Test 4 Flashcards by Greg M

Which of the following allow for higher fault tolerance, availability, and performance across multiple systems? (Choose two.)

A. Load balancer
B. Jumbo frames
C. Clustering
D. Round robin
E. TCP offloading

A. Load balancer

C. Clustering

How well did you know this?

Not at all

Perfectly

A technician is investigating an issue related to a single host that is unable to access the Internet. The technician records the following information: Host IP
254.1.10. The network IP address range on the DHCP server is 10.10.5.2-10.10.5.250 with a default gateway 10.10.5.1 and a DNS of 8.8.8.8. Which of the following should the technician perform to troubleshoot the issue?

A. Change the IP scope on the DHCP server to a public IP address range.
B. Perform a traceroute command to identify the router that is not functioning.
C. Verify the host has physical connectivity and is on the correct VLAN.
D. Configure the DNS address in the DHCP scope to a 10.10.5.0/24 address.

C. Verify the host has physical connectivity and is on the correct VLAN.

APPIPA doesn’t require physical connectivity. It is a locally created address for when Windows can’t reach a DHCP server for whatever reason.

How well did you know this?

Not at all

Perfectly

A network administrator wants to reduce the amount of time each user takes to log in to different systems in the network. Which of the following would reduce the time spent authenticating?

A. Kerberos
B. RADIUS
C. Certificate
D. SSO
E. MFA
F. NAC

D. SSO

How well did you know this?

Not at all

Perfectly

A network technician arrives at a remote office and is unable to connect a laptop to corporate resources using the wireless network. After checking the IP address, the network technician notices the assigned IP address does not belong to the corporate network IP scheme. Which of the following has the network technician discovered?

A. Evil twin
B. ARP poisoning
C. DHCP exhaustion
D. Social engineering

A. Evil twin

The main reason why I was able to get A as the answer is because it doesn’t mention that an APIPA address is assigned, and says the address it has isn’t in the scope provided by their servers.

How well did you know this?

Not at all

Perfectly

Which of the following is an object held within an MIB?

A. OUI
B. OTDR
C. OID
D. SNMP host
E. SNMP agent
F. SNMP trap

C. OID

Everything on a device that can be monitored by SNMP is assigned an object identifier. a management information base translates OID into readable text.

How well did you know this?

Not at all

Perfectly

Which of the following storage network technologies has the HIGHEST throughput?

A. FCoE
B. InfiniBand
C. iSCSI
D. OC3

B. InfiniBand

How well did you know this?

Not at all

Perfectly

The corporate head office has assigned the subnet of 10.1.100.0/24 to a network technician. The technician wants to create subnets for the finance department, human resources, and IT. Given the following device counts:

Finance: 70 devices -
Human resources: 38 devices -
IT: 16 devices -

Which of the following outlines how the technician should allocate the address space given?

A. Finance: 10.1.100.0/21 Human resources: 10.1.100.128/22 IT: 10.1.100.192/23
B. Finance: 10.1.100.0/23 Human resources: 10.1.100.128/22 IT: 10.1.100.192/21
C. Finance: 10.1.100.0/25 Human resources: 10.1.100.128/26 IT: 10.1.100.192/27
D. Finance: 10.1.100.0/26 Human resources: 10.1.100.128/27 IT: 10.1.100.192/28

C. Finance: 10.1.100.0/25 Human resources: 10.1.100.128/26 IT: 10.1.100.192/27

How well did you know this?

Not at all

Perfectly

A network administrator is configuring the 172.16.40.0/22 network for a new building. Which of the following is the number of hosts that will be supported on this network?

A. 510
B. 512
C. 1022
D. 1024
E. 2046
F. 2048

C. 1022

/22 = 11111111.11111111.11111100.00000000 = 1024 host - 2 network ID and broadcast = 1022 available host

How well did you know this?

Not at all

Perfectly

At which of the following layers of the OSI model does compression occur?

A. Session
B. Transport
C. Data link
D. Presentation

D. Presentation

Com-PRES-sion. PRESentation

How well did you know this?

Not at all

Perfectly

Users report that the network is slow. Upon investigation, the technician notices all users are on one large subnet. Which of the following devices should be used to break up broadcast domains?

A. Layer 2 switch
B. Layer 3 switch
C. Signal repeater
D. Bridge
E. Domain server

B. Layer 3 switch

Routers separate broadcast domains. Next best thing is a Layer 3 switch. Which operates like a router.
Layer 2 for collision, Layer 3 for Broadcast

How well did you know this?

Not at all

Perfectly

Ann, a user, reports that her desktop phone is not working on one cable. However, that cable provides connectivity to her laptop. A technician determines PoE is not provided to the end device. Which of the following is MOST likely the cause?

A. Transceiver mismatch
B. Crosstalk
C. Jitter
D. Open/short on the cable

A. Transceiver mismatch

PoE = VoIP, but without PoE the laptop works. This is due to transceiver mismatch. Crosstalk and Jitter would not give this symptom. Bad cable would not let the laptop connect.

How well did you know this?

Not at all

Perfectly

A network technician has been asked to create secure private networks between a companys headquarters and several branch locations. The company has provided the on-premises equipment, but each branch has a different ISP. Which of the following technologies should the technician consider using to accomplish this?

