Network Pro Most ++++++++++++

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which of the following activities are typically associated with a penetration test? (Select two.)

Attempting social engineering Running a port scanner

Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service?

Clustering Clustering connects multiple servers together using special software.

Your organizations uses a time-keeping application that only runs on Windows 2000. Because of this, there are several Windows 2000 workstations on your network. Last week you noticed unusual activity.... Which solution should you implement to protect the network....

Configure VLAN membership so that the Windows 2000 workstations are on their own VLAN

You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this?

Connect one server through a different ISP to the Internet. If the ISP connection goes down, then the website is unavailable. Connecting one server to a different ISP, or both servers to two ISPs, will provide redundancy for the connection.

Which of the following applications typically use 802.1x authentication? (Select two.)

Controlling access through a switch Controlling access through a wireless access point

A user reports that she cant connect to the internet. After some investigation, you find the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point. What should you do next?

Create an action plan.

Users report that the network is down. After some investigation, you determine that a specific router is configured such that a routing loop exists. What should you do next?

Determine if escalation is needed.

A user reports that she cant connect to a server on your network. You check the problem and find out that all users are having the same problem. What should you do next?

Determine what has changed.

You are a network administrator for your computer. A frantic user calls you one morning exclaiming that "nothing is working." What should you do next in your troubleshooting strategy?

Establish the symptoms.

You have a network server with two network interface cards. You want both network adapters to be used at the same time to connect to the same network to double the amount of data the server can send. Which feature would you use?

Ethernet bonding

Which of the following is a common form of social engineering attack?

Hoax virus information e-mails.

You have been hired to design a wireless network for a SOHO environment. Which of the following questions should you ask? select three

How many devices will need to be supported Is the business expected to grow in size in the future What type of data will be transmitted on the network

Over the last month you have noticed a significant increase in the occurrence of inappropriate activities performed by employees. What is the best first response step to take in order to improve or maintain the security level of the environment?

Improve and hold new awareness sessions

What is the purpose of using Ethernet bonding? (Select two.)

Increases network performance. Provides a failover solution for network adapters

You have worked as the network administrator for a company for seven months. One day all picture files on the server become corrupted. You discover that a user downloaded a virus from the Internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss is adamant that this situation does not reoccur. What should you do?

Install a network virus detection software solution.

While using a web-based order form, an attacker enters an unusually large value in the Quantity field. The value entered is large enough to exceed the maximum value supported by the variable type used to store the quantity in the web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number. As a result, the web application processes the order as a return instead of a purchase, and the attacker's account is refunded a large sum of money. What type of attack has occurred in this scenario?

Integer overflow

Which of the following is not a primary characteristic of a worm?

It infects the MBR of a hard drive A worm does not infect an MBR like a virus, a worm does not require a host file or drive element. A worm is a self-contained, executable software package. It is able to self-replicate and actively seeks to spread itself to other networked systems.

You manage a server that runs your company Web site. The Web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that a second server can respond to requests for Web site content. Which solution should you implement?

Load balancing

Which of the following attacks, if successful, causes a switch to function like a hub?

MAC flooding MAC flooding overloads the switch's MAC forwarding table to make the switch function like a hub. The attacker floods the switch with packets, each containing different source MAC addresses. The flood of packets fills up the forwarding table and consumes so much of the memory in the switch that it causes the switch to enter a state called failopen mode, in which all incoming packets are broadcast out all ports (as with a hub), instead of just to the correct ports as per normal operation.

Which of the following authentication protocols uses a three-way handshake to authenticate users to the network? (Choose two.)

MS-CHAP CHAP

What is the primary goal of business continuity planning?

Maintaining business operations with reduced or restricted infrastructure capabilities or resources

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with a user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?

Move the router to a secure server room.

Which type of switch optimizes network performance by using ASIC to perform switching at wire speed?

Multilayer switch

Which of the following uses hacking techniques to proactively discover internal vulnerabilities?

Penetration testing

Match the social engineering description on the left with the appropriate attack type on the right.

Phishing An attacker sends an email pretending to be from a trusted organization, asking users to access a website to verify personal information. Whaling An attacker gathers personal information about the target individual, who is a CEO. Spear phishing An attacker gathers personal information about the target individual in an organization. Dumpster diving An attacker searches through an organization's trash for sensitive information. Piggybacking An attacker enters a secured building by following an authorized employee through a secure door without providing identification. Vishing An attacker uses a telephone to convince target individuals to reveal their credit card information.

A relatively new employee in the data entry cubical farm was assigned a user account similar to that of all of the other data entry employees. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred?

Privilege escalation

Your network conducts training sessions for high-profile clients. As part of the training, clients connect to get a video feed of the instructor and other class activities. You want to make sure that video traffic related to the training is not delayed on the network. Which solution should you implement?

QoS

You want to implement 802.1x authentication on your wireless network. Which of the following will be required?

RADIUS

QoS provides which of the following on a network?

Reduces latency of time-sensitive traffic

What is the primary security feature that can be designed into a network's infrastructure to protect and support availability?

Redundancy

A new assistant network Admin was recently hired by your organization to relieve some of your workload. You assigned the assistant network Admin to replace a defective patch cable that connected port 1 on your patch panel to one of your network switches.... What should you do. choose two

Remove the patch cable connecting the first switch to the third switch Enable STP on each switch

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?

Rogue access point

A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received on the Internet-facing interface. This is an example of what form of attack?

Spoofing Spoofing is the act of changing or falsifying information in order to mislead or re-direct traffic. In this scenario, a packet received on the inbound interface cannot receive a valid packet with a stated source that is from the internal network.

When troubleshooting network issues, its important to carry out tasks in a specific order. Drag the trouble shooting task on the left to the correct step on the right.

Step 1 Identify the problem Step 2 Establish a theory of probable causes Step 3 Test the theory to determine the cause Step 4 Establish a plan of action Step 5 Implement the solution or escalate Step 6 Verify full system functionality Step 7 Document findings, actions and outcomes

Which encryption method is used by WPA for wireless networks?

TKIP WPA uses TKIP for encryption. TKIP uses rotating encryption keys for added security over WEP. AES encryption is used with WPA2. AES requires specialized hardware that might not be available on a device that only supports WPA. WEP is a security method for wireless networks that provides encryption through the use of a shared encryption key (the WEP key).

Which of the following statements about DSCP are true? select two

The DiffServ field is used to add precedence values Classification occurs at layer 3

You manage a server that runs your company Web site. The Web site includes streaming video that shows features of some of your products. The link connecting your server to the Internet charges based on bandwidth use. When the bandwidth spikes, so does your bill. You would like to implement a solution to prevent the amount of traffic sent over the WAN link from exceeding a specific level. Which solution should you implement?

Traffic shaper

Purchasing insurance is what type of response to risk?

Transference An organization can transfer risk through the purchase of insurance. When calculating the cost of insurance and the deductible, balance the cost against the expected loss from the incident.

What is the greatest threat to the confidentiality of data in most secure organizations?

USB devices

You just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card to gain access. You backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with a username of admin and a password of admin. You used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? (Select two.)

Use an SSH client to access the router configuration. Change the default administrative username and password.

You manage a website for your company. The website uses three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component represents a single point of failure?

Website storage A single point of failure means that failure in one component will cause the entire website to be unavailable. If the storage unit fails, then the website content will be unavailable.

Which of the following are improvements to SNMP that are included within SNMP version 3? (Select two) a. Authentcation for agents and managers b. Encryption of SNMP messages c. Hashing of the community name d. Use of SFTP for transferring SNMP data

a. Authentcation for agents and managers b. Encryption of SNMP messages

Which of the following are examples of Type II authentication credentials?

"Smart Card and Photo ID (Type II authentication uses something you have in your possession, such as a smart card, photo ID, token device, or swipe card."

Which of the following advantages can Single Sign-On (SSO) prove?

"The elimination of multiple user accounts and passwords for an individual and access to all authorized resources with a single instance of authentication."

Consider the 850 nm multimode fiber optic cable shown below. How much loss can you expect between the transmitter and the receiver?

-1.2 dB

Which of the following are characteristics of coaxial network cable? (Choose three)

-It uses two concentric metallic conductors. -The ends of the cable must be terminated. -It has a conductor made from copper in the center of the cable.

Which of the following connectors are used with fiber optic cables and include both cables in a single connector? (*Select two.)

-LC -MT-RJ

F-Type connectors are typically used with cables using which of the following standards? (Select two)

-RG-6 -RG-59

Which three of the following IP addresses belong to the Class A network 114.0.0.0? ( Assume the network is indicated by the default portion of the IP address.)

114.0.0.15 114.122.66.12 114.58.12.0

Which data transmutation rate is defined by the IEEE 802.11b wireless standard.

11Mbps

You are designing a wireless network implementation for a small business. The business deals with sensitive customer information, so data emanation must be reduced as mush as possible. the floor plan of the office is shown below...

A-Direciton B-Direction C-Omni-Direction D-Direciton E-Direciton F-Direciton G-Direciton

Which of the following dose a router acting as a firewall use to control which packets are forwarded or dropped?

ACL

Which of the following attacks tries to associate an incorrect MAC address with a know IP address?

ARP poisoning

Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do?

Add a separate A/C unit in the server room

Which of the following measures are you most likely to implement in order to protect against a work or trojan horse?

Anti-virus software

bit-error rate tester

BERT

"You have hired 10 new temporary workers who will be with the company for 3 months. You want to make sure that these users can only log on during regular business hours. What should you do?"

Configure day/time restrictions in the user accounts

Which of the following cable types often includes a solid plastic core? A cat 5 B cat 3 C Cat 5e D cat 6

D cat 6

VPN Concentrators

Dedicated device to terminate a VPN circuit

Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?

Denial of service attack

Match the Etherchannel protocol on the left with its characteristics on the right.

Desirable mode places the port in a negotiating state. Port Aggregation Protocol (PAgP) Based on the 802.3ad standard link Aggregation control protocol(LACP) Passive mode places the port into a passive negotiation state. link aggregation control protocol (LACP) Auto mode places the port into a passive negotiating state. Port Aggregation Protocol (PAgP) Active more places the port in a negotiating state. link Aggregation control protocol(LACP)

Which of the following describes the point where the service provider's responsibility ends and the customer's responsibility begins for installing and maintaining wiring and equipment? A Smart jack B tor C Punchdown block D Vertical cross connect E Demarc

E Demarc

electrostatic discharge

ESD

Many of the end users in your organization are bringing their own personal mobile devices to work and are storing sensitive date on them. To precent the data from being compromised, you create a cloud-based Microsoft Intune account and configure mobile device security policies. You now need to apply those security policies to the end users mobile devices. What should you do? select two

Enroll the devices with the Intune service Create a user account for each user who has a managed mobile device

Configuration management

Focuses on maintaining up-to-date documentation of a network's configuration.

110 Block

High-Speed LAN connections. Can terminate a cable being used for high speed LAN

You need to implement a wireless network between two buildings on a college campus. A wired network has already been implemented within each building. the buildings are 100 meters apart. select two

High-gain Parabolic

An access point that conforms to the IEEE 802.11b standard acts most closely to what other networking device?

Hub

Which of the following is the best countermeasure against man-in-the middle attacks?

IPsec Use IPsec to encrypt data in a VPN tunnel as it passes between two communication partners

Which of the following protocols are classified as link state routing protocols?

IS-IS OSPF

A user reports that he can't connect to a specific Web site. You go to the user's computer and reproduce the problem. What should you do next?

Identify the affected areas of the network.

You want to be able to monitor and filter VM-to-VM traffic within a virtual network. What should you do?

Implement a virtual firewall within the hypervisor.

Match the port security MAC address type on the left with its description on the right

MAC address manually identified as an allowed address SecureConfigured MAC address that has been learned and allowed by the switch SecureDynamic MAC address that is manually configured or dynamically learned that is saved in the config file SecureSticky

Which of the following do switches and wireless access points use to control access through the device?

