Dion Test

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which of the following protocols is considered an external routing protocol?

Border Gateway Protocol is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems on the Internet

Differrence between multucast and broadcast.

Broadcast goes out weather you request it or not

Which of the following communication types cannot be used with IPv6?

Broadcast only works with IPv4.

Which of the following weaknesses exist in WPS-enabled wireless networks?

Brute force occurs within 11,000 combinations

A technician needs to limit the amount of broadcast traffic on a network and allow different segments to communicate. Which of the following should the technician install to satisfy this requirement

By adding a multilayer (layer 3) switch, the technician can improve network routing performance and reduce broadcast traffic. Creating a VLAN provides LAN segmentation, as well, within the network and the multilayer switch can conduct the routing between VLANs as needed. Just adding a single router would only create two broadcast domains, but adding the multilayer switch and configuring VLANs would allow you to add as many broadcast domains as you need.

Which of the following policies or plans would dictate which type of virtual private network connections will be authorized for use by an organization's employees?

remote access policy is a document which outlines and defines acceptable methods of remotely connecting to the internal network.

Purging

removing sensitive data from a hard drive using the device's internal electronics or an outside source such as a degausser, or by using a cryptographic erase function if the drive supports one.

DNS PTR

reversse DNS records

Rick is configuring a Windows computer to act as a jumpbox on his network. He implements static routing to control the networks and systems the jumpbox communicates with. Which of the following commands did he use to configure this on the Windows machine?

route

DNS SRV

service record. soecifices a specific port for services

You are working at the demarcation point between your network and the telecommunication service provider's network. Which of the following devices serves as the demarcation point between the two networks?

smartjack

Sport in netwowrking

source sport

DNS SOA

start of authoirty. indicates which domain name server is the best source of information for the specified domain.

802.1d standard

stp standard

802.1Q Trunking

take a normal Ethernet frame, add a VLAN header in the frame VLAN IDs-12 bits long, 4,094 VLANs normal range (1-1005) extended range (1006-4094) reserved (0 and 4095)

OC-12 Connection

think fiber

risk

threat and a vulnerability

OID

unique objective identifier

What is a giant?

any ethernet frame that exceeds the size of 1500 bytes

aaaa record

associates your domain name with an IPv6 address

Your deep packet inspection firewall is dropping portions of your packet flow as it enters or leaves the network. The network is configured to use HSRP to load balance the network traffic across two network devices in a high availability cluster. Which of the following issues would cause your network security devices, such as your firewalls, to drop packet flows and cause intermittent network connectivity to your clients?

asymmetric routing

HDX

half-duplex

As part of unified communications services, QoS must be implemented to provide support for DSCP and CoS. Which of the following OSI layers does QoS operate within? Layer 2 (Correct) Layer 4 Layer 1 Layer 5

layer 2

DNS TXT record

lets a domain administrator enter text into the Domain Name Systems.

Critical

level 2

PBX

Private Branch Exchange. A telephone switch used to telephone calls.

How does an SNMP manager communicate with an managed device?

SET, GET, and TRAP

What ports do FTP and SFTP utilize?

FTP (File Transfer Protocol) uses ports 20 and 21. SFTP (Secure File Transfer Protocol) uses port 22.

SNMPv3

Provides three security enhancements which added integrity, authentication, and confidentiality to the SNMP protocol.

BGP

..., Border Gateway Protocol, a dynamic routing protocol. RFC 1267.

when you thunk point to point links what subnet mask should you think of?

/30 or /31

What are the three layers in a three tiered network architectirure?

1. Core 2. Distribution 3. Access/Edge

What is the range of 802.11ac?

115 ft up to 230 ft

IVp4 loopback address

127.0.0.1

Which cellular technology is compromised of HSPA+ and EV-DO to provide higher data speeds than previous cellular data protocols?

3g

Which cellular technology utilizes new frequency bands to reach proposed speeds of up to 70 Gbps?

5g

Which of the following levels would a debugging condition generate?

7

Which type of wireless network utilizes the 5 GHz frequency band and reaches speeds of up to 3.5 Gbps?

801.11ac

Which type of wireless network utilizes the 2.4 GHz frequency band and reaches speeds of up to 54 Mbps? 802.11g (Correct) 802.11ax 802.11b (Incorrect) 802.11ac 802.11a 802.11n

802.11g

A client has asked you to provide their local office with the BEST solution for a wireless network based on their requirements. The client has stated that their users will need a wireless network that provides a maximum of 54 Mbps of bandwidth and operates in the 2.4GHz frequency band. Which of the following wireless network types should you install to meet their needs?

802.11g provides transmission over short distances at up to 54 Mbps in the 2.4 GHz band.

What introduced MIMO?

802.11n

Which of the following IEEE specifications describes the use of the spanning tree protocol (STP)?

802.1d

What access control model will a network switch utilize if it requires multilayer switches to use authentication via RADIUS/TACACS+?

802.1x

Michael, a system administrator, is troubleshooting an issue remotely accessing a new Windows server on the local area network using its hostname. He cannot remotely access the new server, but he can access another Windows server using its hostname on the same subnet. Which of the following commands should he enter on his workstation to resolve this connectivity issue?

: Since this is a Windows-based network, the client is likely attempting to connect to the servers using NetBIOS. NetBIOS stores a local cached name table in the LMHOSTS file on each client. If the entry in the client file is pointing to the wrong IP, this could cause the connectivity issues described. Therefore, the system administrator should enter the "nbtstat -R" command to purge and reload the cached name table from the LMHOST file on their Windows workstation.

Dion Training wants to create a DNS record to specify a host and port to use for a new instant messaging service. Which type of DNS record should be created?

A DNS service (SRV) record specifies a host and port for specific services such as voice over IP (VoIP), instant messaging, and others.

Dion Training's remote office is experiencing poor network performance. You have been asked to look at the traffic patterns for the remote office and compare them to the network performance baselines. Which of the following tools should you utilize?

A NetFlow analyzer is used to perform monitoring, troubleshooting, inspection, interpretation, and synthesis of network traffic flow data. A NetFlow analyzer can help you quickly identify traffic patterns and the different applications/protocols in use on the network

Dion Training has just purchased a new domain name and needs to indicate which DNS server is the definitive information source for the domain. Which type of DNS record should be created?

A Start of Authority (SOA) resource record indicates which Domain Name Server (DNS) is the best source of information for the specified domain. An AAAA record associates your domain name with an IPv6 address. An A record associates your domain name with an IPv4 address. An MX record is used for outgoing (SMTP) and incoming (POP3/IMAP) traffic.

A project manager is tasked with the planning of a new network installation. The customer requires that everything discussed in the meetings is installed and configured when a network engineer arrives onsite. Which document should the project manager provide the customer?

A Statement of Work (SOW) is a document that outlines all the work that is to be performed, as well as the agreed-upon deliverables and timelines

You have been asked to select the best WAN connection for a new network at Dion Training. The company has stated that they must have a guaranteed throughput rate on their Internet connection at all times. Based on this requirement, what type of WAN connection should you recommend?

A T-1 connection provides a guaranteed 1.544 Mbps of throughput.

Your company wants to develop a voice solution to provide 23 simultaneous connections using VoIP. Which of the following technologies could BEST provide this capability?

A T1 can transmit 24 telephone calls at a time because it uses a digital carrier signal (DS-1). D

You have been asked to troubleshoot Dion Training's T1 connection that is experiencing connectivity issues. You have already verified that the network's router is properly configured, the cable is connected properly between the router and the T1's CSU/DSU, but the T1 remains down. You want to test the interface on the CSU/DSU to ensure it is functioning properly. Which of the following tools should you use to test this interface?

A T1 connection is a copper-based connection. A loopback adapter is a plug that is used to test the physical port or interface on a network device. You will need to insert the loopback adapter into the interface on the CSU/DSU and conduct a self-test of the device by looping back the transmit path to the receive path and the receive path to the transmit path. A loopback adapter can also be used to test the T1 line by allowing the ISP to conduct a remote diagnosis of the connection between their central office and your demarcation point to ensure it is working properly.

Which of the following technologies combines the functionality of a firewall, malware scanner, and other security appliances into one device?

A Unified Threat Management (UTM) appliance enforces a variety of security-related measures, combining the work of a firewall, malware scanner, and intrusion detection/prevention.

CSU/DSU (Channel Service Unit/Data Service Unit)

A piece of equipment that connects a T-carrier leased line from the telephone company to a customer's equipment (such as a router). It performs line encoding and conditioning functions, and it often has a loopback function for testing. Used to terminate T1 connections

A 48-port switch on the Dion Training network just rebooted and all the clients are not attempting to obtain a new DHCP address. Which of the following issues may begin to occur?

A broadcast storm is the result of an excessive amount of broadcast or multicast traffic on a computer network. A broadcast storm can consume sufficient network resources and render the network unable to transport normal network traffic. The DHCP discover, offer, request, and acknowledge process occurs using broadcast messages, therefore a broadcast storm could occur due to all 48 clients attempting to receive a DHCP assignment simultaneousl

Which of the following policies or plans would dictate how an organization would respond to an unplanned outage of their primary internet connection?

A business continuity plan is a document that outlines how a business will continue operating during an unplanned service disruption

Your company just moved into a beautiful new building. The building has been built with large glass windows covering most of the walls and ceiling to provide natural light throughout the offices. You have noticed that your cell phone gets poor cellular connectivity when inside the building. What is the MOST likely cause of the poor cellular reception within the building?

A cellular signal is comprised of radio waves, just like 802.11 wireless networks. Just like light, radio waves can bounce off of certain surfaces and materials. Metal and glass are considered highly reflective materials which can cause poor cellular service and connectivity within office buildings that use intricately designed glass walls and ceilings. If a large amount of reflection occurs, signals can be weakened and cause interference at the receiver's device

Which of the following type of sites would be used if your organization plans to switch to teleworking and remote operations in the event of a disaster?

A cloud site is a virtual recovery site that allows you to create a recovery version of your organization's enterprise network in the cloud. Cloud sites are useful when your disaster recovery plan includes migrating to a telework or remote operations environment.

Which of the following is a connectionless protocol?

A connectionless protocol is a form of data transmission in which data is transmitted automatically without determining whether the receiver is ready or even whether a receiver exists. ICMP, UDP, IP, and IPX are well-known examples of connectionless protocols

You are using an 802.11ac wireless network at your office which uses WPA2-PSK for encryption. Every few minutes, your wireless connection appears to disconnect and then quickly reconnect to the network. What type of attack might you be the victim of?

A deauthentication attack is a type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point by sending a deauthentication frame to the victim's machine. This causes the wireless client to disconnect from the wireless network and then reconnect. During that reconnection, an attacker can conduct a packet capture of the authentication handshake and use that to attempt to brute force the network's pre-shared key.

You are conducting a wireless penetration test against a WPA2-PSK network. Which of the following types of password attacks should you conduct to verify if the network is using any of the Top 1000 commonly used passwords?

A dictionary attack is a method of breaking into a password-protected computer, network, or other IT resource by systematically entering every word in a dictionary or list file

Which of the following types of telecommunication links is used to provide high-speed internet service over a traditional phone line?

A digital subscriber line (DSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connection to the Internet

Elizabeth was replacing a client's security device that protects their screened subnet. The client has an application that allows external users to access the application remotely. After replacing the devices, the external users cannot connect remotely to the application anymore. Which of the following devices was MOST likely misconfigured and is now causing a problem

A firewall is an integral part of creating a screened subnet. If configured correctly, it can regulate exactly what traffic and users are allowed to access the server. This is different from a content filter because a content filter denies traffic to a user based on content, but not access to a server.

Dion Training has a single-mode fiber-optic connection between its main office and its satellite office located 30 kilometers away. The connection stopped working, so a technician used an OTDR and found that there is a break in the cable approximately 12.4 kilometers from the main office. Which of the following tools is required to fix this fiber optic connection?

