business may be hesitant to move sensitive data to a SaaS cloud service? A. Decreased performance of the internal network B. Loss of full control over data resources C. Increased malware exposure D. Incompatibility with the current network

Answer 69

B. Loss of full control over data resources

Question 70

70. Users have been experiencing slow network response times, and management has asked the network technician to provide evidence of network improvement. After optimizing the network, which of the following would be required? A. IDF/MDF documentation B. Change management C. Performance baseline D. Physical diagram

Answer 70

C. Performance baseline

Question 71

71. A network technician has created a network that consists of a router, a firewall, a switch, and several PCs. Which of the following physical network topologies was created? A. Star B. Mesh C. Ring D. Bus

Answer 71

D. Bus Mike Myers chapter 2 about physical network. Star is just with the device in the middle, but the firewall/router/switch lineup makes it a BUS.

Question 72

73. A technician is setting up a branch office on a point-to-point connection. Which of the following IP network blocks is the MOST efficient use of IP address space for the router connections between the two sites? A. /24 B. /25 C. /30 D. /32

Answer 72

C. /30 The key phrase in this question is "point-to-point connection." This means that 2 nodes must communicate. The answer is /30 with a total of 4 IP addresses where only 2 IP addresses can be used.

Question 73

73. A technician is upgrading the firmware on an older KVM switch. The specifications call for a serial port to connect to the computer on one side, and an Ethernet jack to connect to the switch on the other side. Which of the following connectors does the technician need for this cable? (Choose two.) ``` A. RG-9 B. DB-9 C. RJ-11 D. DB-25 E. RJ-45 F. BNC ```

Answer 73

B. DB-9 E. RJ-45 DB-9 to connect to the serial port on the computer, RJ-45 to connect to the console port on the router

Question 74

74. An end-user device requires a specific IP address every time it connects to the corporate network; however, the corporate policy does not allow the use of static IP addresses. Which of the following will allow the request to be fulfilled without breaking the corporate policy? A. DHCP relay B. DHCP exclusion C. DHCP option D. DHCP reservation

Answer 74

D. DHCP reservation DHCP Servers support something called a “DHCP Reservation”, which essentially allows you to provide a pre-set IP address to a specific client based on its physical MAC address. This means that the device will always get the same IP address and it will never change (whereas they typically do on occasion)

Question 75

75. A technician is planning a remote-access strategy to manage routers and switches on a dedicated management network. The management network is segregated from the production network and uses site-to-site VPN connections. Some of the equipment does not support encryption. Which of the following should the technician choose that all the equipment would support? A. Telnet B. SSL C. SSH D. IPSec

Answer 75

A. Telnet The goal here is to plan a "remote-access strategy." VPN is already enabled for both sites meaning that IPSec is currently in use. From here, SSL and IPSec should be eliminated from the answer choices leaving you with SSH and TELNET. Since "some of the equipment does not support encryption", then the common denominator would be TELNET. I think these are one of those tricky questions that can force your attention elsewhere.

Question 76

76. Which of the following protocols do MOST MITM attacks utilize? A. ARP B. SIP C. FTP D. SCP

Answer 76

A. ARP ARP spoofing is a Man In The Middle (MITM) attack in which the attacker (hacker) sends forged ARP Messages. This allows the attacker to pretend as a legitimate user as it links the attacker machine's MAC Address to the legitimate IP Address.

Question 77

77. An ISP technician gets a call from a business that just changed equipment but can no longer connect to the Internet. The technician checks the ARP table on the ISP switch, and there is no corresponding MAC address present. Instead, the entry is Incomplete. Which of the following could cause this condition? A. VLAN mismatch B. Duplex/Speed mismatch C. Duplicate IP address D. TX/RX reverse

Answer 77

B. Duplex/Speed mismatch The question states that the equipment is changed so think something physical like cabling. Change the cables or if they are damaged or not properly installed can effect speed. VLAN is virtual on network so should not have changed since question is physical. tx rx rev is just transmit and receive flipped, duplicate IP is an APIPA. So B is the answer. just my logic hope it helps.