MAC filtering

Which of the following do switches and wireless access points use to control access through the device?

MAC filtering Both switches and wireless access points are layer 2 devices, meaning they use the MAC address for making forwarding decisions. Both devices typically include some form of security that restricts access based on the MAC address.

which of the following attacks, if successful, causes a switch to function like a hub?

MAC flooding

Which of the following technologies uses variable-length packets and adds labels to packets as they enter the WAN cloud, with the labels being used to switch packets and prioritize traffic?

MPLS

What key advantage does a virtual router have over a physical router?

Multiple networks can be connected to a single interface.

Which of the following is a feature of MS-CHAP v2 that is not included in CHAP?

Mutual authentication

Which of the following associates a port number with a host on a privet network?

PAT

You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which type of camera should you choose?

PTZ

Which of the following is the most common form of authentication?

Password

Which of the following are advantages of using the Spanning Tree Protocol (STP) in network segmented bridges?

Prevents message loops from forming Identifies the optimal path between network devices. Lets you provide redundancy by using more then one connection between devices, making your network more reliable.

Which of the following is a WAN technology that allows for interoperability of vendor hardware for fiber optic networking?

SONET

You are configuring a wireless network with two wireless access points. Both access points connect to the same wired network. You want wireless users to be able to connect to either access point, and to be able to roam between the two access points. How should you configure the access points?

Same SSID, different channel.

You are implementing Internet connectivity for a new start-up company. Your client will provide on-line storefronts for retailers. To do this, the have calculated their Internet connection must provide a data rate of at lest 20 -30 Mbps. Which type of service should you implement?

T3

Which of the following network services or protocols uses network prot 69?

TFTP

Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)

TLS// SSL

Wiring Closet

The room/place where wires run back to

Why do attackers prefer static environment devices to conduct distributed network attacks? select two

These devices tend to employ much weaker security than traditional network devices These devices are typically more difficult to monitor than traditional network devices.

Which of the following CCTV camera types lets you adjust the distance that the camera can see?

Varifocal

Personal Area Network (PAN)

Very small network used between personal devices (i.e. wireless headset)

Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients?

WEP, WPA Personal, and WPA2 Personal

Which of the following wireless security methods uses common shared key configured on the wireless access point and all wireless clients?

WEP, WPA Personal, and WPA2 Personal

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24.The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed.You need to make the change with the least amount of effort possible.What should you do?

Wait for convergence to take place.

In which of the following situations might you use an RJ-11 connector?

You want to connect your computer to the Internet wit a dial-up connection

What is the most common means of virus distribution

e-mail

You need to place a wireless access point in your two-story building. While trying avoid interference, which of the following is the best location for the access point?

in the top floor

Which of the following connectors is typically used on one end of a rollover cable?

serial

The network board in a workstation is currently configured as follows:

show running-config interface show interface

Which type of malicious activity can be described as numerous unwanted and unsolicited e-mail messages sent to a wide range of victims?

spamming

Which of the following solutions would you implement to eliminate switching loops?

spanning tree

You manage a network that uses multiple switches. You want to provide multiple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support?

spanning tree

Which of the ff. is not true regarding cookies?

they operate within a security sandbox

While troubleshooting a problem on a linux sstem, you run a utility that generates the following output: Which of the following utilties were you using?

traceroute

While working on a Linux server, you are unable to connect to Windows Server 2003 system across the Internet. You are able to ping the default gateway on your own network, so you suspect the problem lies outside the local network. Which utility would you use to trace the route a packet takes as it crosses the network?

traceroute.

Examine the following output: Which of these commands produced this output?

tracert

Which TCP/IP utility gives you the following output?

tracert

You are the network administrator of a branch office of your company..... What TCP/IP utility can you use to see if a router is not working properly?

tracert

You have been recently hired to manage a network for a small company...... which strategy could you employ to help prevent these issues from occuring?

use a /127 prefix on the backbone segment

You manage a website for your company. The website uses three servers configured in a cluster. Incoming requested are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component a single point of failure? web server power supply website storage network adapter

website storage

Which of the following is an attack that injects malicious scripts into Web pages to redirect users to fake websites or gather personal information?

xss

"What type of access control focuses on assigning privileges based on security clearance and data sensitivity?"

"MAC (Mandatory Access Control) uses classifications to assign privileges based on a security clearances and data sensitivity."

Which access control model manages rights and permissions based on job descriptions and responsibilities?

"Role based access control (RBAC) is the access control model that managers rights and permissions based on job description. RBAC focuses on job description or work task, instead of employing user accounts to define access RBAC are best suited for environments that have a high rate of employees turnover. By defining access base on role that those individuals, it simplifies administration when granting a new person access to common activities. "

Which of the following is an example of three-factor authentication?

"Token device, keystroke analysis, cognitive question (type III something you are, such as fingerprints, retina scans, voice recognition, or keybo9ard dynamics)"

Which of the following are disadvantages of biometric.

"When used alone or solely, they are no more secure than a strong password, They have potential for numerous false negatives."

Consider the following log message, generated on a router. *Aug 8 11:18:12.081: %LINEPPROTO-5-UPDOWN: Line protocol on interface fastethernet0/0, changed state to down. What facility generated this message?

%LINEPPROTO

Which of the following are characteristics of an LC fiber optic connector? (Choose two.)

-They are half the size of standard connectors. -They use a housing and latch system similar to an RJ-45 UTP connector

Which of the following are characteristics of an MT-RJ fiber optic connector? (Select two)

-They can be used with multimode fiber optic cables. -They use metal guide pins to ensure accurate alignment.

Match the COS priority on the left with the corresponding value on the right.

0-Best effort (default) 1-Backgroud 2-Excellent effort 3-Critical applications 4-Video(<100ms latency) 5-Video(<10ms latency) 6-Internetwork control 7-Network control

At what percent is packet loss noticeable in voice traffic?

1%

Which of the following use the CSMA/CD access method?(2 answers)

1000BaseT, 10BaseT

Which of the following IP addresses is a valid IP address for a host on a public network?

142.15.6.1

Which three of the following are not valid IP address?

145.8.260.7 257.0.122.55 45.22.156.256

What is the speed of the OC-3 connection?

155 Mbps

Which of the following is the first IP address that can be assigned to hosts on the 166.70.0.0 network using the default subnet mask?

166.70.0.1

Which of the following is the last IP address that can be assigned to hosts on the 1676.70.0.0 using the default subnet mask?

166.70.255.254

Which of the following IP addresses ranges is reserved for Automatic Private IP Addressing?

169.254.0.1 - 169.254.255.254

Which three of the following IP addresses are Class B addresses? (

190.65.2.0 129.0.0.0 132.12.0.0

What is the network address and subnet mask used by APIPA?

255.255.0.0 169.254.0.0

What is the frequency of 802.11a networking?

5.75GHz

Which is the recommended humidity level for server rooms? 10% or lower 30% 50% 70%

70%

You are designing an update to your clients wireless network. The existing network uses 802.11b. Due to budget, which 802.11 standard will work best.

802.11g

You are designing an update to your clients wireless network. The existing wireless network uses 802.11g equipment, which your client complains runs to slowly. She wants to upgrade the network to run 150Mbps or faster. Which 802.11 standard will work best in this situation.

802.11n

You want to increase the security of your network by allowing only authenticated users to be able to access network devices though a switch.

802.1x

You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solution? (Select two.)

802.1x authentication Remediation servers

select the statement that best describes a broadcast storm.

A Broadcast storm occurs when there are so many broadcast messages on the network that they approach or exceed the network bandwidth..

Internetwork

A network with geographically disperse (WAN) connections that connect multiple LANs.

In a variation of the brute force attack, an attacker may use a predefined list...best addresses this issue?

A strong password policy

Which of the following is an example of internal threats.

A user accidently deletes the new product design

What is the main difference between a worm and a virus?

A worm can replicate itself and does not need a host for distribution. Both viruses and worms can cause damage to data and systems, and both spread from system to system, although a worm can spread itself while a virus attaches itself to a host for distribution.

What is the difference between a worm and a virus?

A worm can replicate itself and dose not need a host for distribution.

What is the main difference between a worm and a virus?

A worm can replicate itself, while a virus requires a host for distribution.

Using the exhibit to match the connector type on the left with the corresponding letter on the right.

A- DB-25 B- DB-9 C- RJ45 D- RJ11 E- LC F- BNC G- F-Type

A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to the wireless network and then uses NMAP to probe various network hosts to see which operating system they are running. Which process did the administrator use in the penetration test in this scenario?

Active fingerprinting Active fingerprinting is a form of system enumeration that is designed to gain as much information about a specific computer as possible. It identifies operating systems based upon ICMP message quoting characteristics. Portions of an original ICMP request are repeated (or quoted) within the response, and each operating system quotes this information back in a slightly different manner. Active fingerprinting can determine the operating system and even the patch level.

You are concerned about protecting your network from network-based attacks from the Internet. Specifically, you are concerned about "zero day" attacks (attacks that have not yet been identified or that do not have prescribed protections). Which type of device should you use?

Anomaly based IDS>

You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?

Application-level

You have just purchased a new network device and are getting ready to connect it to your network. Which of the following should you do to increase its security? select two

Apply all patches and updates Change default account password

Which of the ff. is the best recommendation for applying hotfixes to your servers?

Apply only the hotfixes that apply to software running on your systems

asset management

As related to networks, this is a formalized system of tracking network components and managing the lifecycle of those components.

What is another name for a logic bomb?

Asynchronous attack

What are the most common network traffic packets captured and used in a replay attack?

Authentication

Which is the following are improvements to SNMP that are included within SNMP version 3?

Authentication for agents and managers. Encryption of SNMP messages.

What is the primary countermeasure to social engineering?

Awareness

You have just connected four switches as shown in the Exhibit. Assuming the default switch configuration, which switch will become the root bridge?

B

What tool should you use to extend network services beyond the demarc? A Tone generator B Punchdown tool C Crimper D Media certifier

B Punchdown tool

You are working with 25 pair wires and 66 blocks. You have pushed the wires onto the 66 block, but now need to cut off the excess end of each wire. Which tool should you use? A Snips B Punchdown tool C Cable stripper D Butt set

B Punchdown tool

You are connecting Cat5e cables to a 110 block. In what order should you connect the wires to follow standard wiring convendons? A White/brown, brown, white/blue, blue, white/orange, orange, white/green, green B White/blue, blue, white/orange, orange, white/green, green, white/brown, brown C White/orange, orange, white/green, blue, white/blue, green, white/brown, brown D White/green, green, white/orange, blue, white/blue, orange, white/brown, brown

B White/blue, blue, white/orange, orange, white/green, green, white/brown, brown

You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the main floor. You need to connect the two wiring closets. Which of the following are typically used to connect the two wiring closets? (Select two.) A. Demarc extension B. Horizontal cross connect C. Smart jack D. 25 pair E. Vertical cross connect

B. Horizontal cross connect D. 25 pair A horizontal cross connect connects IDFs on the same floor. 25 pair or 100 pair wiring punched down into 66 or 110 blocks are often used to connect the wiring closets together. A vertical cross connect connects the IDF to the MDF on a different floor.

Which of the following routing protocols is used by routers on the Internet for learning and sharing routes?

BGP

A switch running STP is a backup bridge. What state is it in?

Blocking

A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computers represent?

Botnet

A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computers represent?

Botnet

Which of the following physical topologies are used with Ethernet networks?(2 answers)

Bus, Star

Which of the following uses metal clips placed over plastic slots for connecting individual copper wires? A 25 pair B 100 pair C 110 block D 66 block

C 110 block

When would you typically use an RJ-11 connector? A When using single mode fiber optic cables. B When using Cat 3 cables. C When connecting a phone to a phone line. D When using multimode fiber optic cables. E When using Cat 5 or higher cables. F When using RG—6 cables.