A fusion splicer is used to create long fiber optic cable lengths by splicing multiple cables together or to repair a break in a fiber optic cable

Dion Worldwide has recently built a network to connect four offices around the world together. Each office contains a single centralized switch that all of the clients connect to within that office. These switches are then connected to two of the other locations using a direct fiber connection between each office. The office in New York connects to the London office, the London office connects to the Hong Kong office, the Hong Kong office connects to the California office, and the California office connects to the New York office. Which of the following network topologies best describes the Dion Worldwide network?

A hybrid topology is a kind of network topology that is a combination of two or more network topologies, such as mesh topology, bus topology, and ring topology.

xThe network install is failing redundancy testing at the MDF. The traffic being transported is a mixture of multicast and unicast signals. Which of the following devices would BEST handle the rerouting caused by the disruption of service?

A layer 3 switch is the best option because, in addition to its capability of broadcast traffic reduction, it provides fault isolation and simplified security management. T

OSPF (Open Shortest Path First)

A link-state routing protocol used on IP networks.

TDR (Time-Domain Reflectometer)

A measuring tool that transmits an electrical pulse on a cable and measures the way the signal reflects back on the TDR to determine network issues. On copper cables

You are troubleshooting a cable modem for a home user's network. The connection speeds are much lower than you expected. You suspect the coaxial cable between the wall jack and the cable modem is faulty. Based on your research, a coaxial cable used in data networks should have a resistance of 50 ohms. Which of the following tools should you use to measure the resistance of the coaxial cable?

A multimeter is a measuring instrument that can measure the voltage, resistance, and amperage of a cable or conduit. To test this cable, you should set the multimeter to resistance and connect one of the multimeter's leads to each end of the coaxial cable to determine the resistance as measured in ohms.

ason is a network manager leading a project to deploy a SAN. He is working with the vendor's support technician to set up and configure the SAN on the enterprise network. To begin SAN I/O optimization, what should Jason provide to the vendor support technician?

A network diagram is a visual representation of network architecture. It maps out the structure of a network with a variety of different symbols and line connections.

Which of the following types of agreements is used to protect an organization's intellectual property and is considered legally binding between the signatories?

A non-disclosure agreement (NDA) is a documented agreement between two parties that define what data is considered confidential and cannot be shared outside of that relationship

What is BEST used to perform a one-time temporary posture assessment in a NAC environment?

A non-persistent agent is used to access the device during a one-time check-in at login.

An offsite tape backup storage facility is involved with a forensic investigation. The facility has been told they cannot recycle their outdated tapes until the conclusion of the investigation. Which of the following is the MOST likely reason for this?

A notive of legal hold

Which of the following policies or plans would dictate the complexity requirements for a wireless network's shared secret key?

A password policy is a set of rules created to improve computer security by motivating users to create dependable, secure passwords and then store and utilize them properly. This document promotes strong passwords by specifying a minimum password length, complexity requirements, requiring periodic password changes, and placing limits on the reuse of passwords.

ou are creating a wireless link between two buildings in an office park utilizing the 802.11ac standard. The antenna chosen must have a small physical footprint and be lightweight as it will be mounted outside the building. Which type of antenna should you install?

A patch antenna is a type of radio antenna with a low profile, which can be mounted on a flat surface. A patch antenna is typically mounted to a wall or a mast and provides coverage in a limited angle pattern.

Which of the following types of network documentation would provide a drawing of the network cabling imposed over the floorplan for an office building?

A physical network diagram is used to show the actual physical arrangement of the components that make up the network, including cables and hardware.

ion Training has configured a new web server and connected it to their screened subnet. A network technician wants to ensure the server is properly hardened and that it only allows inbound HTTPS requests while blocking any HTTP requests. Which of the following tools should the technician utilize?

A port scanner is used to determine which ports and services are open and available for communication on a target system. The port scanner will scan the server and display any open ports

Which of the following types of fire suppression systems utilizes a sprinkler system with water to extinguish a fire but requires both an actuator and the sprinklers to be tripped prior to water being released?

A pre-action system minimizes the risk of accidental release from a wet pipe system. With a pre-action system, both a detector actuation like a smoke detector and a sprinkler must be tripped prior to water being released.

A network technician needs to install a server to authenticate remote users before accessing corporate network resources when working from home. Which kind of server should the network technician implement?

A remote access server (RAS) or remote desktop gateway is a type of server that provides a suite of services to connect users to a network or the Internet remotely

What is the flag used to terminate a connection between two hosts when the sender believes something has gone wrong with the TCP connection between them?

A reset (RST) flag is used to terminate the connection.

Which of the following errors would be received if an ethernet frame less than 64 bytes is received by a switch

A runt is an ethernet frame that is less than 64 bytes in size.

A network technician is tasked with designing a firewall to improve security for an existing FTP server on the company network. The FTP server must be accessible from the Internet. The security team is concerned that the FTP server could be compromised and used to attack the domain controller hosted within the company's internal network. What is the BEST way to mitigate this risk?

A screened subnet (formerly called a demilitarized zone or DMZ) is a perimeter network that protects an organization's internal local area network (LAN) from untrusted traffic.

You are troubleshooting a point-to-point microwave link between two buildings that is supposed to operate at 1800 MHz. You suspect there is an issue with the frequency as it is transmitted or received. Which of the following tools would you use to observe the frequency as it is transmitted or received?

A spectrum analyzer is used to measure the magnitude of an input signal's frequency.

Which of the following network issues can be prevented by configuring the split-horizon options on your network devices?

A split-horizon route advertisement is a method of preventing routing loops in distance-vector routing protocols by prohibiting a router from advertising a route back onto the interface from which it was learned.

VRRP (Virtual Router Redundancy Protocol)

A standard that assigns a virtual IP address to a group of routers. At first, messages routed to the virtual IP address are handled by the master router. If the master router fails, backup routers stand in line to take over responsibility for the virtual IP address.

A network administrator needs to install a centrally located firewall that needs to block specific incoming and outgoing IP addresses without denying legitimate return traffic. Which type of firewall should the administrator install?

A stateful firewall enhances security through packet filtering, and these types of firewalls also keep track of outbound requests and open the port for the returning traffic to enter the network. Since a centrally located firewall was required by the question, a network-based firewall should be chosen instead of a host-based firewall.

There are two switches connected using both a Cat 6 cable and a Cat 5e cable. Which type of problem might occur with this setup?

A switching loop is when there is more than one Layer 2 path exists between two endpoints. This can be prevented by using the STP (Spanning Tree Protocol).

What is the first flag used in the establishment of a TCP connection or during the initiation of a three-way handshake between two hosts?

A synchronization (SYN) flag is set in the first packet sent from the sender to a receiver as a means of establishing a TCP connection and initiating a three-way handshake. Once received, the receiver sends back a SYN and ACK flag set in a packet which is then sent back to the initiator to confirm they are ready to initiate the connection. Finally, the initial sender replies with an ACK flag set in a packet so that the three-way handshake can be completed and data transmission can begin.

An analyst reviews a triple-homed firewall configuration that connects to the internet, a private network, and one other network. Which of the following would best describe the third network connected to this firewall

A triple-homed firewall connects to three networks internal (private), external (internet/public), and a screened subnet (formerly called a demilitarized zone or DMZ). The screened subnet is used to host systems that require access from external hosts.

Dion Training's network technicians are about to upgrade a Cisco 3900-series router, but they first want to create a copy of the router's configuration and IOS files to serve as a backup. Which of the following tool should the technicians utilize?

A trivial file transfer protocol (TFTP) server is used to send or receive files over a TCP/IP network. TFTP servers are commonly used to transfer firmware images and configuration files to network appliances like routers, switches, firewalls, and VoIP devices.

Which of the following components is used to identify a variable that may be set or read using SNMP?

A unique objective identifier (OID) identifies a variable that can be read or set using the SNMP protocol

Which of the following components is used by an agent to send a complete set of key-pair values about a significant event or condition that is occurring in real-time by providing a full list of variables and values for a given device to a manager?

A verbose trap may contain all the information about a given alert or event as its payload.

What device is used to configure various hypervisor guests to use different VLANs in the same virtualization environment?

A virtual switch (vSwitch) is a software application that allows communication between virtual machines. A vSwitch does more than just forward data packets, it intelligently directs the communication on a network by checking data packets before moving them to a destination.

new piece of malware attempts to exfiltrate user data by hiding the traffic and sending it over a TLS-encrypted outbound traffic over random ports. What technology would be able to detect and block this type of traffic?

A web application firewall (WAF) or application-aware firewall would detect both the accessing of random ports and TLS encryption and identify it as suspicious. An application-aware firewall can make decisions about what applications are allowed or blocked by a firewall, and TLS connections are created and maintained by applications

technician has finished configuring AAA on a new network device. However, the technician cannot log into the device with LDAP credentials but can with a local user account. What is the MOST likely reason for the problem?

AAA through RADIUS uses a Server Secret Key (a shared secret key). A secret key mismatch could cause login problems. A shared secret is a text string that serves as a password between hosts.

Rick is upset that he was passed over for a promotion. He decides to take revenge on his nemesis, Mary, who got the job instead of him. Rick sets up an on-path attack against Mary's computer by redirecting any layer 2 traffic destined for the gateway to his computer first. Rick is careful only to affect the traffic associated with Mary's computer and not the entire network. Which type of on-path attack is Rick conducting against Mary

ARP poisoning (also known as ARP spoofing) is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network. This results in the linking of an attacker's MAC address with the IP address of a legitimate computer or server on the network.

Workers in a company branch office must visit an initial web page and click the "I agree" button before being able to surf the web. Which of the following is this an example of?

AUP

Your company has installed a guest wireless network in the break room. According to company policy, employees may only connect to the network and use it during their lunch break. Which of the following policies should you have each employee sign to show they understand and accept the use conditions for this guest network?

AUP

Dion Training has just installed a web server for a new domain name. Which of the following DNS records would need to be created to allow users to reach the website using its domain name and then redirect clients to the proper IPv6 address for the server?

An AAAA record associates your domain name with an IPv6 address. An A record associates your domain name with an IPv4 address

Routing prefixes are assigned in blocks by IANA and distributed by the Regional Internet Registry (RIR). What are these known as?

An ASN (or Autonomous System Number) is used to control routing with BGP routing protocols to route traffic across the network. An Autonomous System (AS) is a group of one or more IP prefixes (lists of IP addresses accessible on a network) run by one or more network operators that maintain a single, clearly defined routing policy.

802.1x standard

An IEEE standard that defines the process of authenticating and authorizing users on a network before they're allowed to connect.

Which of the following communication types are used in IPv6 to send a packet to the nearest interface that shares a common address in a routing table?

An IPv6 anycast address is an address that can be assigned to more than one interface (typically different devices). In other words, multiple devices can have the same anycast address

Jason, a network technician, is troubleshooting a single-mode fiber that provides network connectivity to a remote site. He sees that the link light is off on the router's network interface, and suspects that the fiber may have a break someone between his router and the remote site. Single-mode fiber is not providing network connectivity to a remote site. Which of the following tools could be used to identify the location of the break in the fiber

An Optical Time Domain Reflectometer (OTDR) is used by organizations to certify the performance of new fiber optics links and detect problems with existing fiber links. An OTDR can identify if a fiber cable is broken and provide an approximate location for the break in meters or feet.

Which protocol is used to establish a secure and encrypted VPN tunnel that can be initiated through a web browser?

An SSL VPN is a type of virtual private network that uses the Secure Sockets Layer protocol in a standard web browser to provide secure, remote-access VPN capability.

What is a common technique used by malicious individuals to perform an on-path attack on a wireless network?