A. Site-to-site
B. Client-to-site
C. Point-to-point
D. Point-to-multipoint

A. Site-to-site

How well did you know this?

Not at all

Perfectly

A department is reporting network issues. Users can ping each other and the switch, but not the default gateway. When looking at a wiring diagram and a physical blueprint, a technician notices the 1000BaseLX SFP connects to a distribution switch via a cable that runs behind a large industrial refrigerator. The technician also notices both switches have been worked on recently. Which of the following is MOST likely the issue?

A. EMI
B. TX/RX reverse
C. Open/short
D. Attenuation

A. EMI

CompTIA questions and answer aren’t always going to make sense. The key is to eliminate all the they answers provided. The question says, “Which of the following is (MOST) likely the issue”. By reading the question, we can eliminate attenuation and short off top. The question also states, “users can ping each other and the switch”, meaning all cable connections are good. TX/RX reverse can’t possibly be the issue, leaving answer A, EMI. I honest don’t think its fair how they design their questions. We all are familiar with each answer and know exactly what they are but the way the questions are set up is deceitful and a lot times they can be vague.

How well did you know this?

Not at all

Perfectly

A shop owner wants to ensure that only a specified group of devices can access the wireless network. Which of the following methodologies will BEST ensure unauthorized devices cannot consume the shop owners limited Internet bandwidth?

A. Disable the SSID broadcast.
B. Implement WEP authentication.
C. Change the WiFi password.
D. Activate MAC address filtering.

D. Activate MAC address filtering.

How well did you know this?

Not at all

Perfectly

A large company uses an AAA server to manage network device access. The engineers can use their domain credentials to access all other servers. Currently, the network engineers cannot access the AAA server using domain credentials, but they can access it using a local account. Which of the following should the engineers update?

A. Host-based firewall settings
B. TACAS+ server time
C. Server IP address
D. DNS SRV record

B. TACAS+ server time

How well did you know this?

Not at all

Perfectly

A network technician has been asked to install an additional switch in an IDF, but all of the single-mode fiber is in use between the IDF and MDF. The technician has deployed new transceivers that allow for the use of a single fiber stand, providing the additional fiber needed for the new switch. Which of the following has the technician deployed?

A. 1000BaseLX SFP
B. Duplex GBIC
C. Duplex SFP+
D. Bidirectional SFP

D. Bidirectional SFP

It’s a Bi-Directional (BiDi) transceiver. Traffic in both directions on a single fiber using two different wavelengths. Reduce the number of fiber runs in half.

How well did you know this?

Not at all

Perfectly

A network administrator wants to ensure all traffic is inspected and abides by the AUP, and that malicious traffic is stopped. Which of the following features should be enabled on a firewall to meet this requirement?

A. Intrusion detection
B. Proxy service
C. Dynamic DNS
D. Content filtering

D. Content filtering

This questions is looking for a feature that “abides by the AUP” (Acceptable Use Policy) which is pertaining to employees of a company. In addition, content filtering can stop malicious traffic.

How well did you know this?

Not at all

Perfectly

A network technician has purchased a 10GBase-T switch and wishes to connect it to 30 computers with 10GB network cards. The computers are 225ft (69m) away, and all need to establish a 10 Gbps connection to meet business requirements. To minimize costs while still meeting these requirements, which of the following cable types should the technician choose?

A. Cat 5e
B. Cat 6
C. Cat 6a
D. Cat 7

C. Cat 6a

Cat6 only supports 10 Gbp/s to 165 feet (55 meters).
Cat6A supports 10 Gbp/s (Gigabits per second) up to 328 feet (100 meters).

How well did you know this?

Not at all

Perfectly

A technician is configuring a new email server and needs to modify DNS records. Which of the following records should the technician update to ensure email functions as expected?

A. MX
B. CNAME
C. AAAA
D. SRV

A. MX

How well did you know this?

Not at all

Perfectly

Which of the following BEST describes the functionality of the root guard feature on a switch?

A. BPDUs entering the root bridge are ignored.
B. The STP root bridge cannot be changed.
C. Broadcast storms entering from a root port are blocked.
D. Loop protection is enabled on the root port of a switch.

B. The STP root bridge cannot be changed.

“Unlike the BPDU Guard which will disable a port upon receipt of a BPDU, the Spanning Tree Root Guard feature will allow BPDU’s through a port to maintain the spanning tree topology, however if it receives a superior BPDU, which indicates that another switch is trying to become the root bridge it will err-disable the port.

This feature is used to protect your root bridges from misconfiguration or a layer 2 man in the middle attack.”

How well did you know this?

Not at all

Perfectly

A network administrator is adding a new WAN circuit from the ISP to a new building. In which of the following locations would the network administrator find the utility entry point?

A. DMZ
B. Data tier
C. IDF
D. Demarc

D. Demarc

How well did you know this?

Not at all

Perfectly

The help desk is receiving reports of intermittent connections to a server. A help desk technician suspects the server is unable to establish a three-way handshake due to a DoS attack. Which of the following commands should a network administrator use to confirm the help desk technicianג€™s claim?

A. nmap
B. arp
C. tcpdump
D. dig

C. tcpdump

How well did you know this?