Question 78

78. A systems administrator has recently purchased and installed a large electronic signage screen for the company's parking garage. The screens management software was installed on a server with a public IP address to allow remote management. The systems administrator is now troubleshooting an issue with the screen displaying unknown, random, and inappropriate messages. Which of the following is MOST effective in resolving this issue? A. Changing the management software default credentials B. Disabling unnecessary services from the server and management software C. Changing the management software default port D. Replacing the management software self-signed certificate with a valid certificate

Answer 78

A. Changing the management software default credentials

Question 79

79. A technician is investigating a server performance issue. The technician has gathered the server utilization statistics. Which of the following should the technician use to determine which statistics are not in the normal range? A. Baseline review B. Vulnerability scan C. System life-cycle report D. Archiving logs

Answer 79

A. Baseline review

Question 80

80. Which of the following devices, if implemented, would result in decreased administration time of an 802.11 network running centralized authentication services? (Choose two.) ``` A. VPN concentrator B. Proxy server C. Wireless controller D. RADIUS server E. Multilayer switch ```

Answer 80

C. Wireless controller | D. RADIUS server

Question 81

81. A technician must determine if a web page users visits are connecting to a suspicious websites IP address in the background. Which of the following tools would provide the information on TCP connections? ``` A. netstat B. tracert C. arp D. ipconfig E. route ```

Answer 81

A. netstat netstat is the most correct answer. Netstat displays inbound and outbound TCP connections, along with routing tables, interface, and network protocol stats. tracert is incorrect; this command traces the network path between the host and a target address. arp is incorrect; this command correlates to the IP to Physical address translation tables used by ARP. ipconfig is incorrect; this only shows local interface details and IP addresses. route is incorrect; this only allows viewing and manipulation of the host's IP routing table.

Question 82

82. An administrator is moving to a new office. There will be several networks runs through the ceiling area of the office. Which of the following is the BEST to utilize in these areas? A. Single-mode fiber-optic cabling B. Cat 5e-rated cabling C. Cat 6-rated cabling D. Plenum-rated cabling

Answer 82

D. Plenum-rated cabling Plenum helps reduce the chances of people dying from toxic fumes when a building is burning down. If its going into the walls, use plenum.

Question 83

83. A network technician receives a spool of Cat 6a cable and is asked to build several cables for a new set of Ethernet runs between devices. Which of the following tools are MOST likely needed to complete the task? (Choose three.) ``` A. Wire stripper B. Cable crimper C. RJ-11 connectors D. RJ-45 connectors E. Multimeter F. Punchdown tool G. Tone generator ```

Answer 83

A. Wire stripper B. Cable crimper D. RJ-45 connectors

Question 84

84. As part of a transition from a static to a dynamic routing protocol on an organization's internal network, the routing protocol must support IPv4 and VLSM. Based on those requirements, which of the following should the network administrator use? (Choose two.) ``` A. OSPF B. IS-IS C. RIPv1 D. BGP E. VRRP ```

Answer 84

A. OSPF B. IS-IS OSPF and IS-IS are the most correct answers. Open Shortest Path First is a link state interior gateway protocol designed to find the fastest route through a network. Intermediate System to Intermediate System is an interior gateway protocol designed for efficient movement of information. RIPv1 is incorrect; RIPv1 does not support VLSM. Border Gateway Protocol is incorrect; while it can be used internally, it is mainly for exterior routing and WAN links. Virtual Router Redundancy Protocol is incorrect; each VRRP instance will only work on a single subnet. The requirement implies multiple subnet masks will be in use, so VRRP would not be as effective here.

Question 85

85. A telecommunications provider has just deployed a new OC-12 circuit at a customer site. While the circuit showed no errors from the provider end to the customer's demarcation point, a network administrator is trying to determine the cause of dropped packets and errors on the circuit. Which of the following should the network administrator do to rule out any problems at Layer 1? (Choose two.) A. Use a loopback at the demark and router, and check for a link light B. Use an OTDR to validate the cable integrity C. Use a pinout tester to validate the cable integrity D. Use a multimeter to validate the cable integrity E. Check for any devices that may be causing EMI on the cable F. Clean the cables to be sure they are free of dust and debris

Answer 85

A. Use a loopback at the demark and router, and check for a link light B. Use an OTDR to validate the cable integrity Loopback is layer 1, and it's a reasonable step of troubleshooting the connection. You'd naturally test the cable after deployment, especially if there were issues with it, and OC is fiber so OTDR. Troubleshooting Physical Connectivity Issues The list of faults that come under this category are: Improper connection of cables Router, switch or hub port is faulty or down. Traffic overload on the link or particular interface. Configuration issue at layer-1.