An evil twin is the most common way to perform an on-path attack on a wireless network. An evil twin is a rogue wireless access point that masquerades as a legitimate Wi-Fi access point so that an attacker can gather personal or corporate information without the user's knowledge

The fiber-optic connection between two of the Dion Training offices was broken. A network technician used a fusion splicer to repair the cable, but now the connection is experiencing reduce transmission efficiency, slower connection speed, and intermittent downtime. Which of the following is the MOST likely reason for these issues

An optical link budget is a calculation that considers all the anticipated losses along the length of a fiber optic connection. Signal loss across a fiber optic cable occurs naturally due to the distance of the cable, as well as from losses due to multiplexing, bends in the cable, imperfect connections, patches, or splices along the fiber optic cable. If the circuit is designed with a low optical link budget and subsequently needs to be repaired or spliced, it would create a fiber connection that becomes too weak to pass the light across the entire fiber optic cable.

Which of the following communication types can only be used with IPv6? Anycast (Correct) Broadcast Unicast (Incorrect) Multicast

Anycast only works with IPv6. Anycast communications are sent to the nearest receiver in a group of receivers with the same IP.

Layers of SDN

Application Control Infrastructure Management

IP scanners

Special tools that allow a network administrator to scan the entire network to find all connected devices and their IP addresses.

You have been asked to configure a router. Which of the following protocols should you enable to allow the router to determine the path to another network? STP (Incorrect) RTP BGP (Correct) NTP

BGP (Border Gateway Protocol) is a protocol that operates at layer 3 of the OSI model.

Due to numerous network misconfiguration issues in the past, Dion Training adopted a policy that requires a second technician to verify any configuration changes before they are applied to a network device. When the technician inspects a newly proposed configuration change from a coworker, she determines that it would improperly configure the AS number on the device. Which of the following issues could have resulted from this configuration change if it was applied?

BGP (Border Gateway Protocol) is used to route data between autonomous systems (AS). A collection of networks within the same administrative domain is called an autonomous system (AS).

What is BPDU?

BPDU is a frame that is communicated in STP that provides the Root ID, Bridge ID, and cost to the Root.

Which of the following network performance metrics is used to represent the theoretical maximum rate of data transfer from a source to a destination in a given amount of time under ideal conditions?

Bandwidth is the maximum rate of data transfer across a given network. Now, bandwidth is more of a theoretical concept that measures how much data could be transferred from a source to a destination under ideal conditions.

A technician is configuring a computer lab for the students at Dion Training. The computers need to be able to communicate with each other on the internal network, but students using computers should not be able to access the Internet. The current network architecture is segmented using a triple-homed firewall to create the following zones: ZONE INTERFACE, IP address --------------------------------------- PUBLIC, eth0, 66.13.24.16/30 INSTRUCTORS, eth1, 172.16.1.1/24 STUDENTS, eth2, 192.168.1.1/24 What rule on the firewall should the technician configure to prevent students from accessing the Internet?

By denying all traffic from the eth2 to eth0, you will block network traffic from the internal (STUDENT) network to the external (PUBLIC) network over the WAN connection. This will prevent the students from accessing the Internet by blocking all requests to the Internet.

A network technician is troubleshooting connectivity problems between switches but suspects the ports are not properly labeled. What option will help to identify the switches connected to each port quickly?

By enabling a discovery protocol on the network devices, the technician will be able to get detailed information such as the IP addresses, system version, and device information from supporting devices directly. There are three primary discovery protocols: simple network management protocol (SNMP), link layer discovery protocol (LLDP), and ping.

Users connecting to an SSID appear to be unable to authenticate to the captive portal. Which of the following is the MOST likely cause of the issue?

Captive portals usually rely on 802.1x, and 802.1x uses RADIUS for authentication. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user's identity and authorizes them for access to the network. This defines port security. The user's identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server.

Which of the following wireless characteristic does channel bonding improve?

Channel bonding is a practice commonly used in IEEE 802.11 implementations in which two adjacent channels within a given frequency band are combined to increase throughput between two or more wireless devices CONNECTGION SPEED

Which of the following provides a standard nomenclature for describing security-related software flaws?

Common Vulnerabilities and Exposures (CVE) is an element of the Security Content Automation Protocol (SCAP) that provides a standard nomenclature for describing security flaws or vulnerabilities

authPriv

Communication with authentication and privacy

DSL

Connects computer or roouter to telephne line

Which of the following layers is NOT used in a three-tiered data center network architecture?

Control layer

A technician is troubleshooting a workstation at Dion Training. The workstation is suffering from intermittent connectivity issues. The technician notices that the STP cable pairs are not completely twisted near the connector. Which of the following issues may be experienced because of this?

Crosstalk is defined as an effect caused by the unintentional and undesired transmission (leakage) of a signal from one cable to another. Crosstalk can occur if the twisted pairs are not twisted sufficiently, because the twisting of the cable pairs reduces crosstalk between neighboring cable pairs.

A technician receives a report that a VoIP phone is experiencing a "no network connectivity" error. The technician notices the Cat6a patch cable running from the back of the phone is routed behind the user's rolling chair. The cable appears to have been rolled over numerous times by the user, and it looks flattened from the abuse. Which of the following is the most likely cause of the connectivity issues being experienced on the VoIP phone

Crosstalk is defined as an effect caused by the unintentional and undesired transmission (leakage) of a signal from one cable to another. Due to the abuse of the cable being run over repeatedly by the user's chair, the cable's shielding could have been damaged and the cable may no longer be made up of the same consistency. This can lead to crosstalk amongst the cable pairs, or even opens/shorts of the wires in those cable pairs.

Which of the following errors would be received if raw data is accidentally changed as it transits the network?

Cyclic Redundancy Checksum (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data as it transits the network. The CRC number in the interface statistics is the number of packets that were received that failed the cyclic redundancy checksum, or CRC check upon receipt

A network technician just finished configuring a new interface on a router, but the client workstations do not receive the addressing information from the new interface. Which of the following should be added or changed to allow the workstations to connect to the new interface?

DHCP IP Helper addresses enable a single DHCP server to provide DHCP IP addresses to every PC on the network, regardless of whether they are on the same broadcast domain as the DHCP server or not

What can stop rogue DHCP servers?

DHCP snooping

After an employee connected one of the switchports on a SOHO router to the wall jack in their office, other employees in the building started to receive "duplicate IP address" errors and experiencing intermittent network connectivity. You check the configuration on one of the affected clients and see it has been assigned an IP address of 192.168.1.54. Which of the following could be enabled on the company's network to prevent this from occurring?

DHCP snooping is a series of techniques applied to improve the security of a DHCP infrastructure. When DHCP servers are allocating IP addresses to the LAN clients, DHCP snooping can be configured on LAN switches to prevent malicious or malformed DHCP traffic or rogue DHCP servers.

When you see screeened subnet think?

DMZ

You have just moved into a new apartment and need to get internet service installed. Your landlord has stated that you cannot drill any holes to install new cables into the apartment. Luckily, your apartment already has cable TV installed. Which of the following technologies should you utilize to get your internet installed in your apartment?

DOCSIS (Data Over Cable Service Interface Specification) is an international telecommunications standard that permits the addition of high-bandwidth data transfer to an existing cable television system.

What is the difference between LACP and DWDM?

DWDM uses single fibers to create faster connections

DOCSIS

Data-Over-Cable Service Interface Specification. Cable modem

Which communication technology would MOST likely be used to increase bandwidth over an existing fiber-optic network by combining multiple signals at different wavelengths?

Dense wavelength-division multiplexing (DWDM) is a high-speed optical network type commonly used in MANs (metropolitan area networks). DWDM uses as many as 32 light wavelengths on a single fiber, where each wavelength can support as many as 160 simultaneous connections

You have been asked to recommend a capability to monitor all of the traffic entering and leaving the corporate network's default gateway. Additionally, the company's CIO requests to block certain content types before it leaves the network based on operational priorities. Which of the following solution should you recommend to meet these requirements?

Due to the requirements provided, you should install a NIPS on the gateway router's internal interface and a firewall on the external interface of the gateway router. The firewall on the external interface will allow the bulk of the malicious inbound traffic to be filtered before reaching the network. Then, the NIPS can be used to inspect the traffic entering the network and provide protection for the network using signature-based or behavior-based analysis. A NIPS is less powerful than a firewall and could easily "fail open" if it is overcome with traffic by being placed on the external interface.

Dion Training is concerned with the threat of an attacker modifying the MAC address to IP bindings within the local area network. Which of the following could be enabled on the company's network to prevent this from occurring?

Dynamic ARP Inspection (DAI) is a security feature that validates Address Resolution Protocol (ARP) packets in a network. DAI allows a network administrator to intercept, log, and discard ARP packets with invalid MAC address to IP address bindings.

SDN (Software Defined Networking)

Enables the network to be intelligently controlled, or programmed, using software applications.

EIGRP

Enhanced Interior Gateway Routing Protocol. an advanced distance-vector routing protocol that is used on a computer network for automating routing decisions and configuration.

ESSID

Extended Service Set Identifier

When thinking BGP think what?

Exterior gateway Protocol. Its a oth vector that uses the number of autonomous system hops instread of router hops.

FCoE

Fiber Channel over Ethernet

What does ATM deal with?

Fiber and SONET netowrks

Which of the following network devices would be considered a perimeter device and installed at the outermost part of the network?

Firewall

Application layer

Focuses on the communication resource requests or information about the networl as a whole

Which of the following errors would be received if an ethernet frame greater than 1518 bytes is received by a switch?

GIANT

Which network device operates at Layer 1?

HUB

EIGRP

Hybrid of dsance and link state protocol. ONly used with cisco

The local electric power plant contains both business networks and ICS/SCADA networks to control their equipment. Which technology should the power plant's security administrators look to implement first as part of configuring better defenses for the ICS/SCADA systems? Anti-virus software Intrusion prevention system (Correct) Log consolidation (Incorrect) Automated patch deployment

IPS

Which encryption type MOST likely is used for securing the key exchange during a client-to-server VPN connection?

ISAKMP is used in IPsec, which is commonly used in securing the key exchange during the establishment of a client-to-server VPN connection.

You are scanning a target as part of a penetration test. You discovered that the network uses Snort configured as a network-based IDS. Which of the following occurs when an alert rule has been matched in Snort during your scan?

If Snort is operating as an IDS, it will not block the connection or drop the packet. Instead, Snort will evaluate the entire packet and check all the alert rules, logging any matches it finds, and then allow it to continue onward to its destination.

Your company wants to create highly available datacenters. Which of the following will allow the company to continue maintaining an Internet presence at all sites if the WAN connection at their own site goes down?

If a WAN link goes down, BGP will route data through another WAN link if redundant WAN links are available. Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information between autonomous systems (AS) on the Internet.

A workstation is connected to the network and receives an APIPA address but cannot reach the VLAN gateway of 10.10.100.254. Other PCs in the VLAN subnet can communicate with the VLAN gateway and access websites on the Internet. Which of the following is the MOST likely the source of this connectivity problem

If the switchport is configured for 802.1q trunking instead of as an access host port, the workstation will be unable to reach the DHCP server through the port and will fall back to using an APIPA address

You are configuring a network to utilize SNMPv3 to send information from your network devices back to an SNMP manager. Which of the following SNMP options should you enable to ensure the data is transferred confidentially?

In SNMPv3, the authPriv option ensures that the communications are sent with authentication and privacy. This uses MD5 and SHA for authentication and DES and AES for privacy and encryption.

Which of the following technologies is not commonly used by a captive portal to perform user redirection?

In general, captive portals are implemented by using an HTTP redirect, an ICMP redirect, or a DNS redirect

Which media access control technology will listen to a cable to ensure there is no traffic being transmitted before sending its traffic but will implement a back-off timer if a collision does occur?

In networking technologies that use CSMA/CD as their access method, a device first listens to the network media to make sure there is no signal already present from another device before it tries to place its own signal on the media.

Your network relies on the use of ATM cells. At which layer of the OSI model do ATM cells operate?

