Exam 3
A technician has finished configuring AAA on a new network device. However, the technician is unable to log into the device with LDAP credentials but is able to do so with a local user account. What is the MOST likely reason for the problem? Group policy has not propagated to the device ISD is blocking RADIUS Share secret key is mismatched username is misspelled in the device config file
Share secret key is mismatched AAA through RADIUS uses a Server Secret Key (a shared secret key). A secret key mismatch could cause login problems.
What allows a telecommunication company to remotely test circuits of customers? VLAN configuration Smart jack RDP Toner probe
Smart jack Smart jacks have built-in remote diagnostics.
A project manager is tasked with the planning of a new network installation. The customer requires that everything discussed in the meetings will be installed and configured when a network engineer arrives onsite. What should the project manager provide the customer? Security policy Statement of work SLA AUP
Statement of work A Statement of work (SOW) is a document that outlines all the work that is to be performed, as well as the agreed-upon deliverables and timelines.
What is the BEST way to prevent various types of security threats throughout the network on a routine basis? user training and awareness penetration testing disaster recovery planning business continuity training
user training and awareness Users are the number one vulnerability to a network. Increasing user training can decrease the number of security threats that are realized on your networks.
A network technician has configured a point-to-point interface on a router. Once the fiber optic cables have been run, though, the interface will not come up. The technician has cleaned the fiber connectors and used an optical power meter to confirm that light is passing in both directions without excessive loss. What is the MOST likely cause of this issue? wavelength mismatch cross-talk distance limitation EMI
wavelength mismatch Wavelength mismatch is when one or more wavelengths in a fiber optic cable are unequal and cannot be measured using an optical power meter. Cross-talk and EMI are both elements that are irrelevant to Fiber optics.
A disgruntled employee executes a man-in-the-middle attack on the company network. Layer 2 traffic destined for the gateway is redirected to the employee's computer. This type of attack is an example of: Amplified DNS attack IP spoofing Evil twin ARP cache poisoning
ARP cache poisoning ARP poisoning reroutes data and allows an attacker to intercept packets of data intended for another recipient. ARP attacks can be sent from any host on the local area network and the goal is to associate the host so that any traffic meant for something else will instead go directly to the attacker's PC.
The human resource department has been moved to an area which is more than 60 meters away from the nearest IDF. In order to comply with a SLA which requires that 10Gb speeds be provided, what media will need to be utilized? CAT6A CAT5E 802.11ac 802.11n
CAT6A Cat6a is the only one listed that can meet 10 Gbps. CAT5e only obtains 1 Gbps and so does 802.11ac.
A network technician was tasked to install a network printer and share it to a group of five human resource employees. The technician plugged the device into a LAN jack, but was unable to obtain an IP address automatically. What is the cause of the problem? DNS Wrong TCP port DHCP scope Split horizon
DHCP scope The DHCP scope is used as a pool of IP addresses that can be assigned automatically. The issue might be that there are no more IP addresses left in the scope.
A technician is in a large room that contains a large amount of industrial equipment. The technician would like to record the usable bandwidth between devices in a wireless network and the access point. What should the technician be documenting? EMI Goodput Latency Jitter
Goodput Goodput is the rate at which useful data goes through a data link.
During a business trip, a user connects to the hotel's wireless network to send emails to customers. The user notices the next day that emails have been sent from the user's account without consent. What protocol was used to compromise the user's email password utilizing a network sniffer? HTTP SSL TFTP DNS
HTTP HTTP is an unsecured protocol and information is passed without encryption. If the user signed into their webmail over HTTP instead of HTTPS, a network sniffer could compromise the username and password.
What is a connectionless protocol? SSL ICMP TCP SSH
ICMP A connectionless protocol is a form of data transmission in which data is transmitted automatically without determining whether the receiver is ready, or even whether a receiver exists. ICMP, UDP, IP, and IPX are well-known examples.
What is considered a classless routing protocol? IGRP IS-IS RIPv1 STP
IS-IS IS-IS is known as a classless protocol. Classless routing protocols are those protocols that include the subnet mask information when the routing tables or updates are exchanged.