Not at all

Perfectly

A technician discovered a company computer had a virus but was unable to remove it. The technician decided to erase the hard drive to eliminate the threat.
Which of the following policies did the technician violate?

A. Data loss prevention
B. Incident response
C. Asset disposal
D. Acceptable use

A. Data loss prevention

How well did you know this?

Not at all

Perfectly

A company hires another firm to test the integrity of its information security controls. This is an example of:

A. role separation
B. device hardening
C. risk assessment
D. penetration testing

D. penetration testing

How well did you know this?

Not at all

Perfectly

425. A network technician is troubleshooting an issue routing TCP packets to an email server. At which of the following OSI layers is the issue occurring? A. Layer 1 Physical B. Layer 3 Network C. Layer 4 Transport D. Layer 7 Application

C. Layer 4 Transport TCP and UDP works at Layer 4 of OSI Model, the transport layer

426. A vendor is installing an Ethernet network in a new hospital wing. The cabling is primarily run above the celling grid near air conditioning ducts and sprinkler pipes. Which of the following cable types is required for this installation? A. Plenum B. PVC C. Single-mode D. Cat 7

A. Plenum

427. A network technician works in a large environment with several thousand users. Due to the needs of the organization, the network manager has asked the technician to design a solution that accommodates the data needs of all the users, while keeping all data on site. Which of the following solutions should the technician implement? A. SaaS B. SAN C. NAS D. IaaS

B. SAN SAN is block based while NAS is file based. I think the key here is 'several thousand users' which indicates the need for enterprise-grade/level deployment capabilities which includes availability & redundancy

428. Which of the following can be used to prevent unauthorized employees from entering restricted areas? A. Sign-in sheets B. Video cameras C. Motion sensors D. Swipe badges

D. Swipe badges

429. A Chief Information Security Officer (CISO) has decided to implement a secure and user-friendly way to connect to the corporate wireless network. Each workstation will be authenticated individually using a unique certificate that will be deployed to the workstation by the organizations certificate authority. Which of the following authentication methods would meet this requirement? A. PEAP B. WP2-PSK C. Captive portal D. EAP-TLS

D. EAP-TLS

430. A bookstore uses a Faraday cage to comply with credit card regulations. Customers report that their cellular phones have no signal when they are in the bookstore. Which of the following is the MOST likely cause? A. The Faraday cage is creating interference within the bookstore. B. The Faraday cage prevents access by redirecting signals. C. The Faraday cage is creating latency on the cellular network. D. The Faraday cage is creating attenuation of the cellular network.

B. The Faraday cage prevents access by redirecting signals. The reception or transmission of radio waves, a form of electromagnetic radiation, to or from an antenna within a Faraday cage is heavily attenuated or blocked by the cage

431. An administrator is redesigning a companys network and wants to reduce the amount of hardware needed. Currently, all VLAN routing goes out a single switch interface to a router. Which of the following would reduce the number of devices in this configuration? A. Bridge B. Multilayer switch C. Switch D. Next-generation firewall

B. Multilayer switch

432. A network technician needs to distribute an updated OS for all network switches at company locations throughout the world. The technician wants to ensure file integrity since several locations do not have high-quality connectivity to the Internet. Which of the following methods should be used to distribute the images while ensuring integrity? A. Use a TFTP server and UDP protocol. B. Use an FTP server and provide the file hash. C. Use an HTTP server to share the file. D. Use a modem and dial-up connection.

B. Use an FTP server and provide the file hash.

433. Which of the following OSI layers do TCP and UDP operate within? ``` A. Data link B. Network C. Session D. Transport E. Presentation F. Application ```

D. Transport

434. A company has decided to allow certain users to work remotely by opening up a VPN connection through the firewall. The security policy has been updated to allow VPN connections only from certain users and to specific areas on the network. Along with configuring the correct policies on the firewall, which of the following also needs to be configured on users mobile devices to allow these VPN connections? A. VNC application B. Kerberos C. Geotagging application D. Credentials

D. Credentials

435. Which of the following OSI layers do TCP and UDP operate within? ``` A. Data link B. Network C. Session D. Transport E. Presentation F. Application ```

D. Transport

436. A network engineer is working on a network connectivity problem between a site in California and a site in New York. The connection went down overnight, and the engineer is unsure where the connection failed. The technician is logged into the primary switch in the customers network, which is also the companys connection to the WAN. Which of the following tools should the technician use to determine the last available network hop? A. netstat B. Nmap C. traceroute D. pathping

C. traceroute Traceroute gives more information that pathping does Pathping and Tracert are similar, both are used to test connectivity and latency. ... Pathping does a traceroute to the destination, and then uses ICMP to ping each hop in the path 100 times. This means pathping will give more accurate latency information. But it is still subject to the same issues as traceroute.

437. A network manager is concerned about visitors taking advantage of open cubicies at a company's facilities. Which of the following would mitigate this issue? A. Create a VLAN for all unused switchports. B. Implement a DMZ for all external services. C. Implement root guard on all switches. D. Create a honeypot to attract attackers.