In the data link layer (layer 2) of the OSI model, the basic unit of transfer is called a frame. In an ATM network, though, these frames are called cells and are of a fixed (53 octets or bytes) length that allows for faster switching of the cells across the network.

Which of the following utilizes a well-written set of carefully developed and tested scripts to orchestrate runbooks and generate consistent server builds across an enterprise?

Infrastructure as Code (IaC) is designed with the idea that a well-coded description of the server/network operating environment will produce consistent results across an enterprise and significantly reduce IT overhead costs through automation while precluding the existence of security vulnerabilities

Which of the following network performance metrics is used to represent variable delay experienced by a client when receiving packets from a sender

Jitter is a network condition that occurs when a time delay in the dsending of data packets over a network connection occurs.

What is true concerning jumbo frames?

Jumbo frames are Ethernet frames whose MTU is greater than 1500. To increase performance, you should use jumbo frames only when you have a dedicated network or VLAN, and you can configure an MTU of 9000 on all equipment. Because of this, jumbo frames are most commonly used in a storage area network (SAN).

Which of the following levels would a notice condition generate?

Level 5 is used for notice conditions and it means that the events are unusual, but they are not error conditions.

802.3ad

Link Aggregation Control Protocol (LACP)

Which of the following describes a design where traffic is shared between multiple network servers to provide greater throughput and reliability?

Load balancing is a technique used to spread work across multiple computers, network links, or other devices.

What describes an IPv6 address of ::1?

Loopback address

You are having lunch at a local restaurant which has free Wi-Fi for its customers. There is not a captive portal and there is no password needed to connect to the network, but the restaurant has an automated method of disconnecting users after 30 minutes. As you are eating your lunch, you notice that 30 minutes have passed, but you want to reconnect to the wireless network. Which of the following techniques would allow you to reconnect?

MAC spoofing is a technique for changing a factory-assigned Media Access Control (MAC) address of a network interface on a networked device. Public wireless networks can be configured to use MAC filtering to block access to devices once they reach a certain time limi

Which of the following needs to be configured to allow jumbo frames on a network?

MTU is the largest unit that can be transmitted across a network. If the MTU is set at a value above 1500, the network is configured to support jumbo frames

A technician installs a new piece of hardware and now needs to add the device to the network management tool database. However, when adding the device to the tool using SNMP credentials, the tool cannot successfully interpret the results. Which of the following needs to be added to allow the network management tool to interpret the new device and control it using SNMP?

Management Information Base (MIB) is used for managing all entities on a network using Simple Network Management Protocol. It would allow the tool to interpret the information received correctly.

MIB

Management Information Base. An SNMP manager

A technician is tasked with troubleshooting a network's slowness. While troubleshooting, the technician is unable to ping any external websites. Users report they can access the sites using the web browsers. What is the MOST likely cause of the failed pings?

Many companies block ICMP at the firewall, causing ping to fail since it relies on ICMP. If the user can access the site in the web browser but cannot when using ping, then ICMP is most likely being blocked by the firewall.

You have just finished installing a new web application and need to connect it to your Microsoft SQL database server. Which port must be allowed to enable communications through your firewall between the web application and your database server?

Microsoft SQL uses ports 1433, and is a proprietary relational database management system developed by Microsoft that is fully compatible with the structured query language (SQL).

Which of the following is often used to allow one node to communicate with many other nodes, such as in DMVPN connections?

Multipoint GRE (mGRE) is a protocol that can be used to enable one node to communicate with many nodes by encapsulating layer 3 protocols to create tunnels over another network.

Which type of wireless technology are OFDM, QAM, and QPSK examples of?

Modulation is the process of varying one or more properties of a periodic waveform, called the carrier signal, with a separate signal called the modulation signal that typically contains information to be transmitted. WiFi can use different digital modulation schemes for data transmission. Common types of modulation include Orthogonal frequency-division multiplexing (OFDM), Quadrature Amplitude Modulation (QAM), and Quadrature Phase-shift keying (PSK)

An employee at Dion Training reports that half of the marketing department is currently unable to access any network resources. A network technician determines that the switch has failed and needs replacement. Which of the following is required so that the technician can replace the switch and regain connectivity quickly?

Most large enterprise networks will use the same models of switches across much of the network. This allows them to keep spare switches on-site to use as replacements if a production switch fails. By maintaining a configuration backup of each production switch, it allows a network technician to remove the fault switch, install the new switch, and reload the configuration backup to the new switch.

MPLS

Multi-Protocol Label Switching. a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses, thus avoiding complex lookups in a routing table and speeding traffic flows.

You have been asked to troubleshoot a router which uses label-switching and label-edge routers to forward traffic. Which of the following types of protocols should you be familiar with to troubleshoot this device?

Multi-protocol label switching (MPLS) is a mechanism used within computer network infrastructures to speed up the time it takes a data packet to flow from one node to another. The label-based switching mechanism enables the network packets to flow on any protocol.

Which of the following wireless technologies use MU-MIMO on non-overlapping channels to increase the wireless network's bandwidth

Multi-user, multiple-input, multiple-output technology (MU-MIMO) allows a wireless access point to communicate with multiple devices simultaneously to decrease the time each device has to wait for a signal and dramatically speeds up the entire wireless network. The 802.11ac standard introduced MU-MIMO support on non-overlapping channels to increase the bandwidth available for the wireless network. The older 802.11n utilized MIMO.

homas has a server that streams media to the local network, and the device is currently visible on the network. All of the workstations on the LAN can ping the device, and all the firewalls are currently turned off. The goal is for the streaming media server to allow different workstations to watch the stream if they choose to subscribe to it. The streaming device appears to be functioning properly, but the media won't stream when requested. Which of the following TCP/IP technologies is MOST likely not implemented properly

Multicast is a TCP/IP technology that sends out the packets to the requested devices when streaming to multiple workstations from a single streaming media server. As opposed to broadcast (one-to-all), which sends out packets to all devices, multicast (one-to-many-of-many/many-to-many-of-many) only sends packets to the clients that specifically requested to be a part of the distribution and not just every client on the network.

Difference in NAT and PAT

NAT= private to public PAT = Private to single public and segregatted by port numbers

Which protocol is used for the synchronization of clocks between different computer systems over a packet-switched, variable-latency data network?

NTP is a networking protocol that is used for the synchronization of clocks between different computer systems that communicate over a packet-switched, variable-latency data network.

You are assisting a member of Dion Training's security team during an incident response. The team member asks you to determine if any strange TCP connections are occurring on a given workstation. You open the command prompt on the workstation. Which of the following tools would provide you with information on any TCP connections currently established on the workstation?

Netstat (network statistics) is a command-line network utility tool that displays network connections for the Transmission Control Protocol (incoming and outgoing), routing tables, and several network interface and network protocol statistics. It is useful when determining if a workstation is attempting outbound connections due to malware (beaconing activity) or has ports open and listening for inbound connections.

You received an incident response report indicating a piece of malware was introduced into the company's network through a remote workstation connected to the company's servers over a VPN connection. Which of the following controls should be applied to prevent this type of incident from occurring again?

Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology (such as anti-virus, host intrusion prevention, and vulnerability assessment), user or system authentication, and network security enforcement. When a remote workstation connects to the network, NAC will place it into a segmented portion of the network (sandbox), scan it for malware and validate its security controls, and then based on the results of those scans, either connect it to the company's networks or place the workstation into a separate quarantined portion of the network for further remediation.

Granular trap

Sent trap messages get a unique OID to distinguish each message as a unique message being received.

Dion Training utilizes a wired network throughout the building to provide network connectivity. Jason is concerned that a visitor might plug their laptop into a CAT 5e wall jack in the lobby and access the corporate network. What technology should be utilized to prevent users from gaining access to network resources if they can plug their laptops into the network?

Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology, the user or system authentication, and network security enforcement. NAC restricts the data that each particular user can access and implements anti-threat applications such as firewalls, anti-virus software, and spyware detection programs.

Dion Training wants to implement a technology that will automatically test any wireless device that connects to their network before allowing the device full access to the corporate network and its resources. Which of the following should be implemented?

Network Access Control is an approach to computer security that attempts to unify endpoint security technology, user or system authentication, and network security enforcement. Effective network access control restricts access to only those devices that are authorized and compliant with security policies, meaning they have all the required security patches and anti-intrusion software. When a device connects to the network, it is placed into a automated testing area. If it passes the compliance testing, it is placed into the full corporate network. If it fails the compliance testing, it is placed into quarantine where it remains until it has been remediated or upgraded to meet the compliance requirements.

Which of the following technologies could be used to ensure that users who log in to a network are physically in the same building as the network they are attempting to authenticate on? (SELECT TWO)

Network Access Control is used to identify an endpoint's characteristics when conducting network authentication. The GPS location of the device will provide the longitude and latitude of the user, which could be compared against the GPS coordinates of the building. Port security enables an administrator to configure individual switch ports to allow only a specified number of source MAC addresses to communicate using a given switchport. This would not help to locate the individual based on their location, though. Geo-IP, or geolocation and country lookup of a host based on its IP address, would identify the country of origin of the user, but not whether they are within the building's confines. Geo-IP is also easily tricked if the user logs in over a VPN connection.

Your company's security policy states that its workstations must hide their internal IP addresses whenever they make a network request across the WAN. You have been asked to recommend a technology that would BEST implement this policy. Which of the following is the BEST solution for you to recommend

Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. Using NAT, you can have the internal IP address of each workstation mapped to a public IP address or port when it crosses the router to access the WAN.

A client reports that half of the office is unable to access a shared printer on the network. Which of the following should the network technician use to troubleshoot the issue?

Network diagram is a visual representation of a computer network.

Which of the following tools would allow you to detect running services, applications, or operating systems on the network's clients, servers, or devices by sending specifically crafted packets to them and analyzing their responses?

Nmap, or Network Mapper, is a cross-platform, open-source tool used to scan IP addresses and ports on a target network, and to detect running services, applications, or operating systems on that network's clients, servers, and devices.

What are the severity levels?

OBJ 3.1

A network administrator is tasked with building a wireless network in a new building located next door to your company's office building. The wireless clients should not be able to communicate with other wireless clients but should be able to communicate with any wired users on the network. The users must be able to seamlessly migrate between the buildings while maintaining a constant connection to the LAN. How should the administrator configure the new wireless network in this new building?

OBJ-2.4: For users to be able to seamlessly migrate between the two buildings, both Access Points (AP) must use the same SSIDs. To prevent frequency interference, though, each device needs to select a different and non-overlapping channel to utilize. Finally, the AP isolation should be enabled. Access Point (AP) isolation is a technique for preventing mobile devices connected to an AP from communicating directly with each other.

Dion Training is considering moving its headquarters and data center to Florida, but they are worried about hurricanes disrupting their business operations. To mitigate this risk, Dion Training has signed a contract with a vendor located in a different state to provide hardware, software, and the procedures necessary for the company to recover quickly in the case of a catastrophic event, like a hurricane causing a power loss for up to 10 days. As the owner, Jason is a little concerned that this contract isn't sufficient to mitigate enough of the risk since it only provides a solution for the first 10 days. Jason wonders, "what will we do if a major outage occurs, and our offices are not able to be used for 6-12 months?" Jason has hired you to help develop Dion Training's long-term strategy for recovering from such an event. What type of plan should you create?

OBJ-3.2: A business continuity plan (BCP) is a plan to help ensure that business processes can continue during a time of emergency or disaster.

What is considered a classless routing protocol?

OSPF is known as a classless protocol. Classless routing protocols are those protocols that include the subnet mask information when the routing tables or updates are exchanged.. RIPv2 and ISIS are also

Your company has just gotten a new OC-12 installed to support your datacenter. The telecommunications provider has installed the connection from their main offices to your demarcation point. You connect the OC-12 to your network, but you are noticing many dropped packets and errors. You suspect this may be a layer 1 issue. Which of the following tools can you use to help identify the source of the issue on this connection?