A facility would like to verify each individual's identity prior to allowing access to its server room and datacenter. Additionally, the building should ensure that users do not tailgate behind other users. What solution would BEST meet these requirements? implement a security guard at the facility entrance and a keypad at the data center entrance implement a CCTV camera and a proximity reader at the data center entrance Implement a biometric reader at the datacenter entrance and require passage through a mantrap
Implement a biometric reader at the datacenter entrance and require passage through a mantrap A biometric reader would read the employee's fingerprints. A mantrap is most often used in physical security to separate non-secure areas from secure areas and prevent unauthorized access.
A network technician needs to install a server to authenticate remote users before they have access to corporate network resources when working from home. What kind of server should the network technician implement? VLAN (Virtual Local Area Network) RAS (remote access server) PPP (Point-to-Point protocol) DNSSEC NAT (Network address translation)
RAS A remote access server is a type of server that provides a suite of services to remotely connect users to a network or the Internet.
What is an example of a signaling protocol used in VoIP telephony? VRRP SIP H 323 RSTP
SIP Process of elimination: VRRP is the (virtual router redundancy protocol) that automatically assigns IP routers to hosts H 323 is something that works with A/V (audio visual) RTSP is a real time streaming protocol designed to control media servers SIP is a session initiation protocol. SIP is a signaling protocol used on the application layer.
A technician needs to set up uplink ports for multiple switches to communicate with one another. All VLANs should be transferred from the designed server switch. What should be set on the uplink ports if VLAN 1 is not the management VLAN? 802.1q Port security Port mirroring STP 802.1x VTP
STP Setting STP on the uplink ports will ensure that loops are not created.
During what period should all scheduled work on production network equipment be scheduled? Maintenance window Development life cycle down time business hours
Maintenance window By using a Maintenance Window, all downtime is limited and the organization can prepare in advance for the scheduled work to be carried out.
Michael has been tasked with assigning two IP addresses to WAN interfaces on connected routers. In order to conserve address space, what subnet mask should he use for this subnet? /30 /29 /28 /24
/30 An IPv4 address consists of 32 bits. The first x number of bits in the address is the network address and the remaining bits are used for the host addresses. The subnet mask defines how many bits form the network address and from that, we can calculate how many bits are used for the host addresses. In this question, the /30 subnet mask dictates that the first 30 bits of the IP address are used for network addressing and the remaining 2 bits are used for host addressing. The formula to calculate the number of hosts in a subnet is 2n - 2. The "n" in the host's formula represents the number of bits used for host addressing. If we apply the formula (22 - 2), a /30 subnet mask will provide 2 IP addresses.
What default port is associated with network protocols that is connectionless? 80 2427 3389 442
2427 Port 80 (HTTP), Port 443 (HTTPS), and Port 3389 (RDP) are all connection-oriented protocols which rely on TCP. They require a connection being established between two hosts in order to verify delivery of the data and error checking during data transfer. Port 2427 is used for Media Gateway Control Protocol, which relies on UDP (a connectionless protocol).
What port should be allowed to provide access to certain VoIP applications? 5060 110 1720 139
5060 5060 is used by SIP, which VOIP relies upon.
A desktop computer is connected to the network and receives an APIPA address but is unable to reach the VLAN gateway of 10.10.100.254. Other PCs in the VLAN subnet are able to reach the Internet. What is the MOST likely source of the problem? Bad SFP in the PC's 10/100 NIC 802.1q is not configured on the switch port APIPA has been misconfigured on the VLAN OS updates have not been installed
802.1q is not configured on the switch port APIPA addresses are self-configured and are used when the client is unable to get proper IP configuration from a DHCP server. One possible source of this problem is a misconfigured switch port that the computer is connected to. The 802.1q protocol is used to configure VLAN trunking on switch ports.
A company needs to implement stronger authentication by adding an authentication factor to their wireless system. The wireless system only supports WPA with pre-shared keys, but the back-end authentication system supports EAP and TTLS. What should the network administrator implement? WPA2 with complex shared key 802.1x using EAP with MSCHAPv2 PKI with user authentication MAC address filtering with IP filtering
802.1x using EAP with MSCHAPv2 Since the back end uses a RADIUS server for back-end authentication, the network administrator can install 802.1x using EAP with MSCHAPv2 for authentication.