A. Create a VLAN for all unused switchports. or B. Implement a DMZ for all external services.

438. oe, a user, is having issues when trying to access certain web pages. Upon navigating to a web page, it seems like it connects, but then presents the following message: The security certificate presented by this website was not trusted by a trusted certificate authority. Joe has cleared his cache and cookies, rebooted his machine, and attempted to browse to the website from a coworkers desktop, but it still presented with this error. Which of the following is the MOST likely cause of this error? A. The web server is missing an intermediate certificate. B. The website is missing an HTTPS certificate. C. TLS is not enabled in the browser. D. The SSL certificate has expired.

A. The web server is missing an intermediate certificate. The question does not state that the user is attempting to connect to web pages that require encryption, i.e. SSL/TLS (Secure Sockets Layer/Transport Layer Security); instead, we can only assume that "certain web pages" are merely regular web pages that do not entail the transmission of encrypted data. Hence, an SSL certificate is surely not required in this instance since not all websites utilise SSL/TLS. For that reason, (A) seems like the most credible answer

439. Which of the following is used to define the duration during which a client can use an IP address? A. MAC reservation B. IP helper C. Pool D. Lease time

D. Lease time

440. A small company is requesting a quote to refresh its wireless network. The company currently runs 60 autonomous APs and has plans to increase wireless density by 50% in the near future. The requirements state that the chosen solution should significantly decrease the management overhead of the current wireless network. Which of the following should the vendors recommend in response to the quote request? A. The use of lightweight APs with a load balancer B. The use of autonomous APs with a wireless controller C. The use of autonomous APs with a load balancer D. The use of lightweight APs with a wireless controller

D. The use of lightweight APs with a wireless controller lightweight is easier to manage because it is controlled through a centralized wireless controller

441. A network support specialist is setting up wireless networks for several small companies that are leasing adjacent spaces in an office building. The network support specialist has already configured an access point for each office with WPA2-AES encryption and minimized any overlap of the wireless channels. Several of the companies have expressed concerns about performance and security issues due to the high volume of wireless networks being installed in close proximity. Which of the following actions will BEST mitigate the companies concerns? A. Reduce the TX power on each access point. B. Enable MAC address filtering on each access point. C. Disable the SSID broadcast on each access point. D. Enable AP isolation on each access point.

A. Reduce the TX power on each access point. Tx- power is a measure of how strong the signal is transmitted. The best setting is the minimum level necessary to keep the signal with the boundaries of the WiFi’s location. You don’t want the signal extending past your house because if it does the door is open to hackers. If they need to be in your house to hack it, you’ll likely find they don’t bother.

442. A network technician receives a trouble ticket and speaks to the user who is experiencing the issues with the application. Which of the following should the technician perform NEXT? A. Gather information. B. Determine the symptoms. C. Establish a plan of action. D. Document the findings

A. Gather information. ``` From the CompTIA objectives: Identify the problem - Gather information - Duplicate the problem, if possible - Question users - Identify symptoms ``` speaks to the user who is experiencing the issues with the application -- speak to the users like "how are you", can I get your name then what is the cause of the problem. It is clear that you gathered information because you can not determine and plan an action without gathering information.

443. A company wants to implement a wireless infrastructure on its campus to meet the needs of its BYOD initiative. The company has users with legacy devices and wants to accommodate them while delivering speed to other users who have modern systems. Which of the following standards BEST fits these requirements? A. 802.11a B. 802.11ac C. 802.11b D. 802.11n

D. 802.11n IEEE 802.11ac === 5GHz BAND. IEEE 802.11n === 2.4GHz and 5GHz band.

444. Joe, a technician, is attempting to resolve an issue with an off-site router remotely. Joe needs to reset the WAN connection settings and wants to ensure he will have access to the router at all times to monitor the changes. Which of the following solutions would BEST meet this goal? A. Use a secure SSH connection over the WAN link. B. Telnet into the router over the company VPN. C. Implement a modem on the AUX port. D. Configure a DSL router to the console port.

C. Implement a modem on the AUX port. ``` AUX port - backup console port - using dial-up Auxiliary Port (AUX Port) allows a direct, non-network connection to the router, from a remote location. The Auxiliary Port (AUX Port) uses a connector type to which modems can plug into, which allows an administrator from a remote location to access the router like a console port. ``` console port - using terminal emulation

445. To achieve a more efficient and secure work environment, a company needs a way to control what is being accessed on the Internet using corporate resources. Which of the following devices should be used to accomplish this task? (Choose two.) ``` A. Proxy server B. IDS C. Load balancer D. Content filter E. VPN concentrator F. IPS ```

A. Proxy server | D. Content filter

446. The network support team is responsible for managing connections in a large, multipurpose venue where maintaining physical security is difficult. Implementing which of the following standards would BEST help to prevent unauthorized connections to the wired network? A. 802.1X B. 802.1q C. 802.3at D. 802.3af

A. 802.1X

447. A utility company has installed a wireless device at a residence that allows the company to view power consumption online. The resident reports the 802.11ac home wireless intermittently loses connectivity for about 15 minutes twice a day. Which of the following is the MOST likely cause? A. The utility company throttles power during peak hours. B. There is additional data being transferred over the wireless network. C. There is interference with the smart reader. D. An IoT device is causing a DoS attack on the wireless network.