OTDR

Your company is experiencing slow network speeds of about 54Mbps on their wireless network. You have been asked to perform an assessment of the existing wireless network and recommend a solution. You have recommended that the company upgrade to an 802.11n or 802.11ac wireless infrastructure to obtain higher network speeds. Which of the following technologies allows an 802.11n or 802.11ac network to achieve a speed greater than 54 Mbps?

One way 802.11n and 802.11ac networks achieve superior throughput and speeds by using multiple-input multiple-output (MIMO) and multi-user MIMO (MU-MIMO), respectively. MIMO uses multiple antennas for transmission and reception, which results in higher speeds than 802.11a and 802.11g networks, which can only support up to 54 Mbps of throughput.

n organization has hired you to upgrade its wired computer network. The network currently uses static routing for the internal network, but the organization wants to reconfigure it to use a dynamic routing protocol. The new dynamic routing protocol must support both IPv4 and VLSM. Based on the requirements provided, which of the following routing protocols should you enable and configure?

Only OSPF supports IPv4 and VLSM (Variable Length Subnet Mask) from the options provided in this question. Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol (IGP)

What is OSPF?

Open Shortest Path First (OSPF) is a layer 3 link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm

OSPF

Open Shortest Path First; Link-state routing protocol. Based on link speed and not hop count

Which of the following WAN technologies would MOST likely be used to connect several remote branches that have no fiber, microwave, or satellite connections available?

POTS (Plain Old Telephone System) is connected to almost every facility in the United States. DSL and dial-up services can be received over POTS.

Which of the following cloud services should an organization choose to develop a new iPhone app without having to configure and set up its own development environment?

PaaS

A system administrator wants to verify that external IP addresses cannot collect software versioning from servers on the network. Which of the following should the system administrator do to confirm the network is protected?

Packet captures contain every packet that is sent and received by the network. By using a program like Wireshark to analyze the packet captures, you can see what kind of information and metadata is contained within the packets.

Which of the following would NOT be useful in defending against a zero-day threat?

Patching

PPP

Point-to-Point Protocol

PPTP

Point-to-Point Tunneling Protocol. Obsolete method for implementing VPN

A network technician must allow HTTP traffic from the Internet over port 80 to an internal server running HTTP over port 81. Which of the following is this an example of?

Port forwarding is an application of network address translation (NAT) that redirects a communication request from one address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall.

You are working as a network administrator and are worried about the possibility of an insider threat. You want to enable a security feature that would remember the Layer 2 address first connected to a particular switch port to prevent someone from unplugging a workstation from the switch port and connecting their laptop to that same switch port. Which of the following security features would BEST accomplish this goal?

Port security, also known as persistent MAC learning or Sticky MAC, is a security feature that enables an interface to retain dynamically learned MAC addresses when the switch is restarted or if the interface goes down and is brought back online. This is a security feature that can be used to prevent someone from unplugging their office computer and connecting their laptop to the network jack without permission since the switch port connected to that network jack would only allow the computer with the original MAC address to gain connectivity.

Which of the following IEEE specifications describes the use of power over ethernet (POE)?

Power over Ethernet (POE) is a technology that lets network cables carry electrical power. POE is defined in the IEEE 802.3af.

At which of the following OSI layer does QoS operate?

Quality of Service (QoS) occurs at both Layer 2 and Layer 3 of the OSI Model.

The corporate network uses a centralized server to manage credentials for all of its network devices. What type of server is MOST likely being used in this configuration?

RADIUS is used to manage credentials for network devices centrally. Remote Authentication Dial-In User Service is a networking protocol that provides centralized authentication, authorization, and accounting management for users who connect and use a network service

Which of the following remote access protocols should you use to connect to a Windows 2019 server and control it with your mouse and keyboard from your workstation?

RDP

A network engineer has been tasked with designing a network for a new branch office with approximately 50 network devices. This branch office will connect to the other offices via a MAN and using a router as their gateway device. Many of the other branch offices use off-the-shelf SOHO equipment. It is a requirement that the routing protocol chosen use the least amount of overhead. Additionally, all the computers on the network will be part of a single VLAN. The connection between these computers should produce the highest throughput possible in the most cost-effective manner. Which routing protocol should be used with the gateway router and what device should you select to connect the computers within the branch office?

RIPv2 is a classless, distance vector routing protocol that will include the subnet mask with the network addresses in its routing updates. RIPv2 has the least overhead of the four routing protocol options presented in this question.

An administrator notices an unused cable behind a cabinet that is terminated with a DB-9 connector. What protocol is likely to be used with this cable?

RS-232 is a standard for serial communication transmission of data. It formally defines the signals connecting a DTE (data terminal equipment) such as a computer terminal and a DCE (data circuit-terminating equipment or data communication equipment). A DB-9 connector is often found on a rollover or console cable and is used to connect a router to a laptop using the RS-232 serial transmission protocol for configuring a network device.

A network technician at a warehouse must implement a solution that will allow a company to track shipments as they enter and leave the facility. The warehouse workers must scan each package as it enters the warehouse using a sensor. Which of the following technologies should they utilize to meet these requirements?

Radio-frequency identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. The warehouse could utilize RFID to allow for the accurate scanning of items using radio frequency tracking tags and sending data of up to 2 KB to a sensor at rapid speeds

A company is setting up a brand new server room and would like to keep the cabling infrastructure out of sight but still accessible to the network administrators. Infrastructure cost is not an issue. Which of the following should be installed to meet the requirements?

Raised floor

Which of the following is a security concern with using a cloud service provider and could result in a data breach caused by data remnants?

Rapid elasticity can be a security threat to your organization's data due to data remanences. Data remanence is the residual representation of digital data that remains even after attempts have been made to remove or erase it. So, when a cloud resource is deprovisioned and returned to the cloud service provider, it can be issued to another organization for use.

What does east-west traffic symobolize?

Refers to data flow between various servers in a data center

RAS

Remote access server

A network architect is designing a highly redundant network with a distance vector routing protocol to prevent routing loops. The architect wants to configure the routers to advertise failed routes with the addition of an infinite metric. What should the architect configure to achieve this?

Route poisoning is a method to prevent a router from sending packets through a route that has become invalid within computer networks. This is achieved by changing the route's metric to a value that exceeds the maximum allowable hop count so that the route is advertised as unreachable.

Which of the following network devices is used to separate broadcast domains?

Router

Lynne is a home user who would like to share music throughout the computers in her house using an external USB hard drive connected to a router that she purchased over a year ago. The manufacturer states that the router can recognize drives up to 4TB in size, but she cannot get her 3TB hard drive to show up on the network. Which of the following should Lynne do to solve this issue?

Routers can be updated by conducting a firmware flash. This is similar to upgrading or patching your computer's operating system or even updating a device driver. By flashing the firmware, it can provide the ability to communicate with newer devices and remove known software vulnerabilities from the device.

What happens when convergence on a routed network occurs?

Routers exchange routing topology information with each other by using a routing protocol. When all routers have exchanged routing information with all other routers within a network, the routers have converged. In other words: In a converged network, all routers "agree" on what the network topology looks like.

Today, your company's network started to experience network connectivity issues for various workstations around the company. As you begin troubleshooting, you identify that all the workstations receive their connectivity from a single switch on the 3rd floor of the office building. You start searching the 3rd floor for the cause of this issue and find a small wired router plugged into a network jack in the sales manager's office. From this small wired router, he has connected his workstation and a small Smart TV to watch Netflix while working. You question the sales manager about when he brought in the new router. He states that he just hooked it up this morning. What type of issue did the sales manager accidentally introduced into the network by installing the router?

Routers usually contain their own DHCP servers. When the sales manager installed the wired router, he inadvertently introduced a secondary DHCP server into the network.

THink what when thinkin split horozon?

Routing loops

A network administrator has determined that the ingress and egress traffic of a router's interface are not correctly reported to the monitoring server. Which of the following can be used to determine if the router interface uses 64 bit versus 32-bit counters?

SNMP Walk can be used to determine if the counter is using 32 bits or 64 bits by querying the OID of the endpoint (router interface).

Verbose

SNMP traps may be configured to contain all the information about a given alert or event as a payload. Uses more resuoures

Port 1521

SQLnet

After installing some new switches in your network, you notice that a switching loop has begun to occur. You contact the manufacturer's technical support for your switches and they recommended that you enable 802.1d. Which of the following BEST represents why the manufacturer suggested this?

STP uses BPDU to detect loops in networks

What is RADIUS?

Same as TACACS+ but cicco didnt develop it

You just heard of a new ransomware attack that has been rapidly spreading across the internet that takes advantage of a vulnerability in the Windows SMB protocol. To protect your network until Microsoft releases a security update, you want to block the port for SMB at your firewall to prevent becoming a victim of this attack. Which of the following ports should you add to your blocklist?

Server Message Block (SMB) uses ports 139 and 445, and is a network file sharing protocol that runs on top of the NetBIOS architecture in Windows environments.

Last night, your company's system administrators conducted a server upgrade. This morning, several users are having issues accessing the company's shared drive on the network. You have been asked to troubleshoot the problem. What document should you look at first to create a probable theory for the cause of the issue?

Since everything worked before the server upgrade and doesn't now, it would be a good idea to first look at the change management documentation that authorized the change/upgrade.

A company needs to implement stronger authentication by adding an authentication factor to its wireless system. The wireless system only supports WPA with pre-shared keys, but the backend authentication system supports EAP and TTLS. What should the network administrator implement?

Since the backend uses a RADIUS server for back-end authentication, the network administrator can install 802.1x using EAP with MSCHAPv2 for authentication

Dion Training has begun to notice slow response times from their internal network file server to workstations on their local area network. After adding several new employees and workstations, the network administrator determined that the server is experiencing requests for up to 2 Gbps of simultaneous data transfer which has resulted in congestion at the server's NIC. Which of the following actions should the network administrator implement to remove this performance bottleneck?

Since the bottleneck has been identified as the server's NIC card, a second network interface card (NIC) should be installed, NIC teaming should be implemented, and 802.3ad (LACP) should be configured on the switch

Your company has two office buildings which are connected via a copper network cable that is buried underground. There is some construction being performed near the buildings. Now, the second building discovers they have suffered a network outage that doesn't appear to be temporary. What is the MOST likely cause of the outage?

Since the issue started after construction began, it is most likely that the construction crew broke the cable during digging operations. This can cause an open circuit or short circuit, depending on how the cable was cut or broken by the construction workers. This can be verified using a Time-Domain Reflectometer to determine exactly where in the cable the break has occurred. Once the location is identified, the cable can be repaired or spliced to return it to normal operations.

A small real estate office has about 15 workstations and would like to use DHCP to assign classful IP addresses to each workstation. The subnet only has one octet for the host portion of each device. Which of the following IP addresses could be assigned as the default gateway?

Since the question wants a classful IP addressing scheme to be assigned to devices, and only one octet being available for the host portion, it would need to be a Class C address. The only Class C address to choose from is 192.168.0.1 based on the options provided. The IP 10.0.0.1 is a Class A address. The IP 172.16.0.1 is a Class B address. The IP 169.254.0.01 is an APIPA (reserved) address. A non-routable IP address (in this case 192.168.0.1), also known as a private IP address, is not assigned to any organization and does not need to be assigned by an Internet Service Provider. Therefore, the 192.168.0.1 could be assigned to the outside local IP address of the router in a Network Address Translation based network.

You have just received an email regarding a security issue detected on the company's standard web browser. Which of the following should you do to fix the issue?

Since there is a security issue with the current web browser, it most likely needs to be updated with a manufacturer's vulnerability patch. A vulnerability patch is a piece of software that fixes security issues

Which of the following types of traffic flows describes network traffic that is entering your datacenter through the firewall or router?

South

STP

Spanning Tree Protocol. Protocol enabled on most switches that protects against switching loops. A switching loop can be caused if two ports of a switch are connected together, such as those caused when two ports of a switch are connected together.