What is the number of bits in 1024 bytes? 512 4096 8000 8192
8192 multiply 1024 x 8 1 byte = 8 bits
An administrator would like to test out an open source-based phone system prior to making an investment in hardware and phones. What should the administrator do to BEST test the software? deploy an open-source VDI solution to create a testing lab Create a virtual PBX and connect it to SIP phone applications Create virtual IP phones in a lab that utilize STP protocol Deploy new SIP appliances and connect them to the open source phone applications
Create a virtual PBX and connect it to SIP phone applications To test out the system prior to purchasing it, he should connect to a virtual PBX with a SIP phone application and ensure it meets his need. Deploying new SIP appliances would be costly, therefore a bad choice. Incorrect answers: Deploying a VDI is a virtual desktop infrastructure solution, which doesn't have anything to do with phones. Creating virtual IP phones in a lab may work but isn't going to give him an accurate representation of the actual usage of the system.
An administrator's network has OSPF for the internal routing protocol and has two interfaces that continue to go up and down. The administrator reviews the following output: Fast ethernet 0 is up, line protocol is up Int ip address is 192.24.120.5/25 MTU 1500 bytes, BW10000 kbit, DLY 100 usec Reliability 255/255, Tx load 1/255, Rx load 1/255 Encapsulation ospf, loopback not set Keep alive 10 Full duplex, 100Mb/s, 100Base Tx/Fx Received 1052993 broadcasts 1258 input errors 983881 packet output, 768588 bytes 1747 output errors, 0 collisions, 423 resets What problem would cause this issue? Duplex mismatch Bad wire Incorrect encapsulation Wrong IP address
Duplex mismatch The duplex mismatch can cause issues where the interface will continually go up and down, or "flap".
What protocol is considered a hybrid routing protocol? BGP OSPF RIPv2 EIGRP
EIGRP Enhanced Interior Gateway Routing Protocol (EIGRP) is considered as a Hybrid Routing Protocol because EIGRP has characteristics of both Distance Vector and Link State Routing Protocols. EIGRP doesn't send Link State Advertisement (LSA) packets as Open Shortest Path First (OSPF) does. EIGRP sends traditional Distance Vector updates containing information about networks plus the cost of reaching them from the perspective of the advertising router. EIGRP also has Link State characteristics. EIGRP synchronizes routing tables between neighbors at startup, and then it sends specific updates when a network topology change happens.
What protocol is used to encapsulate other network layer protocols such as multicast and IPX over WAN connections? ESP MPLS PPP GRE
GRE Generic Routing Encapsulation (GRE) is a protocol that encapsulates packets in order to route other protocols over IP networks.
A network administrator is troubleshooting an issue with unstable wireless connections in a residence hall. Users on the first and second floors report that the hall's SSID is not visible in the evenings. The network administrator has verified that the wireless system is operating normally. What is the cause of the issue being reported by the users? The SSID is set to hidden A jammer is being used An ARP attack is underway Internet router maintenance is scheduled
Internet router maintenance is scheduled Process of elimination: the ARP attack would allow attackers to intercept data or stop all traffic the SSID being set to hidden wouldn't just change during the day jammer being used would show some possible "wrong" traffic in the logs of the wireless. internet router maintenance would simply take the network down for the duration of the update/maintenance.
What describes the ID of a specified native VLAN when traffic passes over a trunk? it becomes the gateway of last resort for the switch or router it becomes the priority ID for all VLAN traffic across the device It becomes the default VLAN for the untagged frames
It becomes the default VLAN for the untagged frames Trunk ports carry all traffic, regardless of VLAN number, between all switches in a LAN. The VLAN designation for a trunk port is its native VLAN. If the trunk port has a native VLAN that differs from the tag placed on the frame as it entered the access port, the switch leaves the tag on the frame and sends the tagged frame along to the next switch or switches. If the trunk port's native VLAN is the same as the access ports VLAN, then the switch drops the tag and sends the untagged frame out the trunk port.