B. There is additional data being transferred over the wireless network. The question doesn't say that the utility companies device is connected to the residents personal home WiFi, therefore you should assume it wouldn't be on their network. No company would be stealing paid internet service from their customers.

448. A technician has been asked to install biometric controls at the entrance of a new datacenter. Which of the following would be appropriate authentication methods to meet this requirement? (Choose two.) ``` A. Badge reader B. Retina scanner C. Random number-generating token D. Device proximity sensor E. Challenge question F. Combination lock G. Fingerprint reader ```

B. Retina scanner | G. Fingerprint reader

449. Two buildings used to be connected by a wireless bridge, but they are upgrading to fiber. Which of the following new devices would be required at the demarcation points? A. Wireless access point B. Router C. Media converter D. Firewall

C. Media converter

450. A company is expanding and building a new remote branch office. Marketing will need 78 IP addresses, finance will need 150 IP addresses, legal will need 39 IP addresses, and R&D will need 12 IP addresses. The network administrator gives the technician a network of 172.16.48.0/23 and wants the technician to use VLSM for the design. Which of the following are possible solutions? (Choose three.) A. The marketing department should receive a /25 network. B. The R&D department should have 172.16.49.207 as a broadcast address. C. The R&D department should receive a /27 network. D. The finance department should have 172.16.49.127 as a broadcast address. E. The marketing department should have usable IPs ranging from 172.16.49.129 to 172.16.49.190. F. The legal department should have a first usable IP address of 172.16.49.190 G. The legal department should have usable IPs ranging from 172.16.49.129 to 172.16.49.190. H. The R&D department should have a last usable IP address of 172.16.49.190.

A. The marketing department should receive a /25 network. B. The R&D department should have 172.16.49.207 as a broadcast address. G. The legal department should have usable IPs ranging from 172.16.49.129 to 172.16.49.190. finance 150 IPs I gave 254 IPs /24 btw 172.16.48.1 ~ 172.16.48.254 (.0 network and .255 broadcast) marketing 78 IPs I gave 126 IPs /25 btw 172.16.49.1 ~ 172.16.49.126 (.0 network and .127 broadcast) Legal 39 IPs so I gave 62 IPs /26 btw 172.16.49.129 ~ 172.16.49.190 (.128 network and .191 broadcast) R&D 12 IPs so I gave 14 IPs /28 btw 172.16.49.193 ~ 172.16.49.206 (.192 network and .207 broadcast)

451. After several changes to the network, a technician needs to ensure a client is checking for new hostname and IP pairings. Which of the following commands should the technician use to force new lookups? A. ipconfig /flushdns B. ipconfig /release C. ipconfig /renew D. ipconfig /all

A. ipconfig /flushdns ipconfig /flushdns deletes the DNS cahe store on a device. If a website IP address changes the DNS cache will prevent the user from accessing the website. Best thing to do is to empty the cache.

452. A network technician is setting up a WiFi network in a multi-tenant building. When trying to determine the best channel, which of the following is the BEST tool to use? A. Protocol analyzer B. Tone generator C. Spectrum analyzer D. Multimeter

C. Spectrum analyzer

453. Due to regulatory requirements, a college bookstore prohibits customers from accessing the wireless network in the building. Which of the following would be the BEST method to prevent customers from accessing the wireless network while in the bookstore? A. Use MAC filtering for authorization to the wireless network. B. Require PEAP for authentication to the wireless network. C. Implement a Faraday cage within the bookstore premises. D. Require a pre-shared key for authentication to the wireless network.

C. Implement a Faraday cage within the bookstore premises. Since they said they don't want anyone to get to the Wi-Fi from inside, that means it's being broadcasted outside.. which means they don't control it.. which means the cage

454. A network technician sets up a new schedule on the backup server. Management has informed the technician that a full backup does not need to be completed every day. The technician sets up weekly full backups. Which of the following should the technician configure for the remaining days to MINIMIZE the daily backup size? A. Snapshots B. Incremental C. Replica D. Differential

B. Incremental

Which of the following network topologies typically has all devices on a network directly connected to every other network device? A. Mesh B. Star C. Ad hoc D. Ring

A. Mesh

456. A technician wants to set an IP address to a specific MAC address on a host machine. Which of the following commands should the technician use? A. ipconfig B. nslookup C. arp D. dig

C. arp

457. A network technician is designing a network cable upgrade in a newly acquired office space. The IT manager wants to install a standardized twisted pair cable solution that supports speeds up to 1 Gbps and terminates with a standard RJ45 connector. Which of the following cable types should the technician suggest? ``` A. SMF B. Cat 3 C. Cat 5 D. Cat 6 E. RG-6 ```

D. Cat 6 CAT5 only supports 100Mbps. You need Cat5e minimum to get 1Gpbs.

458. Which of the following policies would be the MOST useful for defining the proper procedures when an employee is terminated abruptly? ``` A. Offboarding B. Remote access C. AUP D. Incident response E. DLP ```

A. Offboarding

459. A technician wants to have the ability to transfer files from home to the companys network on a regular basis. Which of the following is a remote access protocol the technician can utilize to bypass interactive user authentication by using a list of known host public keys? A. FTP B. SCP C. TFTP D. Telnet

B. SCP Secure Copy Protocol (SCP) is a means of securely transferring computer files between a local host and a remote host or between two remote hosts. SCP (Secure Copy Protocol) - A method for copying files securely between hosts.