Spine-Leaf Architecture

Spine- core leaf- access switches faster than three tiered

Tim, a network administrator, is configuring a test lab that consists of three routers using RIP for dynamic routing. He connects the routers in a full mesh topology. When he attempts to ping Router 1 from Router 3 using its IP address, he receives a "Destination Unreachable" error message. Which of the following is the most likely reason for the connectivity error?

Split horizon is a method used by distance vector protocols to prevent network routing loops. With split horizon, if a router receives routing information from another router, the first router will not broadcast that information back to the second router, thus preventing routing loops from occurring. If it is misconfigured, the routers could suffer a routing loop which would produce the error message received when trying to communicate with each other.

What is TACACS+?

TACACS+ is a Cisco Proprietary protocol that enables AAA. Uses TCP port 49 for communication.

Which of the following encryption types was used by WPA to better secure wireless networks than WEP?

TKIP

You are connecting a new IPv6 device to your network, but your routers only support IPv4 protocols. Which of the following IP addressing solutions would solve this challenge?

Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts that are on the IPv4 Internet but have no native connection to an IPv6 network.

Which of the following commands is used to display the statistics for a given switchport on a Cisco switch?

The "show interface" command is used on a Cisco networking device to display the statistics for a given network interface.

You just started work as a network technician at Dion Training. You have been asked to determine if Ethernet0/0 is currently connected using OSPF or EIGRP on one of the network devices. Which of the following commands should you enter within the command line interface?

The "show route" command is used on a Cisco networking device to display the current state of the routing table for a given network device. To determine if Ethernet0/0 is connected using OSPF or EIGRP, you would need to use the "show route" command to display the current status. The "show configuration" command is used on a Cisco networking device to display the device's current configuration.

You are setting up uplink ports for multiple switches to communicate with one another. All of the VLANs should communicate from the designated server switch. Which of the following should be set on the trunk ports if VLAN 1 is not the management VLAN?

The 801.q standard is used to define VLAN tagging (or port tagging) for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames. Traffic should be properly tagged when combined over a single trunk port to ensure they are not sent to the wrong VLAN by mistake. If VLAN tagging is not enabled, all of the VLAN traffic will be sent to the native or default VLAN, VLAN 1. By default, VLAN 1 is enabled and all unused ports are assigned to it.

A network technician wants to centrally manage the switches and segment the switches into separate broadcast domains. The Dion Training network is currently using VLAN 1 for all of its devices and uses a single private IP address range with a 24-bit mask. Their supervisor wants VLAN 100 to be the management subnet and all of the switches must share VLAN information. Which of the following should the technician configure to meet these requirements?

The 801.q standard is used to define VLAN tagging (or port tagging) for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames. Traffic should be properly tagged when combined over a single trunk port to ensure they are not sent to the wrong VLAN by mistake. If VLAN tagging is not enabled, all of the VLAN traffic will be sent to the native or default VLAN, VLAN 1. By default, VLAN 1 is enabled and all unused ports are assigned to it. VLSM stands for Variable Length Subnet Mask where the subnet design uses more than one mask in the same network which means more than one mask is used for different subnets of a single class A, B, or C network.

Which type of wireless network utilizes the 5 GHz frequency band and reaches speeds of up to 54 Mbps?

The 802.11a (Wireless A) standard utilizes a 5 GHz frequency to provide wireless networking at speeds up to 54 Mbps.

Your company is currently using a 5 GHz wireless security system, so your boss has asked you to install a 2.4 GHz wireless network to use for the company's computer network to prevent interference. Which of the following can NOT be installed to provide a 2.4 GHz wireless network?

The 802.11ac (Wireless AC or Wi-Fi 5) standard utilizes a 5 GHz frequency to provide wireless networking at theoretical speeds up to 5.5 Gbps

Tamera just purchased a Wi-Fi-enabled Nest Thermostat for her home. She has hired you to install it, but she is worried about a hacker breaking into the thermostat since it is an IoT device. Which of the following is the BEST thing to do to mitigate Tamera's security concerns? (Select TWO)

The BEST options are to configure the thermostat to use the WPA2 encryption standard (if supported) and place any Internet of Things (IoT) devices into a DMZ/screened subnet to segregate them from the production network

Mark is setting up a DHCP server on a segment of the corporate LAN. Which of the following options is NOT required in the DHCP scope to allow hosts on that LAN segment to be assigned a dynamic IP address and still be able to access the Internet and internal company servers?

The DHCP must provide an IP address, subnet mask, default gateway, and DNS server to each client to effectively access the Internet. Using DHCP reservations is not required to be configured to meet the requirements provided in the question.

While troubleshooting, a technician notices that some clients using FTP still work and that pings to the local routers and servers are working. The technician tries to ping all known nodes on the network, and they reply positively, except for one of the servers. The technician notices that ping works only when the hostname is used but not when FQDN is used. What server is MOST likely offline?

The DNS Server translates Fully Qualified Domain Names (FQDN) to IP addresses. The Domain Name System (DNS) uses port 53 and is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network

A technician is attempting to resolve an issue with users on the network who cannot access websites like DionTraining.com and Google.com. The technician can ping their default gateway, DNS servers, and the website using its IP address successfully. The technician tries to use the command "ping diontraining.com" and receives an error message stating "Ping request could not find host diontraining.com." Which of the following actions should the technician attempt next to resolve this issue?

The Domain Name System (DNS) uses port 53 and is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network.

A technician just completed a new external website and set up an access control list on the firewall. After some testing, only users outside the internal network can access the site. The website responds to a ping from the internal network and resolves the proper public address. What can the technician do to fix this issue while causing internal users to route to the website using its internal IP address?

The Domain Name System (DNS) uses port 53 and is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. Split Domain Name System (Split DNS) is an implementation in which separate DNS servers are provided for security and privacy management for internal and external networks. This can provide a security and privacy management mechanism by logical or physical separation of DNS information for network-internal access and access from an insecure, public network like the Internet. Under this configuration, there are two sets of DNS information, and the results are provided based upon the source address of the requester (internal or external).

802.1q

The IEEE standardized protocol for VLAN trunking.

An organization wants to choose an authentication protocol that can be used over an insecure network without implementing additional encryption services. Which of the following protocols should they choose?

The Kerberos protocol is designed to send data over insecure networks while using strong encryption to protect the information.

The network administrator is troubleshooting the switchports for a file server with dual NICs. The file server needs to be configured for redundancy, and the dual NICs need to be combined for maximum throughput. What feature on the switch should the network administrator ensure is enabled for best results?

The Link Aggregation Control Protocol (LACP) is the 802.3ad protocol is used to group numerous physical ports to make one high bandwidth path. This method can increase bandwidth and therefore, throughput. LACP can also provide network redundancy and load balancing.

A network administrator wants to increase the speed and fault tolerance of a connection between two network switches. To achieve this, which protocol should the administrator use

The Link Aggregation Control Protocol (LACP) provides a method to control the bonding of several physical ports to form a single logical channel.

Which of the following components is used to describe the structure of a device subsystem using a hierarchical namespace containing all of the variables that may be set or read using SNMP?

The Simple Network Management Protocol (SNMP) uses ports 161 and 162, and it is a networking protocol used for the management and monitoring of network-connected devices in Internet Protocol networks. The management information base (MIB) is a translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID).

Sahra connects a pair of switches using redundant links. When she checks the link status of the two ports, one of them is not active. She changes the inactive link to another switchport, but the second link still remains inactive. What MOST likely is causing the second link to become disabled?

The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. If STP detects a switching loop being created by the redundant connection, it will disable the switchport automatically.

Which of the following protocols are designed to avoid loops on a Layer 2 network?

The Spanning Tree Protocol is part of the 802.1d standard and avoids loops in the switching network (layer 2).

An administrator has configured a new 250 Mbps WAN circuit, but a bandwidth speed test shows poor performance when downloading larger files. The download initially reaches close to 250 Mbps but begins to drop and show spikes in the download speeds over time. The administrator checks the interface on the router and sees the following: DIONRTR01# show interface eth 1/1 GigabitEthernet 1/1 is up, line is up Hardware is GigabitEthernet, address is 000F.33CC.F13A Configured speed auto, actual 1Gbit, configured duplex fdx, actual fdx Member of L2 VLAN 1, port is untagged, port state is forwarding Which of the following actions should be taken to improve the network performance for this WAN connection?

The WAN interface (eth 1/1) is currently untagged and is being assigned to the default VLAN (VLAN 1). If there are numerous devices in the default VLAN, the VLAN may be overloaded or oversubscribed leading to a reduction in the network performance.

Which of the following layers within software-defined networking focuses on resource requests or information about the network?

The application layer focuses on the communication resource requests or information about the network. The control layer uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to.

Which of the following tools allows you to view and modify the layer 2 to layer 3 address bindings?

The arp command is used to view and modify the local address resolution protocol (ARP) cache of a device, which contains recently resolved MAC addresses of IP hosts on the network.

An additional network segment is urgently needed for QA testing on the external network. A software release could be impacted if this change is not immediate. The request comes directly from management and was just approved through the emergency change management process. Which of the following should the technician do?

The best answer is to make the change, document the requester, and document all the network changes. All changes to the enterprise network should be approved through the normal change management processes. If there is an urgent need, there is an emergency change management process that can be used for approval.

Which of the following layers within software-defined networking determines how to route a data packet on the network?

The control layer uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to.

Mathan has just purchased a domain name and created an A record to bind his domain name to an IP address. Which of the following tools should he use to verify the record was created properly? i

The dig command is used to query the domain name system (DNS) to obtain information about host addresses, mail exchanges, nameservers, and related information.

Damaris is troubleshooting a WINS connectivity issue on a Windows server. She wants to find out the name of the server she is working on. Which of the following commands should she utilize to display the NetBIOS name of the server?

The hostname command is used to view or change a computer's hostname and domain. On a Windows system, the hostname, computer name, and NetBIOS name are all the same

An administrator's router with multiple interfaces uses OSPF as its routing protocol. You have discovered that one of the router's interfaces is not passing traffic. You enter the "show interface eth 0/0" command at the CLI and receive the following output:

The key to answering this question is the first line of the output that states the line protocol is down. This means that the specified interface has been correctly configured and enabled, but the Ethernet cable might be disconnected from the switchport.

You have been contracted by Dion Training to conduct a penetration test against its learning management system (LMS). The LMS is a web application that is hosted in the organization's DMZ. Which of the following appliance allow lists should the organization add your source IP in before the engagement begins?

The learning management system (LMS) is a web application, therefore the source IP of the attacking workstation needs to be added to the web application firewall's allow list to prevent it from being blocked.

A technician added memory to a router, but the router refuses to recognize the new memory module. The router is then powered down, and the technician relocates all of the memory to different modules. On startup, the router does not boot and displays memory errors. Which of the following is the MOST likely cause of this issue?

The most likely cause is that the memory chips are faulty because they have suffered from electrostatic discharge (ESD) during the chips' installation and movement.

You have just installed a new switch in your company's network closet. The switch connects to your router using an SFP port on both the router and switch. Unfortunately, you only had a long cable available to make the connection, so after running the cable from the rack containing the switch to the other rack containing the router, you decide to coil up the excessive cable and use a zip tie to hold the coil to the side of the rack. You head back to your office, log into the switch over SSH, and check the log file. You notice that several messages indicate that the signal strength on the transmit portion of the SFP is registering as too weak. What is the BEST explanation for the cause of this error?

The most likely explanation for this issue is the coiled up the excess cable was wound too tightly and exceeded the bend radius for the cable. Bend radius is the measure of how sharply a cable can safely bend without causing damage by creating micro cracks on the glass fibers.

What anti-malware solution is installed as a dedicated on-premise appliance to scan all incoming traffic and prevent malware from being installed on any of your clients without requiring the installation of any software on your clients?

The network-based anti-malware can help prevent malware attacks by scanning all incoming data to prevent malware from being installed and infecting a computer.