Question 86

86. A single PRI can deliver multiple voice calls simultaneously using which of the following Layer 1 technologies? A. Time division multiplexing B. Analog circuit switching C. CSMA/CD D. Time division spread spectrum

Answer 86

A. Time division multiplexing' A PRI is a digital, end-to-end connections that allows for multiple, simultaneous voice, data, or video transmissions. This is achieved through a physical line or circuit. The physical circuit, a cable containing two pairs of copper wires, provides 23 channels for data and or voice

Question 87

87. A network technician is diagnosing a time-out issue generated from an end users web browser. The web browser issues standard HTTP get and post commands to interact with the website. Given this information, the technician would like to analyze the entire TCP handshake of the HTTP requests offline. Which of the following tools would allow the technician to view the handshake? A. Packet analyzer B. Port analyzer C. SNMP traps D. Spectrum analyzer

Answer 87

A. Packet analyzer

Question 88

88. A customer cannot access a companys secure website. The company's network security is reviewing the firewall for the server and finds the following output: Which of the following changes should be made to allow all customers to access the company's secure website? A. Allow any any 10.5.0.10 443 B. Allow any any 12.73.15.5 443 C. Allow 10.5.0.10 443 any any D. Allow 10.5.0.10 any 10.5.0.10 80

Answer 88

C. Allow 10.5.0.10 443 any any

Question 89

89. Which of the following MUST be implemented to share metrics between routing protocols within the same router? A. Routing loop B. Routing table C. Route redistribution D. Dynamic routes

Answer 89

B. Routing table the answer is always in the details. Re-read the question. "WITHIN the same router", the correct answer is routing table. Route redistribution is the term used for translating from one routing protocol into another. An example would be where you have an old router running RIP but you have an EIGRP network. You can run route redistribution on one router to translate the RIP routes into EIGRP.

Question 90

90. An engineer is reviewing the implementation requirements for an upcoming project. The basic requirements identified by the customer include the following: ✑ WLAN architecture supporting speeds in excess of 150 Mbps ✑ Clientless remote network access ✑ Port-based network access control Which of the following solution sets properly addresses all of the identified requirements? ``` A. 802.11a, IPSec VPN, 802.1x B. 802.11ac, MPLS, 802.3 C. 802.11b, PPTP, 802.1x D. 802.11g, MS-CHAP, 802.16 E. 802.11n, SSL-VPN, 802.1x ```

Answer 90

E. 802.11n, SSL-VPN, 802.1x Key phrase "clientless remote network access". SSL-VPN can be done through a browser whereas VPN with IPSEC requires a VPN client to be installed on the computer

Question 91

91. Which of the following is used to classify network data for the purpose of providing QoS? A. STP B. VLANs C. SIP D. DSCP

Answer 91

D. DSCP DSCP is correct. The Differentiated Services Code Point is a 6-bit entry in an 8-bit differentiated services field in an IP header. This is used to classify data and help manage QoS in a network. STP is incorrect; Spanning Tree Protocol is used to provide loop avoidance. VLANs is incorrect; Virtual LANs classify and break up a network into distinct broadcast domains but do not classify the data. SIP is incorrect; Session Initiation Protocol is used to construct and deconstruct multimedia sessions.

Question 92

92. A network technician needs to separate a web server listening on port 80 from the internal LAN and secure the server from the public Internet. The web server should be accessible to the public Internet over port 80 but not the private LAN. Currently, the network is segmented with a network-based firewall using the following IP addressing scheme on each interface: Which of the following ones should the technician use to place the webserver and which of the following firewall rules should the technician configure? A. Place the web server in the public zone with an inbound rule from eth0 interface to accept traffic over port 80 designated to the web server B. Place the web server in the DMZ with an inbound rule from eth0 interface to eth1 to accept traffic over port 80 designated to the web server C. Place the web server in the private zone with an inbound rule from eth2 interface to eth1 to accept traffic over port 80 designated to the web server D. Place the web server in the DMZ with an inbound rule from eth1 interface to eth0 to accept traffic over port 80 designated to the web server