C When connecting a phone to a phone line.

Arrange the computer components listed on the left in order of decreasing volatility on the right.

CPU registers and caches System RAM Paging file Hard Disk File system backup on an external USB drive

Which of the following functions are performed by proxies?

Cache web pages Block employees from accessing certain web sites

Cat 5

Carry data at a rate of 100Mbps.

Cat 5e

Carry data at a rate of 1Gbps.

What is the most important element related to evidence in addition to the evidence itself?

Chain of custody document

Consider the following IP address. 1. 124.77.8.5 2. 131.11.0.9 3. 190.66.250.10 4. 196.5.89.44 Which list represents the IP address class of each listed IP address?

Class 1, Class B, Class B, Class C.

Which of the following describes the address type?

Classless

You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this?

Client-side scripts JavaScript is an example of client-side scripting, where the client system runs the scripts that are embedded in Web pages. When pages download, the scripts are executed. ActiveX runs executable code within a browser, but ActiveX controls are not written using the JavaScript language. Server-side scripts execute on the server, and modify the Web pages served to clients based on the results of the scripts. The Common Gateway Interface (CGI) is scripting language that is often used to capture data from forms in a Web page and pass the data to an external program. CGI runs on the server to process Web form data.

When designing a firewall, what is the recommended approach for opening and closing ports?

Close all ports; open only ports required by applications inside the DMZ.

What does an IDS that uses signature recognition use for identifying attacks?

Comparison to a database of know attacks

What does the ip address dhcp command allow you to do?

Configures the switch to obtain an IP address from a DHCP server.

How can a criminal investigator ensure the integrity of a removable media device found while collecting evidence?

Create a checksum using a hashing algorithm

You want to connect the LAN port on a router to the uplink port on a switch. The switch does not support auto-MDI. Which type of cable should you use?

Crossover

You have decided to implement Gigabit Ethernet on your network. Each switch port is connected to a single device. Following the installation, you find one device connected to a switch that is only running at 100 Mbps. Which of the following are likely causes?

Crosstalk.

You have just signed up for a broadband home Internet service that uses coaxial cable. Which connector type will you most likely use? A RJ-45 B RJ-11 C sc D F-type E ST F smc

D F-type

Which of the following is used to terminate individual wires from a 25 pair or 100 pair cable using female RJ-45 ports? A 66 block B 110 block C Horizontal cross connect D Patch panel

D Patch panel

You are adding new wires in your building for some new offices. The building has a false ceiling that holds the lights. You would like to run your Ethernet cables in this area. Which type of cable must you use? A Fiber optic B pvc C srp D Plenum E Cat 5e or Cat 6e

D Plenum

Of the following cables, which offer the best protection against EMI? A Cat 5e B Cat 6e C cat 5 D RG-6

D RG-6

Which of the following connectors is used with fiber optic cables and connects using a twisting motion? A F-type B LC C sc D ST E Bixlc

D ST

Which of the following forms of optical fiber would usually be used to connect two buildings across campus from each other, which are several kilometers apart? A Dual mode B Fibre Channel mode C Multimode D Single mode

D Single mode

Which of the following applications is more likely to justify the investment in Category 6 cable? A E-maiI B Instant Messaging C Printing D Streaming video

D Streaming video

You are preparing to attach wires in a 110 block. You want to connect the wires and trim off the excess at the same time. Which of the following should you do? (Select two.) A Use a butt set with a jack. B Use a butt set with clips. C Use a punchdown tool with a straight blade. D Use a punchdown tool with a notched blade. E Point the cut side of the tool towards the wire end. F Point the cut side of the tool towards the connected end of the wire.

D Use a punchdown tool with a notched blade. E Point the cut side of the tool towards the wire end.

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This isan example of which kind of attack?an example of which kind of attack

DDoS

You have a network with 50 workstations. You want to automatically configure workstations with the IP address, subnet mask, and default gateway values.

DHCP server

Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted Internet?

DMZ A DMZ or demilitarized zone is a network placed between a private secured network and the untrusted Internet to grant external users access to internally controlled services. The DMZ serves as a buffer network.

Which of the following is not a valid response to a risk discovered during a risk analysis? Denial Acceptance Assignment Mitigation

Denial

Network (Layer 3)

Describes how data are routed across networks and on to the destination.

Which of the following are examples of social engineering?

Dumpster diving //Shoulder surfing

You are the administrator of your company's network. You want to prevent unauthorized access to your intranet from the Internet. Which of the following should you implement?

Firewall

Presentation (layer 6)

Formats or "presents data into compatible form for receipt by the Application layer.

What type of virtualization completely simulates a real physical host?

Full virtualization

Wide Area Network (WAN)

Group of LANs that are geographically isolated.

Which protocol is used for securely browsing a web site?

HTTPS

Which method can be used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence?

Hashing Hashing is the method used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence.

"Marcus White has just been promoted to a manager. To give him access to the files that he needs, you make his user account a member of the Managers group which has access to a special shared folder. Later that afternoon, Marcus tells you that he is still unable to access the files reserved for the Managers group. What should you do?"

Have Marcus log off and log back on

Which of the following are characteristics of a rootkitrootkit? (Select two.)

Hides itself from detection Requires administrator-level privileges for installation

Passive Hub

Hub that doesn't amplify received bins

Which of the following devices is capable of detecting and responding to security threats?

IPS

You were hired by a small start-up company. the company is in a small office and has several remote employees. You ave been asked to find a business service that would accommodate the curren size of the company but would also be able to scale as the company grows. The service needs to provide adequate storage, as well as additional computing power. Which cloud serve model should you use?

IaaS

Which of the following CCTV types would you use in areas with little or no lights?

Infrared

Which of the following is true for a system image backup?

Is saved as a .vhd file

Which of the following is not a primary characteristic of a worm?

It infects the MBR of a hard drive

Which protocol doies VoIP use to interface with the PSTN?

MGCP

Management Information Base

MIB

You walk by the server room and notice a fire started. What should you do first? Make sure everyone has cleared the area Turn on the overhead sprinklers. Grab a fire extinguisher and try to put out the fire. call the fire department

Make sure everyone has cleared the area

"You ware configuring the local security policy of a Windows 7 sytem. You want prevent users from reusing old passwords. You also want to force them to use a new password for at least 5 days before changing it again."

Minimum password age and Enforce password history

"You are configuring the local secuirty policy of a Windows 7 system. You want to require users to create passwords that are at least 10 characters long. You also want to prevent logon after three unsuccessful logon attempts. "

Minimum password length and account lockout threshold

You connect a packet sniffer to a switch to monitor frames on your local area network. However, the packet sniffer is only able to see broadcast frames and frames addressed specifically to the host device. Which feature should you enable on the switch so you can see frames from all devices connected to the switch?

Mirroring.

Which of the following is an example of a vulnerability?

Misconfigured Server

Which of the following activities are considered passive in regards to the functioning of anintrusion detection system? (Select two.)

Monitoring the audit trails on a server Listening to network traffic

Most, mobile device management (MDM) systems can be configured to track the physical location of enrolled mobile devices. Arrange the location technology on the left in order of accuracy on the right, from most accurate to least accurate

Most accurate GPS More accurate Wi-Fi triangulation Less accurate Cell phone tower triangulation least accurate IP address resolution

Firewall

Network Security Appliance that protects networks from malicious Internet traffic

Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and e-mail server that you want to make available to Internet users. You want to create a DMZ for these tow serves. Which type of device should you use to create the DMZ?

Network based firewall

Long ass question #2... Will this implementation work?

No, you should purchase path cables that use MT-RJ connectors

Breaks data into very small data streams in order to send the information across long distances

OFDM

66 Block

Obsolete

Cladding

Outer Strand of glass which helps to bend light

Which of the following is a firewall function?

Packet filtering

Which type of network divides data to be transmitted into small units and then routes these units from the originating system to the destination system, allowing multiple, concurrent communications on the network medium?

Packet-swithced

Hub

Passive Hub Active Hub Smart Hub

Which of the ff. is most vulnerable to a brute force attack?

Password authentication

Which of the following are example of Type II authentication credentials

Photo ID and smart card.

What topology is used with 100BaseTX Fast Ethernet networks?(2 answers)

Physical star/logical bus Physical star/logical star

Which port number is used by SNMP?

Port 161

Which of the ff. is an advantage of virtual browser?

Protects the operating system from malicious downloads

Private cloud

Provides cloud services to a single organization

You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accessible to Internet users. The Web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the servers? (Select two.)

Put the database server on the private network. Put the Web server inside the DMZ.

You have used firewalls to create a demilitarized zone. You have a Web server that need to be accessible to Internet users. The web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to bet protect the servers?

Put the web server inside the DMZ Put the database server on the private network.

You need to configure spanning tree on a Cisco switch. You'd like to use a protocol that confirms to the 802.1w standards. Which protocol should you use?

Rapid PVST+

The immediate preservation of evidence is paramount when conducting a forensic analysis. Which of the following action is most likely to destroy evidence?

Rebooting the system

The immediate preservation of evidence is paramount when conducting a forensic analysis. Which of the following actions is most likely to destroy critical evidence?

Rebooting the system

Proxy Server

Receives the client's request, and sends it out to the internet. Acts as a middle-man.

You often travel away form the office. While traveling, you would like to use a modem on your laptop computer to connect directly to a server in your office and access files on that server that you need. You wan the connection to be as secure as possible. Which type of connection will you use?

Remote Access

You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat 6e cable to connect the wiring closet to the shipping building. Which of the following should you include in your plan?

Repeater

Which of the following is a characteristic of a virus?

Requires an activation mechanism to run

Which of the following does NOT accurately describe an iSCSI SAN?

Requires special hardware and knowledge to implement.

You recently discovered several key files of your antivirus program have been deleted. You suspect that a virus has deleted the files. Which type of virus deletes key antivirus program files?

Retro

Your company security policy states that wireless networks are not to be used because of the potential security risk the present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?

Rogue access point

Which process reduces the size of the routing table by advertising a single route as the destination for a group of contiguous subnets?

Route summarization

Which of the following protocols can be used to securely manage a network device from a remote connection?

SSH.

You have installed anti-virus software on the computers on your network. You update thedefinition and engine files, and configure the software to update those files every day. What else should you do to protect your systems from malware?(Select two.)

Schedule regular full system scans. Educate users about malware.

Which of the following mobile device security consideration will disable the ability to use the device after a short period of inactivity?

Screen lock

Which of the following are examples of Type 2 authentication credentials? select two

Smart card Photo ID

You manage a network that uses multiple switches. You want to provide muliple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support?

Spanning tree

Which of the following are characteristics of a packet filtering firewall?

Stateless Filters IP address and port

You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.138.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal website. What should you use to allow access?

Static NAT

A virtual LAN can be created using which of the following?

Switch

You are a network administrator for your company. A user calls and tells you that after stepping on the network cable in her office, that she can no longer access the network. You go to the office and see that one of the user's stiletto heels has broken and exposed some of the wiring in the Cat 5 network cable. You make another cable and attach it from the wall plate to the user's computer. What should you do next in your troubleshooting strategy?

Test the solution.

If dynamic DNS is being used, which of the following events will cause a dynamic update of the host records?

The DHCP server renews an ip address lease The ipconfig/release command is entered on a workstation.

You have a small network connected to the Internet as shown in the Exhibit. You need to configure the default gateway address on Wrk1 so that it can communicate with the hosts on the Internet. Which address would you use for the default gateway address?

The IP address assigned to Fa0/0 on Router 1

Which address would you use for the default gateway address? http://i.imgur.com/rFLX29Z.png

The IP address assigned to Fa0/0 on Router1.