Tamera is troubleshooting a mail server connectivity issue and needs to review the MX records for DionTraining.com. Which of the following tools should she utilize?

The nslookup command is used to query the domain name system (DNS) to obtain information about host addresses, mail exchanges, nameservers, and related information. The nslookup command has an interactive and non-interactive mode.

Degaussing

The process of removing or rearranging the magnetic field of a disk in order to render the data unrecoverable. Breaks the drive

Which of the following terms represents the maximum amount of data, as measured in time, that an organization is willing to lose during an outage?

The recovery point objective (RPO) is the interval of time that might pass during a disruption before the quantity of data lost during that period exceeds the Business Continuity Plan's maximum allowable threshold or tolerance

What do the different levels mean?

The severity levels range from zero to seven, with zero being the most severe and seven being the least severe. Level 0 is used for an emergency and is considered the most severe condition because the system has become unstable. Level 1 is used for an alert condition and means that there is a condition that should be corrected immediately. Level 2 is used for a critical condition, and it means that there is a failure in the system's primary application and it requires immediate attention. Level 3 is used for an error condition, and it means that something is happening to the system that is preventing the proper function. Level 4 is used for warning conditions and it may indicate that an error will occur if action is not taken soon. Level 5 is used for notice conditions and it means that the events are unusual, but they are not error conditions. Level 6 is used for information conditions and it is a normal operational message that requires no action. Level 7 is used for debugging conditions and is just information that is useful to developers as they are debugging their networks and applications

A technician installs three new switches to a company's infrastructure. The network technician notices that all the switchport lights at the front of each switch flash rapidly when powered on and connected. After about a minute, the switches return to normal operation. Additionally, there are rapidly flashing amber lights on the switches when they started up the next day. What is happening to the switches?

The switch port lights flashing is indicating that the switch is performing the spanning tree process. The Spanning Tree Protocol (STP) is responsible for identifying links in the network and shutting down the redundant ones, preventing possible network loops. To do so, all switches in the network exchange BPDU messages between them to agree upon the root bridge. When spanning tree protocol is enabled on a switch, the switchports will go through five port states: blocking, listening, learning, forwarding, and disabled to create a loop-free switching environment.

What state is the switchport with the LEAST desirable path placed by the spanning tree protocol when a switch has multiple paths to reach the root bridge? Listening Blocking (Correct) Learning Forwarding

The switchport will go into a blocking state when it receives a BPDU that indicates there is a better path to the root bridge and the switchport itself is not a root port or designated por

Students at Dion Training have been reporting extreme performance degradation across the network every Friday morning. Which of the following should the network technician review FIRST to identify the root cause of the network performance issues?

The technician should first review the utilization on the network during the time period where network performance issues are being experienced. This will then be compared to the average performance of the network throughout the rest of the week. In turn, this could be compared against the baseline.

A company is having a new T1 line installed. Which of the following does this connection MOST likely terminate?

The telecom company usually terminates the circuits at the Main Distribution Facility (MDF) at the demarcation point.

What would be used in an IP-based video conferencing deployment?

The term "codec" is a concatenation of "encoder" and "decoder." In video conferencing, a codec is a software (or can be hardware) that compresses (encodes) raw video data before it is transmitted over a network.

Your company has just installed a new web server that will allow inbound connections over port 80 from the internet while not accepting any connections from the internal network. You have been asked where to place the web server in the network architecture and configure the ACL rule to support the requirements. The current network architecture is segmented using a triple-homed firewall to create the following three zones: ZONE INTERFACE, IP address --------------------------------------- PUBLIC, eth0, 66.13.24.16/30 DMZ, eth1, 172.16.1.1/24 PRIVATE, eth2, 192.168.1.1/24 Based on the requirements and current network architecture above, where should you install the webserver and how should you configure it?

The web server should be placed into the DMZ, assigned an IP address in the 172.16.1.1/24 network, and create an inbound permit rule for port 80 in the ACL. Since the web server needs to be accessed from the internet (PUBLIC), you must configure the permit rule from eth0 (PUBLIC) to eth1 (DMZ). The web server should not be placed into the intranet (PRIVATE), since this will contain all our internal network clients and they should be blocked from accessing this web server according to the question. Most firewalls utilize an implicit deny policy, so all other ports from the eth0 will be blocked and all ports from eth2. If an implicit deny policy is not enabled, you can explicitly block those other ports using a deny rule within the ACLs.

Which of the following is a DNS record type?

There are several types of DNS records, including A, AAAA, CNAME, PTR, SVR, and TXT. PTR records are used for the Reverse DNS (Domain Name System) lookup.

A home user ran a bandwidth speed test from their laptop and receive the following results: Ping: 53ms Download speed: 33.3 Mbps Upload speed: 10.2 Mbps Which of the following is the best interpretation of these results?

This connection appears to be an asymmetric connection, like a cable modem or aDSL, since the download and upload speeds do not match. According to the bandwidth speed test results, the laptop received data at 33.3 Mbps when receiving the test file and uploaded the test file back to the server at a speed of 10.2 Mbps. The laptop had a latency of 53ms during the test, which is indicated by the ping test conducted as part of the bandwidth speed test.

A network technician receives the following alert from a network device: "High utilization threshold exceeded on gi1/0/24: current value 88%" What is being monitored to trigger the alarm?

This is an error message that indicates that the threshold of high utilization of network interface or port, in this case, interface gi1/0/24, has been exceeded. The message has been triggered on the interface link status since gi1/0 is a gigabit interface. Network devices can be configured with alarms that will send a message or alert when high utilization or low utilization past a given setpoint occurs. For example, it is common to set the high utilization setpoint to 70% and the low utilization setpoint to 30%.

Which of the following network performance metrics is used to represent the actual measure of how much data is successfully transferred from a source to a destination in a given amount of time?

Throughput

Kerberos is all about what?

Tickets

What is south traffic?

Traffic entering the data center from physcially outside the atacenter

What is north traffic?

Traffic exiting data center from physcially outside datacenter

What is used to define how much bandwidth can be used by various protocols on the network?

Traffic shaping, also known as packet shaping, is the manipulation and prioritization of network traffic to reduce the impact of heavy users or machines from affecting other users. Traffic shaping is used to optimize or guarantee performance, improve latency, or increase usable bandwidth for some kinds of packets by delaying other kinds.

South

Traffic that enters data center

North

Traffic that exits or leaves data center

While working as a security analyst, you have been asked to monitor the SIEM. You observed network traffic going from an external IP to an internal host's IP within your organization's network over port 443. Which of the following protocols would you expect to be in use?

Transport Layer Security (TLS) is used to secure web connections over port 443.

You need to connect your laptop to a router in order to add a static route. What type of cable would you use to connect to the router's console port?

Typically, a router or switch's console port is connected using a rollover cable, which has an RS-232 (DB-9) port on one side and an RJ-45 on the other. A rollover or console cable is a type of null-modem cable that is used to connect a computer terminal to a router's console port

Which of the following is used to provide emergency electrical power during a short outage or until a long-term solution can begin operations?

UPS

Which network element enables unified communication devices to connect to and traverse traffic onto the PSTN?

Unified Communications (UC) enables people to use different modes of communication, media, and devices to communicate with anyone, anywhere, anytime. To accomplish this, a UC gateway is needed

What are trap messages?

Unsolicited information send from client to manager

SNMPv1 and SNMPv2

Use a community string to give them access to the device as their security mechanism. Unsecure

Janet is a system administrator who is troubleshooting an issue with a DNS server. She notices that the security logs have filled up and must be cleared from the event viewer. She recalls this being a daily occurrence. Which of the following would BEST resolve this issue?

Using an event management tool will allow the administrator to clear the event logs and move them from the server to a centralized database if needed. This will prevent the logs from filling up on the server without having to delete them permanently from the logging environment.

An attacker is using double tagging to conduct a network exploit against your enterprise network. Which of the following types of attacks is being conducted?

VLAN Hopping is an attack where the attacker is able to send traffic from one VLAN into another by either double tagging the traffic or conducting switch spoofing

An attacker has configured their machine to report itself as a switch when connected to a wired network in an attempt to exploit your enterprise network. Which of the following types of attacks is being conducted?

VLAN Hopping is an attack where the attacker is able to send traffic from one VLAN into another by either double tagging the traffic or conducting switch spoofing.

VTP

VLAN Trunking Protocol; used to communicate VLAN configuration information among a group of switches.

Which of the following open-source remote access tools allows users to connect to their desktop remotely, see what is on their screen, and control it with their mouse and keyboard?

VNC

When using a Type 1 hypervisor virtualized environment, which of the following hardware types is necessary to connect the VMs to the corporate network?

Virtual NIC

What is an open source RDP?

Virtual network computing

A company has just installed a VoIP system on its network. Before the installation, all of the switches were replaced with layer 3 multilayer switches to allow for the VoIP devices to be placed on separate VLANs and have the packets routed accurately between them. What type of network segmentation technique is this an example of?

Voice over Internet Protocol (VoIP) performance optimization can help a business improve the quality of its video and audio communications over the Internet by decreasing the size of the broadcast domain through the creation of VLANs.

A network technician has just installed a new point-to-point 200-meter single-mode fiber link between two local routers within the Dion Training offices. The fiber has been connected to each router, but the interface fails to come up. The network technician has double-checked the interface configuration on both routers, both SFPs have been hard looped to confirm they are functioning, connectors on both ends of the links have been cleaned, and there is sufficient power. What is the MOST likely cause of the problem?

Wavelength mismatch occurs when two different transceivers are used at each end of the cable. For example, if one SFP uses a 1310nm transceiver and the other end uses a 850 nm transceiver, they will be unable to communicate properly and the link will remain down.

Throughput is the what?

What it actually doeds

Using the results provided, was the cable properly crimped or not?

When a short is detected, but the cable's full length is shown (3 ft), this indicates the cable was incorrectly crimped

You are trying to connect to a router using SSH to check its configuration. Your attempts to connect to the device over SSH keep failing. You ask another technician to verify that SSH is properly configured, enabled on the router, and allows access from all subnets. She attempts to connect to the router over SSH from her workstation and confirms all the settings are correct. Which of the following steps might you have missed in setting up your SSH client preventing you from connecting to the router?

When configuring your SSH connection, you must ensure that a key is established between your client and the server. If you never set up an SSH key, you will need to generate a new key to get SSH to connect properly

Which of the following BEST describes how a DHCP reservation works?

When the client requests an IP address by sending a message on the network to the DHCP server, the DHCP server will assign an IP from its DHCP scope to the client and reserve it based on its MAC address. DHCP reservations allow the DHCP server to pre-set an IP address to a specific client based on its MAC address. This ensures that the client will always get the same IP address from the DHCP server when it connects to the network.

S is not single means what?

When you see an s on something like 10gbase -sr it means its m,ultimode

Which of the following features is supported by Kerberos but not by RADIUS?

Whether you learned the in-depth details of each of these protocols during your studies or not, you should be able to answer this question by remembering that Kerberos is all about 'tickets.'

Jason wants to use his personal cell phone for work-related purposes. Because of his position, Jason has access to sensitive company data, which might be stored on his cell phone during its usage. The company is concerned about this but believes that it might be acceptable with the proper security controls in place. Which of the following should be done to protect both the company and Jason if they allow him to use his personal cell phone for work-related purposes?

While all four are good options, the BEST solution is to conduct real-time monitoring of the phone's activity since it is a technical control that could quickly identify an issue. The other options are all administrative controls (policies), which are useful but would not actually identify if the sensitive data was leaked from Jason's phone.

Which of the following should be implemented to allow wireless network access for clients in the lobby using a shared password as the key?

Wi-Fi Protected Access 2 Pre-Shared Key or WPA2-PSK is a system of encryption used to authenticate users on wireless local area networks using a shared password as the key.