A network engineer is designing a campus-wide wireless network. Wireless access points will be distributed across the campus for maximum availability. The network is to be designed to handle a large number of roaming wireless devices. What feature should he employ? Subnetting LWAPP VLAN pooling WPA2
LWAPP LWAPP is the best choice because it serves as a standard single point that allows quick and efficient management of multiple wireless devices at a time.
A company is having a new T1 line installed. What device does this connection MOST likely terminate to? MDF IDF Ethernet router core switch
MDF The telecom company usually terminates the circuits at the Main Distribution Facility (MDF).
A company is experiencing very slow network speeds of 54Mbps. A technician has been hired to perform an assessment on the existing wireless network. The technician has recommended an 802.11n network infrastructure. What allows 802.11n to reach higher speeds? LWAPP MU-MIMO PoE MIMO
MIMO One way 802.11n achieves superior throughput is through the use of a technology called multiple input, multiple output (MIMO). MIMO uses multiple antennas for transmission and reception.
Susan is a network administrator who is in the process of preparing and cleaning network switches for resale. She splashes the cleaning agent in her eye and needs to know the procedure to do in order to cleanse her eye. Where should she look to find the right procedure? EULA MOU SLA MSDS
MSDS The Manufacturers Safety Data Sheet (MSDS) lists the chemical composition of the solution and states the relevant protocol for first aid treatment.
An administrator has a physical server with a single NIC. The administrator intends to deploy two virtual machines onto the single physical server. Each virtual machine needs two NICs, one that connects to the network, and a second that is a server to server heartbeat connection between the two virtual machines. After deploying the virtual machines, what should the administrator do to meet the requirements? The administrator should create a virtual switch that is bridged to the corporate network, and a second virtual switch that carries intra-VM communication only The administrator should create a virtual switch to bridge all of the connections to the network; the the virtual heartbeat NICS should be set to addresses in an unused range The administrator should install a second physical NIC onto the host, and then connect each guest machine's NICs to a dedicated physical NIC
The administrator should create a virtual switch to bridge all of the connections to the network; the the virtual heartbeat NICS should be set to addresses in an unused range By bridging all of the connections to the network, it allows for faster communication between the virtual machines (hosts). The heartbeat is set on unused address range in order to ensure there is no chance of data collision or loss of signal.
A technician installs three new switches to a company's infrastructure. The network technician notices that all the switch port lights at the front of each switch flash rapidly when powered on and connected. Additionally, there are rapidly flashing amber lights on the switches when they started up the next day. What is happening to the switches? The switches are connected and detected a spanning tree loop The switches are running through their spanning tree process The switches are not functioning properly and need to be disconnected the switches are having problems communicating with each other
The switches are running through their spanning tree process Explanation The switches use the spanning tree process to ensure no routing loops will occur.
What network element enables unified communication devices to connect to and traverse traffic onto the PSTN? Access switch UC server Edge router UC gateway
UC gateway Unified Communications (UC) enables people using different modes of communication, different media, and different devices to communicate with anyone, anywhere, at any time. To accomplish this, a UC gateway is needed.
A network technician has been dispatched to investigate sporadic network outages. After looking at the event logs for the network equipment, the network technician finds that the network equipment has been restarting at the same time every day. What should the technician deploy to correct this issue? UPS Grounding bar rack monitoring Air flow management Surge protector
UPS An Uninterruptible power supply (UPS) is a battery system that can supply short term power to electrical units. Since all the devices are restarting at the same time, it is likely due to a power outage. In this case, a UPS would continue to supply power to the network equipment during outages or blackouts.
A company that was previously running on a wired network is performing office-wide upgrades. A department with older desktop PCs that do not have wireless capabilities must be migrated to the new network, ensuring that all computers are operating on a single network. Assuming CAT 5e cables are available, what network device should the technician use to connect all the devices to the wireless network? Default WAP Wireless bridge Wireless router VPN concentrator
Wireless router Wireless bridge and WAP are both examples of wireless network extenders. They will not work without a wireless router. Also, a wireless router has physical Ethernet ports in order to connect the older desktop PCs using a NIC.