You have been struggling to keep the temperature in your server room under control. To address this issue, you have decided to reconfigure the room to create hot and cold aisles. Which of the following are true concerning this configurations? select two

The rear of your servers should fave the hot aisle The from of your servers should face the cold aisle

You have a WAN link that connects two sites. The WAN link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link. Which tool should you use?

Throughput tester.

When using kerberos authentication, which of the following terms is used to describe the token that verifies the identity the user to the target system?

Ticket

Which of the following are used when implementing Kerberos for authentication and authorization? (Select two.)

Ticket granting server Time server

Which of the following is not a form of biometric?

Token device

Which of the following is an example of three-factor authentication?

Token device, keystroke analysis, cognitive question

Which security protocols use RSA encryption to secure communications over an untrusted network? (Select two.)

Transport Layer Security Secure Sockets Layer

What is a program that appears to be legitimate application, utility, game or screensaver and that performs malicious activities surreptitiously?

Trojan horse

When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch?

Trunk Ports

You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the second switch also in VLAN 1. What should you configure to allow communication between these two devices through the switches?

Trunking

Shielded Twisted-Pair Cable

Twisted Pair is surrounded by a metal shielding, similar to a coaxial cable. As frequencies increase, wavelengths decrease

Unshielded Twisted Pair Cable

Twister Pair strands are twisted so tightly that EMI is blocked.

Which type of address is used in a packet to address the packet to a single host?

Unicast

You've been asked by upper management if there is a way to integrate phone calls, emails, and instant messaging into a single platform. Which of the following systems should you recommend to them?

Unified communication

An active IDS system often performs which of the following actions? select two

Update filters to block suspect traffic Perform reverse lookups to identify an intruder

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires and ID card to gain access...What should you do to increase the security of this device?

Use a stronger administrative password

Smart Hub

Usually amplifies an active hub with enhanced features

You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive doc. What should you use for this situation?

VLAN

Your company is a small start-up company that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides Internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented?

VLAN

Your company is a small start-up that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented.

VLAN

You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to a switch. You want to allow visitors to plug into these ports to gain Internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and Internet access. Which feature should you implement?

VLANs

You manage a network that uses a single switch. All ports within your buildings connect through he single switch . Which feature should you implement?

VLANs

Which of the following protocols provide gateway redundancy?

VRRP GLBP HSRP

You manage the information systems for a large co-location data center. Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?

Verify that your network's existing security infrastrucutre is working properly. Install the latest firmware updates from the device manufacturer

Which of the following statements about virtual NICs are true?

Virtual NICs need the appropriate driver installed to function. Multiple virtual NICs can be added to a virtual machine.

You have configured a virtual network which includes the following virtual components Four virtual machines (i.e., Virtual OS1,Virtual OS2,etc.) One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Given the port configuration for the virtual switch and the physical switch in the table below, click on all of the virtual and physical machines that Virtual OS1 can communicate with.

Virtual OS3 Physical OS1-1 Physical OS1-2 Physical OS1-3 Physical OS1-4

SIP

VoIP signaling protocol used to set up, maintain, and tear-down VoIP phone calls

What is the main difference between vulnerability scanning and penetration testing?

Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.

When would you typically use and RJ-11 connector?

When connecting a phone to a phone line

Which of the following are not reasons to remote wipe a mobile device?

When the devices is inactive for a period of time

Which type of documentation would you consult to find the location of RJ-45 wall jacks and their endpoints in the intermediate distribution closet? Wiring schematic Policy Baseline Procedure

Wiring Schematic

In which of the following situations would you most likely implement a demilitarized zone (DMZ)?

You want to protect a public Web server from attack.

In which of the following situations would you use port security?

You want to restrict the devices that could connect through a switch port.

you manage several windows systems. all computers are members of domain. you use an internal website that uses integrated windows authentication. you attempt to connect the website and are promted for authentication

add the internal website to the local intranet zone

Time-division multiplexing

assigns different frequencies to different channels on the same network medium.

Frequency-division multiplexing

assings different frequencies to different channels on the same network media. e.i. cable TV

Because of an unexplained network slowdown on your network, you decide to install monitoring software on several key network hosts to locate the problem. You will then collect and analyze data from a central network host. What protocol will the software use to detect the problem? a. TCP/IP b. SNMP c. IPX d. SMTP e. The primary protocol of your network

b. SNMP

A programmer that fails to check the length of input before processing leaves his code vulnerable to what form of common attack?

buffer overflow

Having poor software development practices and failing to program input validation checks during development of custom software can result in a system vulnerable to which type of attack?

buffer overflow

Which protocol uses traps to send notifications from network devices? a. SMTP b. IMAP4 c. IGMP d. SNMP e. ICMP

d. SNMP

You have connected a new computer to your network. The network uses static IP addressing.... which of the configuration values would you most likely need to change?

default gateway

when you browse to a website, a pop-up window tells you that your computer has been infected with a virus. You click on the window to see what the problem is.

drive-by download

Return-to-Zero

each indivicudal bit in the binary data is identified by dropping the signal to zero between pulses.

Which of the ff. will enter random data to the inputs of an application?

fuzzing

Manchester

uses different encoding scheme. uses the transition from one voltage level to another to represent binary data.

"Which form of access control enforces security based on user identities and allows individual users to define access control over owned resources?"

"DAC(Discretionary Access Control) uses identities to control resource access. Users can make their own decisions about the access to grant to others users."

"You have a system that allows the owner of a file to identify users and their permissions to the files. Which type of access control model is implemented?"

"Discretionary Access Control (DAC) model. With DAC, individual use their own discretion ( decision or preferences) for assigning permissions and allowing or denying access."

Which of the following best describes one-factor authentication?

"Multiple authentication credentials may be required, but they are all of the same type. (something you know, such as a password, PIN, pass phrase, or cognitive question)"

You have implemented an access control method that allows only users who are managers to access specific data. Which type of access control model is used?

"Role-based access control (RBAC) allows access based on a role in an organization, not individual users. Roles are defined based on job description or a security access level. Users are made members of a role, and receive the permissions assigned to the role. "

A router access control list uses information in a packet such as the destination IP address and port number to make allow or deny forwarding decisions.

"Rule based access control (RBAC) uses characteristics of objects or subjects, along with rules, to restrict access,. Access control entries identify a set of characteristics that will be examined for a match. If all characteristics match, access is either allowed or denied based on the rule. An example of a rule-based access control implantation is a router access control list that allows or denies traffic based on characteristics within the packet (such as IP address or port number)."

You maintain a network with four servers. Currently, users must provide authentication credential whenever they access a different server. Which solution allows users to supply authentication credentials once for all severs.

"Singe Sing-on(SSO) is a distributed access method that allows a subject to log in (sing on) once a network and access all authorized resources on the network. The SSO system authenticates the subject against a master system and automatically logs the subject on to all servers the subject is authorized to access. Once authenticated, the subject can request access to additional resources without additional loging credentials or passwords."

You would like to add additional servers to your network. You have decided to use virtual machines and Hyper-V to create these servers. You have installed Hyper-V on the Server named CorpServer. You would like to create a virtual machine that will be used to install a Domain Controller for the network. Create a new virtual machine as follows: -Create a virtual hard disk named CorpDC in the D:\HYPERV\Virtual Hard Disks directory. -Select the format that allows for maximum backwards compatibility -Configure the disk for best performance -Configure a size of 500 GB

**Create the Test Network Virtual Network** **Configure virtual machine network settings - Create a legacy network adapter. - Configure the legacy adapter to use the WDS network.** **Create a Virtual Hard Drive** From server manager select tools - New, hard disk - next - Select disk format, next - select disk type, next - type the name of the path for the hard disk file, click next - type the size for the new hard disk, next - finish. **Create a Virtual Machine** In Hyper-V manager, R click the server and select New - Virtual Machine, click next - Type the name for the virtual machine, to modify the path to the virtual machine files, select Store the virtual machine in a different location and specify the path, click next - Type the amount of memory , click next - Select the network used by the virtual machine, click next - Select the option for the virtual hard disk to either a new disk, existing disk or attach a disk, select next - if you created a new virtual hard disk, you will be prompted for the operating system installation, select the method you need, click next - finish. **Create a Virtual Switch** In Hyper-V Manager, R click the server and select Virtual Switch Manager - Select New Virtual Network Switch in the left pane - In the right pane, select the network type and click create virtual switch - Type the virtual network name and configure additional parameters as necessary click apply - click yes to apply, click ok. **Configure Virtual Machine Settings** In Hyper-V R click the virtual machine and select settings - In the add hardware section, select legacy network adapter, and click add - for the network adapter, select which virtual switch to use, click apply - To boot from the legacy adapter, select BIOS from the hardware list, to change boot order select the legacy network adapter click move up to move to the top of the list, click apply - To configure dynamic memory, select memory from the hardware list, configure settings as desired click apply - click ok

You work as the IT Administrator for a small corporate network. You are creating a share for the H:\Components folder on the CorpFiles12 file server. Research and Development department employees need to store programming components in the shared folder. You want to secure the data in the folder as follows: -Members of the Research Resources group should have full control over the folder. -All other users should be able to view the contents of the folder. -Permissions should apply to both network access through the share and local access.

**Share a Folder using file explorer** 1. CORPSERVER > CorpFiles12 > Connect > Go to file explorer and navigate to the folder you want to share > R click and choose properties > On the sharing tab click advanced settings > Select share this folder > In the share name field type the name to be used > Click ok **Configure Shared Folder Permissions** From the sharing tab click advanced sharing > Click permissions > Select the security principal and check or uncheck the desired permissions > Click ok **Configure NTFS permissions** From the security tab click edit > click add > If necessary click locations > Enter the name of each security principal that will receive permission to the folder or click advanced then find now > click ok

You are the IT Administrator for the CorpNet domain. You are in the process of implementing a group strategy for your network. The CorpNet domain has a Support OU. All Support employees in the domain have user accounts within the Support OU itself or the Support sub OU's. All support employees need access to the Support department's shared folders and printers. Your group strategy must minimize administration when granting resource access to new Support employees or removing resource access from old Support employees. Your task in this lab is to implement a group strategy that meets the above requirements on the CorpDC

**Support - Global security group - All user accounts in the Support OU and the Support sub OU's. Add Tom Plask, Shelly Emery and Janice Rons as a member and Support Group as a member of Support Resources - Domain local security group -add the Support Group as a member of the Support Resources group**

The CorpFiles12 Server has a new printer installed with the following settings: -Printer name: KonicaColor -Port: 192.168.0.22 (Standard TCP/IP Port) -Driver: KONICA MINOLTA PS Color Laser Class Driver -Share name: ColorPrinter

**Use the 192.168.0.22 Standard TCP\IP Port on the MrktgPrinter** **On MgrPrinter use the 192.168.0.22 Standard TCP\IP Port and Prevent Everyone from using the printer** **Create an Additional Printer Object** Click CorpServer - go to CorpFiles12 - Connect - Tools - Print Management - Expand Printer Servers, R click Printers and select Add Printer - Select the existing port for the print device click next - To use an existing driver, select it from the list, then click next - Type the printer name, share name and other info, click next - click next, finish. **Modify Printer Availability Times** R click the printer and select properties - Click advanced tab - Select available from option then modify - click ok **Deploy a Printer using Group Policy** R click the printer and select Deploy with Group Policy - Click Browse - The main box in the dialog box shows OU's and GPO's link to the domain, To find a GPO linked to an OU, double click the OU name to expand it, select the GPO and then click ok - Select how to deploy the printer, click add - click ok **Modify Printer Priority** R click the printer and select properties - click advanced tab - change the # in the priority box - click ok **Modify Printer Permissions** R click the printer and select properties - click security tab - To prevent a user or group from using the printer, select the user or group and click remove - To assign permissions to a user or group click add - Type user or group name - click ok

You are the IT Administrator for a small corporate network. Until now your network has consisted only of workstations accessing the internet through a consumer grade switch. You have convinced management that adding a server would ease your administrative burden. As a result, you are testing various configurations of the Windows Server 2012 operating system. CorpServer currently has two volumes. You would like to create a volume that could easily be moved to another server, if needed. Your task in this lab is to create a volume using a VHD file.