A home user reports to a network technician that the Internet is slow when they attempt to use their smartphone or laptop with their Wi-Fi network. The network administrator logs into the admin area of the user's access point and discovers that multiple unknown devices are connected to it. What is MOST likely the cause of this issue?

Wi-Fi Protected Setup (WPS) allows users to configure a wireless network without typing in the passphrase. Instead, users can configure devices by pressing buttons or by entering a short personal identification number (PIN). Unfortunately, WPS is fairly easy to hack and unknown devices can then connect to your network without permission. This is the most likely cause of the issue described in the question

WPS

Wi-Fi Protected Setup. A method that allows users to easily configure a wireless network, often by using only a PIN. WPS brute force attacks can discover the PIN.

A network technician at a warehouse must implement a solution that will allow a company to track shipments as they enter and leave the facility. The warehouse workers must scan and concurrently upload large images of items to a centralized server. Which of the following technologies should they utilize to meet these requirements?

Wi-Fi is the best solution to meet this organization's needs. 802.11ac is a very fast high-speed Wi-Fi network capable of 1 Gbps speeds over a 5 GHz spectrum and is perfect for uploading large image files quickly over a wireless local area network.

Which of the following wireless standards should you implement if the existing wireless network only allows for three non-overlapping channels, and you need additional non-overlapping channels to prevent interference with neighboring businesses in your office building?

Wireless B and G only support 3 non-overlapping channels (1, 6, 11). Wireless N and Wireless AC supports the 5 GHz spectrum, which provides 24 non-overlapping channels.

You have just replaced a faulty Ethernet cable in a patch panel. Within a few minutes, you find out that users are experiencing slow or no Internet connectivity all over the building. A broadcast storm has begun to occur. After removing the replacement cable, which of the following should you do NEXT?

You most likely have plugged the new cable into the wrong port on the patch panel. By reviewing the documentation and labeling, you might see the domain architecture, the strength of user connections, and the relationships in those connections, thereby making it easy to reassign the patch cables corrected. Something has likely been mislabeled, and the replacement of the patch cable was plugged into the wrong port and caused a loop.

You are working as a wireless networking technician and have been sent to a user's home to install a brand new 802.11ac wireless access point to replace their old access point. To ensure all of the current devices on the network will automatically connect to the new network, you set the SSID, encryption type, and password to the same ones as the existing access point. You turn the new access point on and notice most of the devices connect automatically, but one older wireless printer won't connect. You notice that the printer is about 7 years old, but the user says it has always worked great over the old wireless network. What is the MOST likely reason that the printer will not connect to the new access point?

Wireless B/G networks utilize 2.4 GHz, while Wireless AC uses 5.0 GHz. Wireless N can support both 2.4 GHz and 5.0 GHz frequencies. The most likely cause of the issue is that the older access point supported both 2.4 GHz (for older devices) and 5.0 GHz (for newer devices). Since you installed a brand new 802.11ac access point, it is only broadcasting at 5.0 GHz and is preventing the older printer from connecting due to a frequency mismatch.

Which of the following types of network documentation would include labels to indicate which cables are connected to which switchports on an edge switch?

Wiring diagrams are used to clearly label which cables are connected to which ports. The more in-depth wiring diagrams will include a floorplan or rack diagram, so you can see how the cables are run in the physical environment.

A wireless technician wants to configure a wireless network to identify itself to visitors by including the word "Guest" in the name. This wireless network needs to provide coverage to the entire building and requires 3 wireless access points to accomplish this coverage level. What would allow users to identify the wireless network by its displayed name as a single network?

With an ESSID (Extended Service Set), a wireless network can utilize multiple wireless access points to broadcast a single network name for access by the clients. A BSSID (Basic Service Set) can only utilize a single access point in each wireless network.

Which of the following must be added to a VLAN's gateway to improve the security of the VLAN?

Without a properly configured ACL, there is no additional security provided by a VLAN. A VLAN (virtual local area network) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2)

Students at Dion Training are working on a networking lab that requires a single switch to be remotely accessed by many students simultaneously. The instructor verifies that the switch can be accessed using the console, but the switch is only letting one student log in to the device at a time. Which of the following configurations should the instructor implement to fix this issue?

You can set a limit of how many virtual terminals can simultaneously remotely connect to a switch. The issue in this scenario is that the switch is configured to a maximum of one virtual terminal, so only one student can access the switch at a time. When a student connects to a switch or router using ssh or telnet, it requires a virtual terminal connection. The default virtual terminal limit is 32 on Cisco devices, but you can configure it to allow between 1 and 64 simultaneous connections. To connect to a virtual terminal, you would utilize a terminal emulator.

Your company has several small branch offices around the country, but you work as a network administrator at the centralized headquarters building. You need the capability of being able to remotely access any of the remote site's routers to configure them without having to fly to each location in person. Your company's CIO is worried that allowing remote access could allow an attacker to gain administrative access to the company's network devices. Which of the following is the MOST secure way to prevent this from occurring while still allowing you to access the devices remotely?

You should create an out-of-band management network and use an SSH (console) connection to reach the routers.

ou typed IPCONFIG at the command prompt and find out your IP is 192.168.1.24. You then go to Google.com and search for "what is my IP," and it returns a value of 35.25.52.11. How do you explain why your computer has two different IP addresses?

Your computer network uses a private IP address for machines within the network and assigns a public IP address for traffic being routed over the network using either NAT or PAT. Most small office home office (SOHO) networks utilize a single public IP for all of their devices and use a technique known as PAT to associate the public IP with each internal client's private IP when needed. Network Address Translation (NAT) and Port Address Translation (PAT) allow multiple devices on a LAN to be mapped to a single public IP address to conserve IP address. In NAT, private IP addresses are translated into public IP addresses. In PAT, private IP addresses are translated into a single public IP address and their traffic is segregated by port numbers.

Interior Gateway Protocol (IGP)

a distance-vector interior gateway protocol developed by Cisco to exchange routing data within an autonomous system. IGRP is used with layer 3 devices (routers) and not layer 2 devices (switches)

What is Kerberos?

a network authentication protocol, which is designed to provide strong authentication for client/server applications by using secret-key cryptography. It uses cryptography so that a client and server can prove their identity to each other across an insecure network connection.

What is SIEM?

a solution that provides a real-time or near-real-time analysis of security alerts generated by network hardware and applications

Reflective DNS

a two-step attack used in DDoS attacks. The attacker sends a large number of requests to one or more legitimate DNS servers while using a spoofed source IP of the targeted victim. The DNS server then replies to the spoofed IP and unknowingly floods the targeted victim with responses to DNS requests that it never sent.

What is a RG-6 cable used for?

coaxial cable

What is an incident response plan?

contains a set of instructions to help our network and system administrators detect, respond to, and recover from network security incidents. These types of plans address issues like cybercrime, data loss, and service outages that threaten daily work

Infrastructure layer

contains the netowkr devices that receive information about where to move the data and then perform those movements

When you think kerberos think what?

data over unsecure networks using strong encryption

You are investigating a network connectivity issue that is affecting two of your network clients. When you check the switchports of these clients, you observe that the switchports' physical interfaces are continually going up and down. Which of the following is the most likely reason for the flapping of the switchports you are observing?

duplicate MAC address occurs when two or more devices are responding to data requests as if they are the only device on the network with that physical address.

Scott is a brand new network technician at Dion Training. He has been told to remote into the edge switch from his desk and enable DHCP snooping. Which of the following commands should he use?

e telnet command is used to open a command-line interface on a remote computer or server. Telnet operates in plain text mode and should never be used over an untrusted or public network.

You are troubleshooting a 3 foot long fiber patch cable that you suspect is causing intermittent connectivity between two switches. Which of the following tools should you use to measure the signal as it transmits over the fiber optic cable?

fiber light. Thhink power as it trransmits

stateless packet firewall

firewall allows or denies packets into the network based on the source and destination IP address or the traffic type (TCP, UDP, ICMP, etc.)

Which of the following security features should be enabled to configure a quality of service filter to manage the traffic flow of a Cisco router or switch and protect it against a denial-of-service attack?

he Control Plane Policing, or CPP, feature allows users to configure a quality of service (or QoS) filter that manages the traffic flow of control plane packets to protect the control plane of Cisco IOS routers and switches against reconnaissance and denial-of-service (DoS) attacks.

A network technician was tasked to install a network printer and share it with a group of five instructors at Dion Training. The technician plugged the device into a switch port and noticed the link light turned green. Unfortunately, the printer was unable to obtain an IP address automatically. Which of the following is a potential reason for this error?

he DHCP scope is used as a pool of IP addresses that can be assigned automatically. The issue might be that there are no more IP addresses left in the scope, and is therefore exhausted.

Which of the following technologies deliver multiple voice calls over a copper wire if you have an ISDN or T-1 connection?

ime-division multiplexing allows for two or more signals or bitstreams to be transferred in what appears to be simultaneous sub-channels in one communication channel but is physically taking turns on the channel.

what are mx records?

mail records

Which of the following layers within software-defined networking focuses on providing network administrators the ability to oversee network operations, monitor traffic conditions, and display the status of the network?

management plane

What is 3306

mysql

Which mitigation provides the best return on investment by mitigating the most vulnerable attack vector in an enterprise network?

n enterprise network's end users are the most vulnerable attack vector.

An administrator would like to test out an open-source VoIP phone system before investing in the associated hardware and phones. Which of the following should the administrator do to BEST test the software?

o test out the system before purchasing it, he should connect to a virtual PBX with a SIP phone application and ensure it meets his needs

What is wiping?

occurs by using a software tool to overwrite the data on a hard drive to destroy all electronic data on a hard disk or other media. Data wiping may be performed with a 1x, 7x, or 35x overwriting, with a higher number of times being more secure. This allows the hard drive to remain functional and allows for hardware reuse

Which of the following describes the ID of a specified native VLAN when traffic passes over a trunk?

on OBJ-2.3: Trunk ports carry all traffic, regardless of VLAN number, between all switches in a LAN. The VLAN designation for a trunk port is its native or default VLAN.

Which of the following levels would an alert condition generate?

on OBJ-3.1: The severity levels range from zero to seven, with zero being the most severe and seven being the least severe. Level 0 is used for an emergency and is considered the most severe condition because the system has become unstable. Level 1 is used for an alert condition and means that there is a condition that should be corrected immediately

A user's smartphone is displaying text in other languages in their web browser when accessing the company's main website. Which of the following is the MOST likely cause of the issue?

on path attack (Man in the middle) a general term when a perpetrator positions himself in a conversation between a user and an application, either to eavesdrop or impersonate one of the parties, making it appear as if a normal exchange of information is occurring. For example, if your user and server are both in the United States (English language), but the attacker is performing the on-path attack from Russia, then the server will utilize the Russian language in the text since it sees the connection coming from a Russian IP address.

stateful packet inspection firewall

onitors the active sessions and connections on a network. The process of stateful inspection determines which network packets should be allowed through the firewall by utilizing the information it gathered regarding active connections as well as the existing ACL rules. Neither a stateless nor stateful inspection firewall operates at layer 6 or layer 7, so they cannot inspect TLS connections

What is a wiring diagram used for?

used to clearly label which cables are connected to which ports.

What is the 802.1Q standard?

used to define VLANs on an ethernet network

management plane

used to monitor traffic conditions

What is NetFlow Analyzer?

used to perform monitoring, troubleshooting, inspection, interpretation, and synthesis of network traffic flow data.

What is the hostname commands?

used to view or change a computer's hostname and domain. On a Windows system, the hostname, computer name, and NetBIOS name are all the same.

Control layer

uses the information from the applications and decides how to route a data packet on the network


Conjuntos de estudio relacionados

Программирование

View Set

Chapter 3 - Assessing and Diagnosing Abnormality

View Set

Chapter 33 - Obstetrics and Neonatal Care

View Set

Simulation Lab 7.1: Module 07 Secure Switch Ports in Packet Tracer

View Set