460. A company runs Linux servers in its own datacenter and also on a popular public cloud service provider. The servers hosted by the cloud provider can only be accessed with proper authorization and are only accessed by the company's datacenter. Which of the following BEST describes the type of cloud architecture being used? (Choose two.) ``` A. Private B. Hybrid C. Public D. IaaS E. PaaS F. SaaS ```

B. Hybrid D. IaaS A company runs a Linux server on a popular public cloud provider. IaaS They have a part of their infrastructure in the cloud. Hybrid

461. A companys web-based application has a database that is set up for high availability in case of a failure. Which of the following is necessary to achieve this type of setup? A. A virtual IP pointing to the active DB B. A static IP pointing to the passive DB C. A private IP pointing to the web front end D. A private IP pointing to the web proxy

A. A virtual IP pointing to the active DB The Virtual IP will be pointing to the active DB at any given time out of the DB farm/Cluster (Using the same Virtual IP address for the whole farm). so, when one DB is down, the stanby/secondary will assume the responsibility seamlessly, and using the same Virtual IP

462. A network technician is creating a diagram of network termination points in the building. The technician diagrammed the core network room and now needs to diagram the auxiliary network closets. Which of the following is the technician MOST likely going to add to the diagram? A. IDF B. MDF C. VRF D. TDM

A. IDF IDF is an Intermediate Distribution Frame, whereas your MDF is your Main Distribution Frame. Your IDF(s) is/are typically located on the upper floors of a building whereas your MDF is typically on your bottom floor. Think of it as having a centralized location for all of your wiring on that floor, you can have multiple IDFs at different floors running to a MDF at the bottom floor.

463. A network technician has installed multiple new lightweight access points across the network. Which of the following devices should the technician use to manage the new access points? ``` A. Wireless controller B. SSH C. DHCP server D. Content filter E. WiFi analyzer ```

A. Wireless controller

464. Management is concerned there is excessive traffic on the network. A network technician wants to run a quick port scan to see any systems that have open ports. Which of the following tools should be used to do this? A. tcpdump B. dig C. nmap D. netstat

C. nmap

465. A network technician receives the following command output from a Linux-based machine: Which of the following commands did the network technician run? A. iptables f ABCDEG.com B. dig t ANY ABCDEG.com C. NMAP t ABCDEG.com D. netstat a ACDEG.com

B. dig t ANY ABCDEG.com

466. Allowing data to be centrally stored and accessed by multiple devices on an isolated subnet is BEST understood as: A. NAS B. iSCSI C. SAN D. FCoE

C. SAN Storage Area Network Network Attached Storage One is it's own network (it's own subnet!). and the other is Attached to an existing network(NAS) Key wording is "multiple devices". SAN is block level storage usually used for devices to access data whereas, NAS is file level storage more commonly used for users to access files etc.

467. During a weekend event, several people reported they were unable to get onto the wireless network. On Monday, the technician could not find a problem. Which of the following is the MOST likely cause? A. Cross talk B. Overcapacity C. Channel overlap D. Wrong passphrase

B. Overcapacity

468. After deployment of a second network link to load balance the network traffic, the quality of voice calls degrades. The network administrator discovers the voice packets are arriving at uneven intervals that cannot be handled by the voice application buffer. Which of the following actions will improve the quality of the voice calls? A. Control the attenuation of the non-voice traffic across the network links B. Control the latency of traffic across the network links C. Control the EMI of the multimedia traffic across the network links D. Control the jitter of the affected traffic across the network links

D. Control the jitter of the affected traffic across the network links

469. Which of the following can a network administrator use to access a network switch using standard AAA configurations? A. TACACS+ B. Single sign-on C. LDAP D. Local authentication

A. TACACS+

470. A network technician receives a switch that is configured to support VLANs on its ports. At which of the following layers is this switch operating? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4

B. Layer 2 A layer 2 switch support VLAN and a Layer 3 switch is a multilayer switch that supports INTER-VLANs

471. Which of the following protocols is used to transport outgoing mail across networks? A. POP B. SMTP C. IMAP D. LDAP

B. SMTP Simple mail transfer protocol

472. Management at a company wants to increase the bandwidth available to users after receiving several complaints. A technician reports to management that 50% of the company bandwidth is being utilized by wireless devices outside the companys property. Given budget constraints, which of the following solutions should the technician propose to management? A. Have the ISP double the bandwidth B. Move from WPA2 to WEP C. Enable WPA and change the SSID D. Configure geofencing

D. Configure geofencing

473. To increase speed and availability, a high-traffic web application was split into three servers recently and moved behind a load balancer. Which of the following should be configured on the load balancer to allow for a single destination? A. SIP B. PAT C. NAT D. VIP

D. VIP Virtual IP is the load-balancing where the webpage to get to a site. Usually a TCP or UDP port number is associated with the VIP, such as TCP port 80 for web traffic UDP for watching youtube.