*Create a VHD file File name: C:\MyVHD.vhd Size: 100 GB Dynamic *Create the VHD_Vol volume

You are the IT Administrator for a small corporate network. Until now the network has consisted only of workstations accessing the internet through a consumer grade switch. You have convinced management that adding a server would ease your administrative burden. As a result, you are testing various configurations of the Windows Server 2012 operating system. You have reinstalled the operating system on a server named CorpServer. During this installation, you created a single partition that took up the entire first disk. You would like to add fault tolerance to the system volume and create an additional fault tolerant volume for storing data. Four additional hard disks are now installed in the Server. Your task in this lab is to complete the following tasks: -Modify the existing System volume to add fault tolerance. -Create a new volume that provides both fault tolerance and improved performance. Use the following settings for the volume: -Make the volume as large as possible given the existing drives. -Assign drive letter R -Format the drive using NTFS and assign Data as the volume label.

*Mirror the C: Drive *Create the Data volume *Create the volume as a RAID-5 volume *Create a 2 TB volume *Assign drive letter R *Format the volume with NTFS

Your task in this lab is to use File Explorer to remove all quota limits for the Administrators account.

*Select Do not limit disk usage* From Hyper-V Manager, click CORPSERVER R click CorpFiles12 and select connect On the taskbar, click file explorer > R click and select properties > On the Quota tab, click quota entries > Select a quota entry in the list > Select quota > properties > modify the limit and warning levels > click ok

You are the IT Administrator for the CorpNet Domain. You are in the process of implementing a group strategy for your network. The CorpNet domain has a Support OU. All support employees in the domain have user accounts within the Support OU itself or the Support sub-OUs. All Support employees need access to the Support departments shared folders and printers. Your group strategy must minimize administration when granting resource access to new Support employees or removing resource access from old Support employees. Your group strategy must also minimize administration when groups of other employees request access Support resources, or when Support resources are added or removed and permissions to the resources need to be granted or removed. Your task in this lab is to implement a group strategy that meets the above requirements on CorpDC.

-Create Support Group -Create the Support Resources Group -Add Tom Plask, Shelly Emery, and Janice Rons as a member of the Support Group, Add the Support group as a member of the Support Resources group. Click CORPSERVER > R click CorpDC , select connect > From Server Manager, Select Tools > Active Directory Users and Computers > Browse the Active Directory structure to the parent domain or OU. > R click the domain, OU, or other container in which the new group must be created > From the pop up menu select New Group > Type the name for the group > Select a group scope > Click ok> To modify membership R click and select properties > click members tab > To add group member Click Add > Type the name of the object you want to add > Click ok > To remove a group member, select the member and select remove. click ok to apply changes.

Which of the following are advantages of using fiber optic cabling for a network, as opposed to other types of cabling? (Select two)

-Immunity to electromagnetic interference -Greater cable distances without a repeater

Which of the following cable classifications are typically used for cable and satellite networking with coaxial cables?

-RG-6 -RG-59

Which of the following connectors usually require polishing as part of the assembly process? (Select two.)

-ST -SC

You've connected a cable certifier to an RJ45 wall jack, and the output shown below is displayed on the device. What does this output indicate? (Select two.)

-The cable is functioning correctly -This is a crossover cable

You have several shared folders on the H:\ drive of the CorpFiles12 server. To improve fault tolerance and allow backup of open files, you need to enable shadow copies for the drive. Complete the following tasks: -Enable shadow copies on the H:\ drive -Store the copies on drive D:\ -Configure a limit of 24000 MB for shadow copies - Configure a single schedule to run once a day at 8:00 pm - Delete any other schedules.

1. From Hyper-V Manager click CORPSERVER 2. R click CorpFiles08 and select connect. 3. On the taskbar, click file explorer. 4. R click the drive and select Configure shadow copies 5. Select the drive and click settings 6. Select the drive on which to store shadow copies from Located on this volume: , if necessary. 7. To configure a storage limit, select Use Limit: and type the amount of space to use for shadow copies. 8. Be default, shadow copies are taken twice daily. To set a schedule click Schedule -Modify the selected schedule by selecting specific days or other parameters. -To delete a schedule, select it in the dropdown, then click delete. - To create a new schedule, click New > Schedule Task > Start time Click ok to save

You have previously installed the LaserJet4240 printer and shared it on CorpFiles12 using a share name of ResearchPrinter. Due to an increase in the workload on the printer, you decide to add a second print device for members of the Research team to use. You want print jobs to be automatically load balanced between the two print devices without having to install a second printer to client systems or having users choose between two printers. Your task in this lab is to enable printer pooling on the LaserJet4240 printer. The second print device has been connected to a Standard TCP/IP port on 192.168.0.21.

1. From Hyper-V Manager click CORPSERVER, click on CorpFiles12 server and select connect. From Server Manager select Tools > Print Management > Expand the print servers and the server nodes. > Select printers > R click the appropriate printer and select properties > Select the ports tab > Select Enable Printer Pooling, then check additional ports used by the printer. Do not deselect currently used ports. Click ok.

You need to manage the permissions You need to manage the permissions assigned to various folders. Department data is stored on the server in a folder named D:\Departments on CorpFiles08. Each department has a subfolder within the Departments folder where they can publish files to the rest of the company. The default permissions inherited by the D:\Departments folder and each departmental subfolder currently allow all users to read and execute files. Your task in this lab is to configure permissions for each departmental subfolder so that only users within each department can change their department's files. To complete this task, assign permissions as outlined in the following table: Folder Group Permissions D:\Departments \Accounting Accounting Resources domain local group Allow Full Control D:\Departments \Research Research Resources domain local group Allow Full Control D:\Departments \Sales Sales Resources domain local group Allow Full Control D:\Departments \Support Support Resources domain local group Allow Full Control

1. From Hyper-V Manager, click CORPSERVER 2. R click the CorpFiles08 and select connect. 3. choose start > computer 4. browse to and R click a drive, folder, or file and select properties. 5. go to security tab. this tab lists each security principal who has permission to the drive, folder, or file. to view permissions for a security principal select it. the permissions granted to the selected user or group are displayed. 6. you can take one or more of the following actions to change permissions for a drive, folder or file. To Add permissions for a new security principal: Click Edit, Click Add, If necessary click locations...button and select the location where Windows will look for security principals. Click ok. Type the name of each security principal in the specified location that will receive permission to the shared folder, or click advanced...then Find Now to select security principal from a list. Click ok. To configure permissions for existing security principal on the security list: Click Edit, Select the security principal, check or uncheck the Allow check box for the desired permissions. Click ok. To remove permissions for a security principal: Click Edit, select the security principal, click remove, click ok.

The director of the Accounting department has requested a copy of older versions of purchase order reports located in the POs share. He would like a copy of any report versions available from 2012. The files are located in the D:\Finances\POs directory on the CorpFiles08 server. You need to retrieve previous version of the POs folder without affecting any of the current files or folders in D:\Finances. Your task in this lab is to retrieve a copy from a restore point of the POs folder located in the D:\Finance directory on the CorpFiles08. Copy the folder to the D:/Temp folder on the system.

1. From Hyper-V Manager, click CORPSERVER. 2. R Click on the CorpFiles08 server and select Connect. 3. Click Start / Computer 4. Browse to the D:\Finances folder 5. R click on the POs folder and select Restore Previous Versions. 6. Select the appropriate version of the folder and click Copy. 7.Browse to the desired location and click copy. 8. Click ok.

You are the IT Administrator for the CorpNet domain. You are in the process of implementing a group strategy for your network. The CorpNet domain has a Support OU. All Support employees in the domain have user accounts within the Support OU itself or the Support sub-OUs. All Support employees need access to the Support department's shared folders and printers. Your group strategy must minimize administration when granting resource access to new Support employees or removing resource access from old Support employees. Your group strategy must also minimize administration when groups of other employees (such as managers) request access to Support resources, or when Support resources are added or removed and permissions to the resources need to be granted or removed. Your task in this lab is to implement a group strategy that meets the above requirements on CorpDC. Create two groups named as follows in the Support OU: Support Support Resources For each group, configure an appropriate scope, type, and membership based on the information in the scenario and the purpose suggested by the group name.

1. From the Hyper-V Manager, click CORPSERVER 2. R click the CorpDC server and select Connect 3. From Server Manager, select Tools > Active Directory Users and Computers 4. Browse the Active Directory structure to the parent domain or OU. 5. R click the domain, OU, or other container in which the new group must be created. From the pop up menu, select New > Group. 6. Type a name for the group. 7. Select a group scope and a group type, then click ok. 8. To modify the group membership, R click the newly created group and select Properties. 9. Click the members tab. 10. To add a group member, use the following steps Click Add, type the name of the object that you want to add. Click ok to add the new group member. To remove a group member, select the member and click remove. Click ok to apply the changes.

Which of the following is included in an operations penetration test? (select three)

1. Looking through discarded papers or media for sensitive information 2.Eavesdropping or obtaining sensitive information from items that are not properly stored 3.Acting as an imposter with the intent to gain access or information

You have a computer that is connected to the Internet through a NAT router. You want to use a private addressing scheme for your computer. Which of the following IP addresses could you assign to the computer?

10.0.12.15 172.18.188.67 192.168.12.253

You have a computer that is connected to the Internet through a NAT router.You want to use a private addressing scheme for your computer.Which of the following IP addresses could you assign to the computer? (Select all that apply.)

10.0.12.15 172.18.188.67 192.168.12.253

With an Ethernet 10BaseT network, the maximum cable length between a computer and the hub is:

100 meters

Your network follows the 100BaseTx specifications for Fast Ethernet. What is the maximum cable segment length allowed?

100 meters

A host has the address 100.55.177.99/16. Which of the following is the broadcast address for the subnet?

100.55.255.255

What is the binary format for the following decimal IP address 131.9.202.11

10000011.00001001.11001010.01101111

You have been tasked with designing a high-speed Ethernet network. Your client's building already has 150 ohm shielded twisted pair wiring installed. Due to budget constraints, they have asked you to reuse the existing wiring instead of installing new fiber optic cabling. Which Ethernet standard could you implement in this situation?

1000BaseCX

Which Gigabit Ethernet standard can support long network segments up to a maximum of 5 km when used with single mode fiber-optic cable?

1000BaseLX

You want to implement an Ethernet network at very long distances using fiber optic cables. Which standard and cable type would you choose?(2 answers)

1000BaseLX Single Mode Fiber

Which Gigabit Ethernet standard uses multimode fiber-optic cabling and supports network segments up to a maximum of 550 m long?

1000BaseSX

You have been tasked with designing an Ethernet network. Your client needs to implement a very high-speed network backbone between campus buildings; some of which are around 300 m apart. Fiber-optic cabling has already been installed between buildings. Your client has asked that you use the existing cabling that operates at full-duplex. Which Ethernet standard meets these guidelines?(2 answers)

1000BaseSX, 10GBaseSR

Which of the following Ethernet standards uses fiber optic cabling?(2 answers)

100BaseFX 1000BaseLX

Which of the following use the CSMA/CD access method?(2 answers)

10BaseT 1000BaseT

You would like to implement 10 Gbps Ethernet over a distance of 1 km or greater. Which of the following would be the minimum requirement for the implementation?(2 answers)

10GBaseLR standards 10GbaseEr Standards Single mode fiber

You would like to implement 10 Gbps Ethernet over a distance of 1 km or greater. Which of the following would be the minimum requirement for the implementation?(2 answers)

10GBaseLR standards Single mode fiber

Which of the following standards is used by SONET?