An administrator reassigns a laptop to a different user in the company. Upon delivering the laptop to the new user, the administrator documents the new location, the user of the device, and when the device was reassigned. What BEST describes these actions? asset management change management baselines network map
asset management Documenting the location, the user of the device, and the date of the reassignment would be part of the asset management.
The administrator's network has OSPF for the internal routing protocol. One port going out to the Internet is congested. The data is going out to the Internet, but queues up before sending. What would resolve this issue? Output: Fast Ethernet 0 is up, line protocol is up Int ip address is 10.20.130.5/25 MTU 1500 bytes, BW10000 kbit, DLY 100 usec Reliability 255/255, Tx load 1/255, Rx load 1/255 Encapsulation ospf, loopback not set Keep alive 10 Half duplex, 100Mb/s, 100 Base Tx/Fx Received 1052993 broadcasts 0 input errors 983881 packets output, 768588 bytes 0 output errors, 0 collisions, 0 resets change the duplex to full set the loopback address change the IP address change the slash notation
change the duplex to full From the output, we see that the half-duplex is configured. This would not use the full capacity of ports on the network. By changing to full duplex, the throughput would be doubled.
A technician has terminated a cable on the datacenter with an RJ-11 connector. What application is MOST likely being used? crossover patch cabling ethernet for a NAS appliance Out-of-band management VRRP interconnect link
crossover patch cabling The only one that it could possibly be is the crossover patch cabling, but even that doesn't make much sense. This is a poor question, but you can use RJ-11 to carry Ethernet data (crossover or straight through) using 4 wires instead of 8, and support the same capabilities as regular CAT 5. This is a poor practice to do though.
A company has a secondary datacenter in a remote location. The cable management and power management are handled by the datacenter staff, while the building's security is also handled by the datacenter staff with little oversight from the company. What should the technician do to follow the best practices? secure the patch panels secure the UPS units Ensure power monitoring is enabled ensure rack security
ensure rack security By ensuring rack security such as locks, RFID card locks, and swing handles, the technician adds an extra layer of security to the servers which is a best practice.
What technology is designed to keep system's uptime running in the event of a disaster? Load balancing caching engines high availability QoS
high availability If a network switch or router stops operating correctly (meaning that a network fault occurs), communication through the network could be disrupted, resulting in a network becoming unavailable to its users. Therefore, network availability, called uptime, is a major design consideration.
A campus needs to provide wireless connectivity in a cafeteria with a minimal number of WAPs. What type of antenna will provide the BEST coverage? omni-directional bidrectional high gain dipole
high gain High gain antennas put out increased signal strengths and therefore can reach further with less WAPs.
An additional network segment is urgently needed for QA testing on the external network. A software release could be impacted if this change is not immediate. The request come directly from management, and there is no time to go through the emergency change management process. What should the technician do? wait until the maintenance window and make the requested change make the change, document the requester, and document all network changes send out a notification to the company about the change
make the change, document the requester, and document all network changes While this is a difficult situation, the best answer is to make the change, document the requester, and document all the network changes. Since the request came directly from management, if they have sufficient authority to authorize the change, it can be performed outside of the emergency change control process. This should be a RARE occurrence.
A user has a network device that streams media to the local network, and the device is visible on the network. All PCs on the LAN can ping the device and all the firewalls are turned off. The streaming device appears to be functioning properly, but the media won't stream when requested. What TCP/IP technology is not being implemented? broadcasts multicast anycast unicast
multicast Multicast is not implemented properly because that is the TCP/IP technology that sends out packets to the requested devices. As opposed to broadcast (one-to-all), which sends out packets to all devices, multicast (one-to-many-of-many/many-to-many-of-many) only sends packets to many that are specifically requested but not all. Multicast would need to be implemented to route the network device to the LAN so that streaming can function properly.
A client reports that half of the office is unable to access a shared printer on the network. What should the network technician use to troubleshoot the issue? baseline info network diagrams vendor documentation data backups
network diagrams Network diagram is a visual representation of a computer network. Understanding all the connections is a fundamental step in network troubleshooting. This baseline information can be used for anticipating future problems, as well as planning for future growth.