474. A network technician is reading a network diagram and looking for the edge router. Which of the following is MOST likely the symbol used for the router? A. A circle with four outward arrows B. A rectangle with two horizontal arrows C. A square with two circular arrows D. A triangle with three outward arrows

A. A circle with four outward arrows

475. Which of the following would a network technician MOST likely connect to power wireless access points in drop ceilings? ``` A. Powerline extender B. Ethernet-over-power adapter C. Power-over-Ethernet switch D. Power distribution unit E. Ethernet power controller ```

C. Power-over-Ethernet switch

476. A network technician needs to monitor the traffic going to a mission-critical server in the datacenter. Which of the following is the BEST method to perform this? A. Use port mirroring B. Install an inline tap C. Periodically view the server logs D. Configure port aggregation

B. Install an inline tap mission-critical is key, port mirroring can drop some data in the process as well. Tap in gives you a 100% accurate picture of data flow.

477. A network engineer at a large company is restricting Internet browsing on the corporate WAN to only business-related external websites. Which of the following is the BEST solution to achieve this goal while avoiding the need to configure this restriction on each PC? A. Web application firewall B. Content filter C. IPS D. VPN concentrator

B. Content filter the company wants to restrict some web sites, not just web applications

478. Which of the following types of attacks is characterized by encrypting data and locking out a user from access to certain data within a workstation? ``` A. Ransomware B. Phishing C. DDoS D. Social engineering E. Spoofing ```

A. Ransomware

479. The process of searching for open or weakly secured wireless networks in a geographic area is known as: A. phishing. B. social engineering. C. war driving. D. an evil twin.

C. war driving.

480. A request is made to open an additional port on a firewall. The request is approved, and the port is opened. Which of the following BEST describes this process? A. Standard operating procedure B. Process management C. Project management D. Change management

D. Change management

481. A network technician notices that switches of the same model have different commands and security features while administering them. Which of the following hardening techniques should the technician perform on a regular schedule to ensure all switches have the same features and security functionality? A. Change the default credentials. B. Verify the firmware file hash. C. Disable unused switchports. D. Apply patches and updates.

D. Apply patches and updates. Because patches and updates should be performed on a regular schedule so that the switches have the same security & functionality. Disabling unused ports is something that's done at the start of building a network and doesn't need to be done regularly.

482. A network administrator has deployed a secure wireless network that authenticates using Active Directory network credentials so individual users are uniquely identified when connected to the WLAN. Which of the following wireless technologies has the administrator configured? A. WEP B. EAP-PEAP C. PSK D. CCMP-AES

B. EAP-PEAP EAP, or eap, or extensible authentication protocol is a very common set of frameworks that can be used to authenticate people onto things like wireless networks. For instance, WPA2 and WPA use five different EAP types as authentication mechanisms. A very common way of setting up the authentication methods, especially early on in wireless networks, was created as a proprietary method by Cisco. And it’s called LEAP, that stands for light weight extensible authentication protocol.

483. A SAN serves out storage to a companys virtual environment and provides low-level disk access. The company wants to use its existing IP network and equipment to access the virtual disks. Which of the following network connection types would BEST accomplish this task? A. InfiniBand B. iSCSI C. Fibre Channel D. CIFS

B. iSCSI iSCSI uses IP Fiber channel uses Ethernet

484. When using a network monitoring system, a network technician notices that a switch returns many object identifiers that do not have descriptions. Which of the following should be imported into the monitoring system to describe these object identifiers? A. SNMPv3 B. SIEM C. MIB D. SYSLOG

C. MIB A management information base (MIB) is a database used for managing the entities in a communication network.

485. A company hires some temporary workers. On day one, the temporary employees report they are unable to connect to the network. A network technician uses a packet analysis tool and finds that many clients are continuously sending out requests for an IP address, but many of them are not receiving a response. Which of the following could be the cause of this issue? A. Exhausted DHCP scope B. Untrusted SSL certificates C. Duplicate MAC addresses D. Incorrect firewall settings

A. Exhausted DHCP scope

486. A network administrator is responding to a help desk ticket, which states an unknown wireless access point is broadcasting in a specific area. Upon investigation, the administrator finds that a user brought a wireless access point from home and plugged it into the corporate network. This resulted in an attacker using the unsecured wireless LAN to gain access to the network. Which of the following should the network administrator have done to BEST prevent this problem? A. Changed the default credentials on the network switches B. Installed a Layer 7 firewall C. Implemented port security D. Disabled unnecessary services on the network switches

C. Implemented port security

487. A user no longer has access to network resources after a recent office move, but all other users in the building are able to connect at 100MB connections. After further investigation, a network technician notices the following information: Which of the following is causing the network connection issues? ``` A. Open/short pins B. VLAN mismatch C. Distance limitation D. Crosstalk E. Port configuration ```

E. Port configuration Port is shutdown by the looks of things, I assume the 'no shut' command was not issued on the port on assignment

488. A small team is overloaded with requests for database resources. The Chief Information Officer (CIO) is concerned the company does not have the resources to deploy and manage these additional services efficiently. Which of the following types of cloud services would be the MOST effective? A. PaaS B. IaaS C. BaaS D. SaaS