10GBaseLW

You have been tasked with designing an Ethernet network. Your client needs to implement a very high-speed network backbone between campus buildings; some of which are around 300 m apart. Fiber-optic cabling has already been installed between buildings. Your client has asked that you use the existing cabling that operates at full-duplex. Which Ethernet standard meets these guidelines?(2 answers)

10GBaseSR 1000BaseSX

How many total channels are available for 802.11g wireless networks?

11

You have recently installed a new windows server 2003 system. To ensure the accuracy of the system time, you have loaded a application that synchronizes the hardware clock on the server with an external time source on Internet. Now, you must configure the firewall on your network to allow time synchronization traffic through. Which of the following ports must you likely to open on the firewall?

123

What is the maximum data rate of an ISDN BRI line?

128 Kbps

Which three of the following are Class B addresses?

129.0.0.0 190.65.2.0 132.12.0.0

Which of the following IP addresses have a default subnet mask of 255.255.0.0?

129.0.0.1 191.168.2.15 168.16.5.1

Which of the following IP addresses have a default subnet mask of 255.255.0.0? (Select all that apply.)

129.0.0.1 191.168.2.15 168.16.5.1

Which of the following IP addresses have a default subnet mask of 255.255.0.0?

129.0.0.1 191.168.2.15 168.16.5.1

A host on the network has an IP address of 129.11.99.78 using the default subnet mask. How would you identify the address and mask using CIDR notation?

129.11.99.78/16

How would you identify the address and mask using CIDR notation?

129.11.99.78/16

Your network has been assigned the Class B address of 130.15.0.0. Which of the following is not an address you can assign to a node on your network?

130.16.61.3

Which three of the following IP addresses are Class B addresses?

132.12.0.0 190.65.2.0 129.0.0.0

In an IP addressing scheme using default subnet masks, which of the following IP addresses can you assign to a host?

132.70.254.15

Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server?

169.254.0.1 - 169.254.255.254

Which of the following is not one of the ranges of IP addresses defined in the RFC 1918 that are commonly used behind a NAT server?

169.254.0.1 - 169.254.255.254

Which network IDs will be assigned to these subnets in this configuration? (Select two.)

172.17.0.0 172.17.128.0

You've decided to use a subnet mask of 255.255.192.0 on the 172.17.0.0 network to create four separate subnets. Which network IDs will be assigned to these subnets in this configuration? (selec two)

172.17/128.0 AND 172.17.0.0

You have a computer that is connected to the internet through a NAT router. You want to use a private addressing scheme for your computer. Which of the following IP addresses could you assign to the computer?

172.18.188.67 10.0.12.15 192.168.12.253

Your network has been assigned the Class B network address of 179.113.0.0 Which three of the following can be assigned to hosts on your network?

179.113.89.0 179.113.65.12 179.113.0.118

Which three of the following IP addresses are Class C addresses?

192.15.5.55 223.16.5.0 225.55.0.0

http://i.imgur.com/8aj359P.png IP Address Subnet Mask Default Gateway DNS Server

192.168.12.46 255.255.255.240 192.168.12.34 198.162.1.22

you have two switches connected together as shown in the following diagram. How many broadcast domains are there in the network?

2

Which of the following is a vaild IP (version 4) address? (Select 2)

2.2.2.2 172.16.1.26

Which of the following is a valid IP address?

2.2.2.2 172.16.1.26

Which of the following is a valid IPv4 address?

2.2.2.2 172.16.1.26

Which of the following are frequencies defined by 802.11 committees for wireless networking. select two

2.4GHz 5.57GHz

Your network has been assigned the Class C address of 200.78.151.0. Which three of the following addresses can be assigned to hosts on your network?

200.78.151.252 200.78.151.12 200.78.151.111

You are planning a network for an educational campus. Due to the size of the buildings and the distance between them, you have elected to use 10BaseFL hubs, cabling, and network interface cards. What is the maximum length for the network cable between a workstation and a hub?

2000 meters

What is the decimal format for the following binary IP address?

206.58.170.67

Which of the following is the last IP address that can be assigned to hosts on the 211.70.0.0 network using the default subnet mask?

211.70.0.254

How many total channels are available for 802.11a wireless networks?

23

Which port dose Telnet use?

23

You are configuring a network firewall to allow SMTP outbound email traffic, and POP3 inbound email traffic. Which of the following TCP/IP ports should you open on the firewall?

25 110

You have been told to assign the IP address 21.155.67.188 to a host on the network using the default subnet mask. Which mask should you use?

255.0.0.0

You are configuring the IP address for a host and have been asked to use the address 192.160.99.110/16. What subnet mask value would you use?

255.255.0.0

What is the network address and subnet mask used by APIPA?

255.255.0.0 169.254.0.0

What is the default subnet mask for the IP address 203.111.3.3?

255.255.255.0

You've just installed a new 16U wall-mounted rack in your data center. You need to install the following equipment in this rack: A 4U redundant power supply A 4U server A 4U switch A 2U router Which of the following equipment will also fit in this rack along with the above equipment?

2U UPS

Your network follows the 100BaseFX specifications for Fast Ethernet, and uses half-duplex, multimode cable. What is the maximum cable segment length allowed?

412 meters

To increase security on your company's internal network, the administrator has disabled as many ports as possible, Now, however, though you can browse the internet, you are unable to perform secure credit card transactions. Which port need to be enabled to allow secure trans actions?

443

You are configuring PuTTY to be used to access the CLi of a Cisco switch Which of the following configuration values would prevent PuTTY from connecting? (Select two)

4600 baud Flow control = RTS/CTS

You want to use CCTV to increase the physical security of your building. Which of the following camera types would offer the sharpest image at the greatest distance under the lowest lighting conditions?

500 resolution, 50mm, .05 LUX

You want to maintain tight security on your internal network, so you restrict access to the network though certain port numbers. If you want to allow user to continue to use DNS, which port should you enable?

53

If SONET (OC-1) base data rate is 51.84 Mbps, how much data can the Optical Carrier level 12 (OC-12) transfer in one second?

622.08 Mb

Which of the following are valid IPv6 IP addresses? Select all that apply.

6384:1319:7700:7631:446A:5511:8940:2552 141:0:0:0:15:0:0:1

Which of the following are valid IPv6 IP addresses?

6384:1319:7700:7631:446A:5511:8940:2552 141:0:0:0:15:0:0:1

Which of the following are valid IPv6 IP addresses? Select all that apply.

6384:1319:7700:7631:446A:5511:8940:2552 141:0:0:0:15:0:0:1

Haley configures a web site using windows 2000 default values. What are the http prot and SSL prort settings?

80 for HTTP 443 for SSL

You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4GHz. Which 802.11 stand will work best in this situation?

802.11a

You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54Mbps. In addition, the client already has a wirelesss telephone system installed that operates 2.4GHz. Which 802.11 standard will work best in this situation?

802.11a

Which IEEE wireless standard specify transmission speeds up to 54Mbps? select two

802.11a 802.11g

Which IEEE standard describes wireless communications?

802.11b

After installing a new 2.4GHz cordless phone system in your office, you notice that wireless network performance is adversely affected. Which of the following wireless networking standards are you most likely to be using? (Select two.)

802.11b 802.11g

You have been contacted by OsCorp to recommend a wireless solution.

802.11g

Which of the following specifications identify security that can be added to wireless networks? (Select two.)

802.11i 802.1x Standards described in 802.11i have been implemented in Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2). 802.1x is an authentication protocol that can be used on wireless networks.

You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 150 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standard will work best in this situation?

802.11n

You are designing a wireless network for a client. Your client needs the network to support data rate of at least 150Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4GHz. Which 802.11 standard will work best in this situation?

802.11n

You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54Mbps. Which 802.11 standard will work best in this situation? select two

802.11n 802.11a

You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solutions? select two

802.1a authentications Remediation servers

You want to increase security of your network by allowing only authenticated users to be able to access network devices through a switch. Which of the following should you implement?

802.1x

You want to increase the security of your network by allowing only authenticated users to be able to access network devices through a switch. Which of the following should you implement?

802.1x 802.1x authentication is an authentication method used on a LAN to allow or deny access based on a port or connection to the network. 802.1x is used for port authentication on switches and authentication to wireless access points. 802.1x requires an authentication server for validating user credentials. This server is typically a RADIUS server. Authenticated users are allowed full access to the network; unauthenticated users only have access to the RADIUS server.

You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the main floor. You need to connect the two wiring closets. Which of the following are typically used to connect the two wiring closets? (Select two.) A 25 pair BVertical cross connect C Horizontal cross connect D Demarc extension E Smart jack

A 25 pair C Horizontal cross connect

You are building network cables and attaching RJ-45 connectors to each end. Which tool do you need for this task? A Crimping tool B Punch down tool C Vampire taps D Needle nose pliers

A Crimping tool

You have a network that occupies the top floor of a three story building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. What would you use to relocate the WAN line into a wiring closet on your floor? A Demarc extension B Horizontal cross connect C 66 block D 110 block E Smart jack

A Demarc extension

Which of the following are advantages of using fiber optic cabling for a network, as opposed to other types of cabling? (Select two.) A Greater cable distances without a repeater B Immunity to electromagnetic interference C Lower installation cost D Faster installation

A Greater cable distances without a repeater B Immunity to electromagnetic interference

You have a network that occupies both floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the second floor directly above the wiring closet that holds the demarc. Which of the following terms describes the closet on the second floor? A IDF B Demarc extension C MDF D Horizontal cross connect E Vertical cross connect

A IDF Intermediate distribution frame (IDF)

Which of the following are characteristics of coaxial network cable? (Choose three.) A It uses two concentric metallic conductors. B It uses two concentric conductors made from plastic or glass which conduct light signals. C It uses RJ-45 connectors D It has a conductor made from copper in the center of the cable. E The ends of the cable must be terminated. F It is composed of four pairs of 22—gauge copper wire. G The conductors within the cable are twisted around each other to eliminate cross—talk.

A It uses two concentric metallic conductors. D It has a conductor made from copper in the center of the cable. E The ends of the cable must be terminated.

Which of the following connectors are used with fiber optic cables and include both cables in a single connector? (Select two.) A LC B ST C sc D MT-RJ E Bixlc

A LC D MT-RJ

In what form of access control environment is access controlled by rules rather than by identity?

A MAC environment controls access based on rules rather then by identify.

You are installing networking wiring for a new Ethernet network at your company's main office building. The project specifications call for Category 5 UTP network cabling and RJ-45 wall jacks. Near the end of the project, you run out of wire before the last few runs are complete. You have a spool of Category 3 network cable in storage. Upon investigation, it appears very similar to Category 5 wiring. Should you substitute Category 3 cabling for Category 5 cabling to finish the project? A No, Category 5 cabling has more twists per inch than Category 3 cabling to reduce cross—talk and support higher data rates. B No, Category 3 cabling doesn't support RJ-45 connectors. C No, Category 5 cabling uses a thicker copper wire than Category 3 cable; enabling higher data transmission rates. D No, the sheath surrounding Category 5 cable is much thicker; creating an extra layer of shielding to reduce cross—talk and support higher data rates. E Yes, you can substitute Category 5 wiring with Category 3 wiring, as they are electrically identical

A No, Category 5 cabling has more twists per inch than Category 3 cabling to reduce cross—talk and support higher data rates.

Which of the following is the strongest form of mulch-factor authentication.