Two office buildings are connected via copper network cabling buried in the ground. During local construction, the second building suffers a permanent network outage. What is the MOST likely cause of the outage? signal attenuation electromagnetic interference cross-talk open circuit
open circuit Since the issue started after construction began, it is most likely that the construction crew broke the cable during digging operations. This can cause an open circuit or short circuit, depending on how the cable was cut/broken.
A company has added a lot of new users to the network that is causing an increase in network traffic by 200%. Original projection by the engineers was that the new users would only add 20-30% more network traffic, not 200%. The network administrator suspects that a compromise of the network may have occurred. What should the network administrator have done previously to prevent this network breach? provide end user awareness and training for employees ensure best practices were implemented when creating new user accounts Create VLANs to segment network traffic
provide end user awareness and training for employees With new employees entering a company, often they are not fully aware of the company's Internet usage policy and safe Internet practices. Providing end user awareness and training for new employees help reduce the company's vulnerability to malicious entities on the Internet.
What is the BEST way to secure the most vulnerable attack vector for a network? provide end-user awareness training for office staff update all antivirus definitions on workstations and servers remove unneeded services running on the servers
provide end-user awareness training for office staff Users are our most vulnerable attack vector, proper training can help reduce the risk.
An administrator has configured a new 100Mbps WAN circuit, but speed testing shows poor performance when downloading larger files. The download initially reaches close to 100Mbps but begins to drop and show spikes in the download speeds over time. The administrator checks the router interface and sees the following: NETRTR01# show interface eth 1/1 GigabitEthernet 1/1 is up, line is up Hardware is GigabitEthernet, address is 000F.33CC.F13A Configured speed auto, actual 1Gbit, configured duplex fdx, actual fdx Member of L2 VLAN 1, port is untagged, port state is forwarding What is the issue? Shutdown and then re-enable this interface Reset the statistics counter for this interface apply egress port rate-shaping remove the default 802.1q tag and set to server VLAN
remove the default 802.1q tag and set to server VLAN Since the VLAN port is untagged, it can be slowing down performance. It is recommended to remove the default VLAN tag and setup a server VLAN to increase performance.
A network administrator is assigned an approved change request with a change window of 120 minutes. After 90 minutes, the change is stuck on step five of a five-step change. The network manager decides to initiate a rollback. Which describes what the network administrator should do next? return the system to step four since this was the last working step return the system back to the original state before the change request additional time since the change is near completion
return the system back to the original state before the change By performing a rollback, the administrator will change everything back to the last known good configuration, to the time prior to the change.
What is an example of a UC application? softphone proxy facsimile intranet
softphone Unified Communications is a term used to describe the integration of numerous communication technologies, including VoIP. A softphone uses VoIP technology.
The administrator modifies a rule on the firewall and now all the FTP users cannot access the server any longer. The manager calls the administrator and asks what caused the extreme downtime for the server. In regards to the manager's inquiry, what did the administrator forget to do first? document the changes provide notification of change to users schedule maintenance window submit a change request
submit a change request A change request should be submitted through the change management process prior to any changes being made.
A user has installed a new wireless printer on the network. The user cannot get it connected to the Internet, but can print locally. All other office users can reach the Internet, but cannot connect to the new wireless printer. All users are wireless in this part of the office. What MOST likely has occurred? they installed the printer in ad-hoc mode they misconfigured the gateway on the wireless printer they installed the printer on the wrong subnet they install the printer in infastructure mode
they installed the printer in ad-hoc mode The printer is most likely in ad-hoc mode, which is also known as IBSS. In this type of network, devices talk directly to each other but have no connection outside of this "self-created" network.
A firewall technician has received calls stating the network is running slowly. The technician has found the firewall is functioning properly. What should the technician review to determine the cause of the slow performance? top talkers SNMP traps Port scanner Heat maps
top talkers There are devices/applications usually unknown to the network administrators that use too much bandwidth, therefore slowing down the system. For example, if you have few users who are downloading large files all day long (like videos), they could be considered a "top talker".