Answer 92

B. Place the web server in the DMZ with an inbound rule from eth0 interface to eth1 to accept traffic over port 80 designated to the web server

Question 93

93. A company recently upgraded all of its printers to networked multifunction devices. Users can print to the new devices, but they would also like the ability to scan and fax files from their computers. Which of the following should the technician update to allow this functionality? A. Device software B. Printer drivers C. Printer firmware D. NIC drivers

Answer 93

C. Printer firmware The question is on software additional functionality, which of course most printers can perform these functions. It is assumed the device software is already installed. The trick here is the keyword 'update' not 'install'. So C goes well in that respect.

Question 94

94. A disgruntled employee executes a man-in-the-middle attack on the company network. Layer 2 traffic destined for the gateway is redirected to the employee's computer. This type of attack is an example of: A. ARP cache poisoning B. IP spoofing C. amplified DNS attack D. evil twin

Answer 94

A. ARP cache poisoning

Question 95

95. The process of attempting to exploit a weakness in a network after being given permission by the company is known as: A. penetration testing B. vulnerability scanning C. reconnaissance D. social engineering

Answer 95

A. penetration testing

Question 96

96. A company has contracted with an outside vendor to perform a service that will provide hardware, software, and procedures in case of a catastrophic failure of the primary datacenter. The Chief Information Officer (CIO) is concerned because this contract does not include a long-term strategy for extended outages. Which of the following should the CIO complete? A. Disaster recovery plan B. Business continuity plan C. Service level agreement D. First responder training

Answer 96

B. Business continuity plan A business continuity plan (BCP) is a plan to help ensure that business processes can continue during a time of emergency or disaster. Such emergencies or disasters might include a fire or any other case where business cannot occur under normal conditions. A disaster recovery plan is useful (and usually a piece of the large business continuity plan), but it is insufficient for the long-term strategy which is needed to support business operations during an extended outage.

Question 97

97. A typical cell tower will have a microwave and cellular antennas. Which of the following network topologies do these represent? (Choose two.) ``` A. Point-to-multipoint B. Bus C. Point-to-point D. Mesh E. Peer-peer F. Ring ```

Answer 97

C. Point-to-point | D. Mesh

Question 98

98. A network administrator has a monitoring system in place that is currently polling hundreds of network devices at regular intervals. The continuous polling is causing high CPU utilization on the server. Which of the following tasks should the administrator perform to resolve the CPU issue while maintaining full monitoring capabilities? A. Remove SNMP polling and configure SNMP traps on each network device B. Remove SNMP polling and implement snmpwalk on each network device C. Upgrade SNMP to the latest version to mitigate vulnerabilities D. Modify SNMP polling to poll only during business hours

Answer 98

A. Remove SNMP polling and configure SNMP traps on each network device This significantly reduces your bandwidth usage. Traps in this method incorporate the information about the problem within themselves. All the traps will have the same OID, so your manager will have to process the data in the trap to be able to understand the message.

Question 99

99. A contractor is setting up and configuring conference rooms for a convention. The contractor sets up each room in the conference centre to allow wired Internet access going to individual tables. The contractor measured the distance between the hotel's patch panel to the jack, and the distance is within Cat 5e specifications. The contractor is concerned that the room will be out of specification if cables are run in each room from the wall jacks. Which of the following actions should the contractor take to ensure the cable runs meet specifications and the network functions properly? A. Place a switch at the hotel's patch panel for connecting each rooms cables B. Place a switch on each table to ensure strong connectivity C. Place repeaters between the patch panel and the rooms D. place a switch at the wall jack and run the cables in the room from there

Answer 99

A. Place a switch at the hotel's patch panel for connecting each rooms cables

Question 100

100. Users are reporting their network is extremely slow. The technician discovers pings to external hosts have excessive response times. However, internal pings to printers and other PCs have acceptable response times. Which of the following steps should the technician take NEXT? A. Determine if any network equipment was replaced recently B. Verify malware has not disabled the users PC firewalls C. Replace users network cables with known-good network cables D. Power cycle the webserver

Answer 100

A. Determine if any network equipment was replaced recently the troubleshooting process says to determine if any changes have been made to the network therefore A is the better answer.