A Password, a biometric scan, and a token device

Which pins in an RJ-45 connector are used to transmit data when used on a 100BaseT Ethernet network? (Choose two.) A Pin 1 B Pin 2 C Pin 3 D Pin 4 E Pin 5 F Pin 6 G Pin 7 H Pin 8

A Pin 1 B Pin 2

You have a small home network connected to the Internet using an RG-6 cable. You need to move the router connecting the network to the Internet, but can't find any RG-6 cable. Which cable types could you use instead? A RG-59 B RG-8 C RG-8, RG-58, or RG—59 D RG-58 or RG-59 E RG-58 F RG-8 or RG-58

A RG-59

F—type connectors are typically used with cables using which of the following standards? (Select two.) A RG-59 B RG-6 C RG-58 D cat 5 E Cat 5e F Cat 6e

A RG-59 B RG-6

Which of the following cable classifications are typically used for cable and satellite networking with coaxial cables? (Select two.) A RG-6 B RG-8 C RG-58 D RG-59

A RG-6 D RG-59

Which of the following connectors usually require polishing as part of the assembly process? (Select two.) A ST B AUI C IDC D SC E BNC

A ST D SC

Which of the following is true about single mode fiber optic network cabling? A The central core is smaller than that of multimode fiber optic cabling. B It transmits multiple rays of light concurrently. C It doesn't support segment lengths as long as that supported by multimode fiber optic cabling. D It's less expensive than multimode fiber optic cabling. E The central core is composed of braided plastic or glass fibers.

A The central core is smaller than that of multimode fiber optic cabling.

Which of the following are characteristics of an LC fiber optic connector? (Choose two.) A They use a housing and latch system similar to an RJ-45 UTP connector. B They are threaded. C They use a one—piece bayonet connecting system. D They are half the size of standard connectors. E They can be used with either fiber optic or copper cabling. F They use a stainless steel housing.

A They use a housing and latch system similar to an RJ-45 UTP connector. D They are half the size of standard connectors.

Which of the following are characteristics of an MT-RJ fiber optic connector? (Select two.) A They use metal guide pins to ensure accurate alignment. B They use a keyed bayonet. C They use a nickel-plated housing. D They can be used with multimode fiber optic cables. E They must never be used with single-mode fiber-optic cables. F They are used with multifiber fiber optic ribbon cables.

A They use metal guide pins to ensure accurate alignment. D They can be used with multimode fiber optic cables.

syslog

A ________-logging solution consists of two primary components: servers, which receive and store log messages sent from clients; and clients, which can be a variety of network devices that send logging information to a server.

baseline

A collection of data portraying the characteristics of a network under normal operating conditions. Data collected while troubleshooting can then be contrasted against this data.

Which of following describes a man in the middle attack?

A false server intercepts communications form a client by impersonating the intended server.

Which of the following describes a man-in-the-middle attack?

A false server intercepts communications from a client by impersonating the intended server.

In virtualization, what is the role of a hypervisor?

A hypervisor allows virtual machines to interact with the hardware without going through the host operating system.

In virtualization,what is the role of the hypervisor?

A hypervisor allows virtual machines to interact with the hardware without going through the host operating system.

Which of the ff. describes a configuration baseline?

A list of common security settings that a group or all devices share

Which of the following are typical components of a NAS device? select two

A minimal network OS. One or more NICs.

Metropolitan Area Network (MAN)

A network that can cover an area as small as a few blocks to an entire metropolitan city,

Which of the following is the strongest form of multi-factor authentications?

A password, a biometric scan, and a token device

butt set

A piece of test equipment typically used by telephone technicians. The clips can connect to the tip and ring wires on a punch-down block (for example, a 66 block or a 110 block) connecting to a telephone. This allows the technician to check the line (for example, to determine whether a dial tone is present on the line and determine whether a call can be placed from the line).

What is mutual authentication?

A process by which each party in an online communication verifies the identity of the other party.

Which of the following describes a logic bomblogic bomb?

A program that performs a malicious activity at a specific time or after a triggering event

Which of the ff. describes a logic bomb?

A program that performs a malicious activity at a specific time or after a triggering event.

SNMP

A protocol used to monitor and manage network devices, such as routers, switches, and servers.

How dose a proxy server differ from a packet filtering firewall.

A proxy server operates at the Application layer, while a packet filtering firewall operates at the network layer.

An all-in-one security appliance is best suited for which type of implementation?

A remote office with no on-site technician.

Which of the following information are you likely to find in a policy document? Steps for completing and validating nightly backups Average performance statistics for router A requirement for using encrypted communications for web transactions The IP address assigned to a router interface

A requirement for using encrypted communications for web transactions

Which of the following correctly describes the T1 carrier system?

A single T1 channel can transfer data at 64 bps. T1 lines use two pairs of copper wire.

While viewing the status of the interfaces on a Cisco switch, you see an abnormally large number of CRC errors on one interface. This interface is connected to a user's workstation located in a cubicle on the 2nd floor. What could be causing this to happen?

A strong EMI emitter near the cable run connected to that interface.

While viewing the status of the interfaces on a Cisco switch, you see an abnormally large number of CRC errors on one interface. This interface is connected to a user's workstation located in a cubicle on the 2nd floor. What could be causing this to happen?

A strong emitter near the cable run connected to that interface

In a variation of the brute force attack, an attacker may use a predefined list (dictionary) of commonly used usernames and passwords to gain access to existing user accounts. Which countermeasure best addresses this issue?

A strong password policy

Subnet

A subnet is a portion of a network with a common network address

Which of the following is an example of two-factor authentication?

A token device and a PIN Two-factor authentication uses two different types of authentication (i.e. a combination of Type I, Type II, and Type III authentication). Of the examples listed here, a token device (Type II) combined with a PIN (Type I) is the only example of two-factor authentication.

Which of the following is an example to two -factor authentication?

A token device and a PIN (type II something you have, such as a smart card, token device, or photo ID

Which of the following is an example of two-factor authentications?

A token device and a pin

Which of the following is an example of an internal threat?

A user accidentally deletes the new product designs

Which of the following is an example of an internal threat? A server backdoor allows an attacker on the Internet to gain accesss to the intranet site A delivery man is able to walk into a controlled area and steal a laptop A water pipe in the server room break A user accidentally deletes the new product designs

A user accidentally deletes the new product designs

Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?

ACL When you configure a router as a firewall, you configure the access control list (ACL) with statements that identify traffic characteristics, such as the direction of traffic (inbound or outbound), the source or destination IP address, and the port number. ACL statements include an action to either allow or deny the traffic specified by the ACL statement.

You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the following components will be part of your design? select two

AES encryption 802.1x

IPSec is implemented through two separate protocols. What are these protocols called?

AH ESP

IPsec is implemented through two separate protocols. What are these protocols called? select two

AH ESP

Which exploit seeks to maliciously re-associate the IP address of a legitimate network host with the MAC address of the attacker's computer?

ARP poisoning

Which of the following attacks tries to associate an incorrect MAC address with a known IP address?

ARP poisoning ARP spoofing/poisoning associates the attacker's MAC address with the IP address of victim devices. When computers send an ARP request to get the MAC address of a known IP address, the attacker's system responds with its MAC address.

A router is configured with the login, no password condition for console access. Which of the following statements is true about access via a Telnet or SSH session?

Access is denied.

"Which of the following terms describes the component that is generated following authentication and which is used to gain access to resources following log on?"

Access token

What is the most important aspect of a biometric device?

Accuracy

A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to a wireless network and then uses NMAP to probe various network hosts to see which operating system they are running. Which process did the administrator use in the penetration test in this scenario?

Active fingerprinting

You have been getting a lot of phishing e-mails sent from the domain Kenyan.msn.pl. Links within these e-mails open new browser windows at youneedit.com.pl You want to make sure that these e-mails never reach your Inbox, but the e-mails from other senders are not affected. What should you do?

Add Kenyan.msn.pl to the e-mail blacklist.

You have a shared folder named Reports. Members of the Managers group have been given Write access to the shared folder. Mark Mangum is a member of the Managers group. He needs access to the files in the Reports folder, but should not have any access to the Confidential.xls file. What should you do?

Add Mark Mangum to the ACL for the Confidential.xls file with Deny permissions.

You work as the IT Administrator for a small corporate network. You have recently expanded the network to a second building. In doing so, you have removed the consumer grade internet router that you started with and have installed a network router to the other building. You have decided to use CorpDHCP12 Server as a DHCP server to replace the DHCP service that was provided by the consumer grade router. Your task in this lab is to: -Install the DHCP Role -Authorize the CorpDHCP12 as a DHCP server. -configure and activate the DHCP scope as follows: -Name: Subnet1 -Address range: 192.168.0.1 to 192.168.0.100 -Subnet mask: 255.255.255.0 -Lease duration: 5 days Do NOT configure exclusions at this time.

Add a DHCP Role 1. Go to CORPSERVER > CorpDHCP12 and select connect 2. From server manager, select Manage > Add Roles and Features 3. Click next to begin the add roles and features wizard, verify that role-based or feature based installation is selected and click next. 4. Ensure that CorpDHCP12.CorpNet is selected in the Server pool area, and then click next. 5. Select the DHCP server role, and click add features when prompted to add additional features, click next. 6.Click install to add the selected role services. 7.Click complete DHCP configuration link to begin the DHCP Post-Install configuration wizard. 8.Verify credentials and click commit > Close. Configure and Activate the DHCP Scope 1. From Server Manager, Select Tools > DHCP > R click the protocol for which you wish to create the scope and choose New Scope. 2. Click next to start the new scope wizard > Name the scope > Next > Configure IP address > Next Configure lease duration > Select No, I will configure these options later > Next > Finish > To activate scope, browse to and select the Subnet1 scope > **R click the scope and choose Activate**

You work as the IT Administrator for a small corporate network. You have recently expanded the network to a second building. In doin so, you have removed the consumer grade internet router that you started with and have installed a network router to the other building. You have decided to use the CorpDHCP12 server as a DHCP server to replace the DHCP service that was provided by the consumer grade router. Your task in this lab is to: -Install the DHCP role -Authorize the CorpDHCP12 as a DHCP server. -Configure and activate the DHCP scope as follows: Name: Subnet1 Address Range: 192.168.0.1 to 192.168.0.100 Subnet Mask: 255.255.255.0 Lease Duration: 5 days Do not configure exclusions or options at this time.

Add a DHCP Role: 1. Click CORPSERVER, go to CorpDHCP12 and connect. 2. Go to Manage > Add Roles and Features 3. Next > Role-based or feature based installation is selected and click next 4. Ensure that CorpDHCP12.CorpNet is selected in the Server Pool area, and click next. 5. Select DHCP Server role, and click Add Features when prompted to add additional features. Click Next 6. Click install to add the selected services, click complete DHCP configuration link to begin the DHCP Post-Install configuration wizard. Click Next, Commit Configure and Activate the DHCP Scope: 1. From Server Manager select Tools > DHCP 2. Expand the DHCP Server > R click the protocol for which you wish to create the scope and choose New Scope.. 3. Click next to start the new scope wizard, name the scope then click next, configure the IP Address 4. Type a start IP address and an end IP Address - Set the subnet mask by typing the mask value or typing the number of subnet mask bits. Click Next 5. Click next to ignore any exclusions and delays, configure lease duration, click next, select No, I will configure these options later to postpone configuring other DHCP options, then click next. Click finish. To activate scope, browse to and select the Subnet1 scope. R click the scope and choose Activate.

You have recently installed the DHCP service on the CorpDCHP12 server. You have configured two scopes--one for your original building (on 192.168.0) and one for a new building which you have connected to your network (on 192.168.10). Each building is shown in the Change Location diagram. After activating the scopes, you find that clients on Subnet1 have received IP addressing information from the DHCP server. Clients on Subnet2, however, have IP addresses in the range of 169.254.0.0/16. You realize that DHCP messages are not being forwarded through the router. Your task in this lab is to: Use Routing and Remote Access to configure CorpServer2 as a DHCP relay agent. To do so, complete the following tasks in Routing and Remote Access:1.Add the DHCP Relay Agent routing protocol. 2.Add Local Area Connection as a DHCP Relay Agent interface. Set the boot threshold to 0. 3.Configure the DHCP Relay Agent properties to identify 192.168.0.14 as the DHCP server. Renew the TCP/IP information on Exec2 (the client machine in Bldg B) and verify that it has a network connection.