C. BaaS BaaS is Backend as a Service. Part of this Vendor supplies Database Management. Backend as a service (BaaS) | LinkedIn Learning, formerly ... www.linkedin.com › backend-as-a-service-baas AWS and serverless applications - [Narrator] Backend as a Service is quite an old concept. It's been around for a long time. Amazon S3 was one of the first Backend as a Service systems

489. Which of the following should be performed on a regular basis to prevent unauthorized access to a company network? (Choose two.) ``` A. Packet analysis B. Reviewing baselines C. Vulnerability scanning D. Patch management E. Log archiving ```

C. Vulnerability scanning | D. Patch management

490. A network technician receives a report that the companys intranet web server is not responding. The technician verifies successful connectivity to the server via the ping and tracert commands. The technician also verifies the routers and switches are online and operational, and then runs Telnet to port 80 and receives a response. Which of the following troubleshooting steps should the technician perform NEXT? A. Establish a plan to reset the company router. B. Escalate the issue to the server administrator. C. Duplicate the issue and continue testing. D. Report that an issue was not identified.

C. Duplicate the issue and continue testing.

491. Which of the following ports are used for electronic mail protocols? (Choose three.) ``` A. 23 B. 25 C. 110 D. 123 E. 143 F. 161 G. 389 H. 443 ```

B. 25 C. 110 E. 143

492. A technician needs to connect two routers using copper cables. Which of the following cables would utilize both the TIA/EIA 568a and TIA/EIA 568b standards? ``` A. Cat5 crossover B. Cat5e straight-through C. Cat5e rollover D. Cat6 console E. Cat6a straight-through ```

A. Cat5 crossover

493. The engineering department wants to bring a legacy computer online to test a failed component. When patching the device into the switch, there are no link lights or connectivity. The legacy computer can ping its loopback address successfully. Another device can connect to that same port without issues. Which of the following should the network technician check NEXT? (Choose two.) ``` A. Speed setting on the switch B. Duplex requirements C. Firmware version D. Protocols the legacy computer supports E. Network card drivers F. VLAN settings ```

C. Firmware version E. Network card drivers For speed mismatch, the links will not light up. For duplex mismatch , the links may still light up, but with degraded network performance

494. A user in the marketing department reports the email server is down. The user has not received email for more than 24 hours. Which of the following should the network technician do to investigate this issue? A. Question other users in the marketing department to see if they are also having connectivity issues. B. Reboot the email server and verify connectivity once it is up again. C. Check the router and firewall to see if ACLs or firmware have changed in the last 24 hours. D. Check for network connectivity on the users PC and reinstall the email client.

A. Question other users in the marketing department to see if they are also having connectivity issues.

495. A network technician has provisioned a new Linux instance in a public cloud providers IaaS environment. The technician did not install a graphical user interface. The technician wants to connect to the servers public IP address securely to start a console session. Which of the following remote access methods should the technician use? A. SSH B. Telnet C. VNC D. RDP

A. SSH Key phrase 'The technician did not install a graphical user interface'. VNC uses GUI and RDP is window's based.

496. A network administrator is reviewing the following output from a switch: Which of the following attacks has occurred on the switch? A. DNS poisoning B. ARP poisoning C. VLAN hopping D. MAC address spoofing

D. MAC address spoofing

497. A user does not have access to network services but has Internet access. The technician notices the computer has an IP address of 192.168.1.144 when the network is 10.10.10.0. Which of the following is MOST likely the issue? A. Rogue DHCP server B. Duplicate IP addresses C. Incorrect gateway D. Server permission changes

A. Rogue DHCP server

498. A technician is trying to identify the cause of an issue several wireless users are experiencing at an office. The office is in a square-shaped building, with four 802.11b WAPs with omnidirectional antennas located in the four corners of the building. Users near the centre of the building report sporadic issues connecting to resources. The technician checks the signal strength in the middle of the building and determines it is adequate. Which of the following is causing the reported issue? A. The antenna types are incorrect, and unidirectional should be used. B. MAC filtering has not been updated. C. There is channel overlap of the access points. D. The power levels are set too low on the WAPs.

C. There is channel overlap of the access points. from the question "The technician checks the signal strength in the middle of the building and determines it is adequate". channel overlapping is the best answer.

499. A network technician is performing an initial configuration of a new network switch. Per company policy, the only authorized manner for remotely administering the switch is through a command line. Which of the following protocols should the technician disable to adhere to the company policy? A. HTTP B. Telnet C. SSH D. TFTP

A. HTTP Telnet and SSH allowed command line TFTP is irrelevant here We can remotely manage switch or other network devices through web portal that needed http. keyword here is "remotely administering the switch is through a command line" . telnet and SSH does that. HTTP access is the GUI method through web interface.

500. A network technician is troubleshooting a connectivity issue with Joe, a user. Joe has reported that when he attempts to RDP to machine1 (192.168.21.21) by name, he is connected to machine3 (192.168.21.23). When the network technician runs the command nslookup machine1, it returns the IP address 192. 168.21.23; but when the ping ג€"a 192.168.21.23 command is run, the results return the hostname machine3. Which of the following DNS records should be updated to allow RDP connections to machine1 by hostname? A. A B. SRV C. PTR D. TXT

A. A Host address issue, so A record

Test 4 Flashcards

(100 cards)