Add the DHCP Relay Agent Protocol: 1. Choose Start / Administrative Tools / Routing and Remote Access 2. Expand the server node and the appropriate protocol node. 3. R click the general node and choose New Routing protocol 4. Select DHCP Relay Agent and click ok. Add and Configure a Relay Agent Interface: 1. R click the DHCP Relay Agent node and select New Interface.. 2. select the interface that will listen to DHCP broadcast. Click ok. 3. be sure the Relay DHCP packets option is enabled. 4. Set the hop count and boot thresholds. Click ok. Identify the DHCP Server: 1. R click the DHCP Relay Agent node and select properties 2. Type the IP address of the DHCP server, This is the sever to which DHCP broadcasts will be forwarded. 3. Click ok Renew The TCP/IP Address: 1. On Exec2, type command (command prompt) 2. In the cmd prompt, type ipconfig /renew the computer should receive an address of 192.168.10 network. 3. Click on the network icon in the Task bar to view the connection status.

You manage several Windows systems. Deskstop users access an in-house application that is hosted on you intranet Web server. When a user clicks a specific option in the application, they receive an error message that the popup was blocked. You need to configure the security settings so that users can see the pop-up without compromising overall security. What should you do?

Add the URL of the Web site to the Local Intranet zone.

Which of the following are characteristics of MPLS?

Adds labels to data units Supports variable-length data units

Which of the following are characteristics fo ATM?

Adds labels to data units Uses fixed-length cells of 53- bytes

Your organization provides its sales force with Windows RT 8.1 tablets to use while visiting customers sites. You manage these devices by enrolling them in your cloud-based Microsoft Intune account. One of your sales reps left her tablet at an airport. The devices contains sensitive information and you need to remove it in case that device is compromised. Which Intune portal should you use to perform a remote wipe?

Admin Portal

While browsing the Internet, you notice that the browser displays ads that are targeted towards recent keyword searches you have performed. What is this an example of?

Adware

Which of the following is a characteristic of static routing when compared to dynamic routing?

All routers must be manually updated on the router.

Which of the following is a characteristic of static routing when compared to dynamic routing?

All routes must be manually updated on the router.

You want to allow e-commerce Web site that you visit to keep track of your browsing history for shopping carts and other information, but want to prevent that information from being tracked by sites linked to the sites you explicitly visit. How should you configure the browser settings?

Allow first party cookies but block third-party cookies

Which of the following are characteristics of TACACS+

Allow for the possible of three different servers, one each for authentication, authorization, and accounting Uses TCP

Many popular operating system allow for quick and easy sharing of files and printers with other network members. Which of the ff. is not a means by which file and printer sharing is hardened?

Allowing NetBIOS traffic outside of your secured network.

Virtual Server

Allows a single server to host multiple virtual instances of various operating systems

Community cloud

Allows cloud services to be shared by several organizations

Virtual Desktop

Allows user to store data in a centralized data center, as opposed to the hard drive of the local computer

MDIX

Also a traditional port found in a PC's NIC, but it reverses the transmit and recieves pairs

Which of the following best describes the Ping of Death exploit?

An ICMP packet larger than 65,536 bytes?

Which of the following describes how access lists can be used to improve network security?

An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.

What actions can a typical passive Intrusion Detection System (IDS) take when it detects an attack?

An alert is generated and delivered via Email, the console, or an SNMP trap. The IDS logs all pertinent data about the intrusion.

You are implementing a SOHO network for a local business. The ISP has already installed and connected a cable modem in the business. The business has four computers that need to communicate with each other and the internet. You examine each computer and notice only one of the four has a wireless NIC; they all have ethernet NICs. What should you purchase.

An unmanaged switch and Cat5e cabling

Which type of polish grade uses green-colored connectors to help prevent using the wrong connector type?

Angled Physical Contact

You need to replace a fiber optic cable that is connecting two switches together. You instpect the existing fiber cable and determine that it uses LC connectors. You also notice the cable's ferrule has a slight slant to it. Which polish grade should you use to replace the existing cable?

Angled Physical Contact polish

You are concerned about protecting your network from network-based attacks from the internet. Specifically, you are concerned about zero day attacks (attacks that have not yet been identified or that do not have prescribed protections.) Which type of device should you use?

Anomaly based IDS

What does a tarpit specifically do to detect and prevent intrusion into your network?

Answer connection requests in such a way that the attacking computer is stuck for a period of time

Which of the following statements about the use of anti virus software is correct?

Anti virus software should be configured to download updated virus definition files as soon as they become available.

Which of the ff. measures are you most likely to implement to protect against a worm or Trojan horse?

Anti-virus software

Which of the ff. statements about the use of anti-virus software is correct?

Anti-virus software be configured to download update virus definition files as soon as they become available.

Which of the following statements about the use of anti-virus software is correct?

Anti-virus software should be configured to download updated virus definition files assoon as they become available.soon as they become

What is the most common form of host based IDS that employs signature or pattern matching detection methods?

Anti-virus software.

Which of the following is the correct definition of a threat.

Any potential danger to the confidentiality, integrity, or availability of information or systems

Content Engine

Appliances dedicated to content cashing

You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?

Application level

You provide internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?

Application level

You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem?

Application log.

Which of the following activities are typically associated with penetration testing? (select two)

Attempting social engineering Running a port scanner

You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat6e cable to connect the wiring closet to the shipping building. Which of the following are you most likely to experience?

Attenuation.

What are the most common network traffic packets captured and used in a replay attack? DNS query File transfer Authentication Session termination

Authentication

Which of the following are improvements to SNMP that are included within SNMP version 3? (Select two)

Authentication for agents and managers Encryption of SNMP messages

You want to use the T568B standard for adding connectors to your Cat5 cable. Starting with pin 1, which order should you use for the wires within the connector? A White/green, green, white/orange, blue, white/blue, orange, white/brown, brown B White/orange, orange, white/green, blue, white/blue, green, white/brown, brown C White/blue, blue, white/orange, orange, white/green, green, white/brown, brown D White/orange, orange, white/green, green, white/blue, blue, white/brown, brown

B White/orange, orange, white/green, blue, white/blue, green, white/brown, brown

In which of the following situations might you use an RJ-11 connector? A You want to connect the 10BaseT network card in your computer to a switch. B You want to connect your computer to the Internet with a dial-up connection. C You want to upgrade your 10BaseT network to 10OBaseT. D You want to test a network cable to see if there is a break in the line.

B You want to connect your computer to the Internet with a dial-up connection.

Which of the following routing protocols is used by routers on the internet or learning and sharing routes?

BGP

Which of the following routing protocols used paths, rules, and policies instead of a metric for making routing decisions?

BGP

You are working with an older 10Base2 Ethernet network. Which of the following connector types will you most likely encounter?

BNC

After an intrusion has occurred and the intruder has been removed from the system, which of the following is the best next step or action to take?

Back up all logs and audits regarding the incident

Developers in your company have created a Web application that interfaces with a database server. During development, programmers created a special user account that bypasses the normal security. What is this an example of?

Backdoor

NetBus and Back Orifice are remote control tools. They allow you to connect to a remote system over a network and operate it as if you were sitting at its local keyboard. Unfortunately, these two programs are also examples of what type of security concern?

Backdoor Trojans

Which of the following is an important aspect of evidence gathering?

Backing up all log files and audit trails

Which of the following is an important aspect of evidence gathering?

Backing up all logs files and audit trails

You provide IT support under contract for a dentists office. The office has a limited number of wireless clients, so a simple wireless router is used to profide WIFI access. On your latest visit, you check the manufactures website and discover that a update has been released by the wireless router manufacture. You decide to download and install the update. Click the option you should use in the wireless routers configuration interface to prepare the device for update.

Backup Configuration

You are concerned about the amount of traffic that passed through a router on your network. You want to see how the amount of traffic has changed over time. Which document would help in identifying past average network traffic? Network diagram History log Baseline Event log

Baseline

You are in the habit of regularly monitoring performance statistics for your devices. You find that this month a specific server has averaged a higher number of active connections than last month. Which type of document should you update to reflect the change? Configuration documentation Wiring schematic Baseline Change log Network diagram

Baseline

When duplicating a drive for forensic investigative purposes, which of the following copying methods is most appropriate?

Bit-level cloning

You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standard could the network be using. select two

Bluetooth 802.11b

A programmer that fails to check the length of input before processing leaves his codevulnerable to what form of common attack?

Buffer overflow

Which of the following attacks is a form of software exploitation...input variable is designed to handle?

Buffer overflow

In business continuity planning, what is the primary focus of the scope? Human life and safety Business processes Recovery time objective Company assets

Business processes

You are making Ethernet drop cables using Cat5e cable and RJ-45 connectors. You need to remove the plastic coating over the cable to expose the individual wires. Which tool should you use? A Snips B Punchdown tool C Cable stripper D Butt set

C Cable stripper

When using 110 blocks for connecting Cat5 and higher data cables, which recommendation should you follow? A Use C-5 connectors. B Connect wires using the T568A standard. C Keep wire pairs twisted up to within one—half of an inch of the connector. D Connect wires using the T568B standard.

C Keep wire pairs twisted up to within one—half of an inch of the connector.

Of the following cables, which offer the best protection against EMI? A cat 5 B RG-6 C Single mode fiber optic D Cat 5e

C Single mode fiber optic

Which of the following are requirements of the 1000BaseT Ethernet standards?(3 answers)

CAT 5e cabling RJ-45 connectors The cable length must be less than or equal to 100m

Asset management

CM Process: A formalized system of tracking network components and managing the lifecycle of those components.

Change management

CM Process: Commonly a form of software used by network administrators to alert other network administrators about an upcoming network change.

Network documentation

CM Process: Comprised of Contact Information, Policies, Network maps and diagrams, Vendor Documentation and Wiring Schemes

Cable Management

CM Process: Documentation about a network's existing cable (that is, copper and fiber-optic cable) infrastructure.

Baselining

CM Process: The collection of network utilization data when the network is operating properly to be compared to when issues are present

You are configuring the file system of a Windows Server 2012 server. You shared the D:\Shared folder on CorpFiles12 for common file access. The Everyone group has complete NTFS permissions to the folder (except permission to change file and folder permissions). The folder is shared using its default share name. Network users report that they can only read data in the Shared folder. They should be able to create, edit, and delete all folders and files. You want to enable these permissions using the least administrative effort. Your task in this lab is to fix the access problem by granting Everyone the Allow Change permission to the Shared folder.

CORPSERVER > R click CorpFiles12 > Connect > On the taskbar, click File Explorer > Navigate to the shared folder and select properties > On the sharing tab click Advanced sharing > Click permissions > Select the user or group then check or uncheck the Allow check box for the desired permissions, click ok> click ok to save changes.

Arrange the computer components listed on the left in order of decreasing volatility on the right.

CPU registers and caches System RAMWhich of the following is an important aspect of evidence gathering? Paging file Hard disk File system backup on an external USB drive

All of the 802.11 standards for the wireless networking support which type of communication path sharing technology?

CSMA/CA

The media access control method of all Ethernet networks is

CSMA/CD

What must you install between your network and a T1 line for your networks to use the T1 line?

CSU/DSU

Which of the following devices is used on a WAN to convert synchronous serial signals into digital signals?

CSU/DSU

Which of the following services are available regardless of whether the telephone company network is available?

Cable modem

You are making Ethernet drop cables using Cat5e cable and RJ45 connectors. You need to remove the plastic coating over the cable to expose the individual wires. Which tool should you use?

Cable stripper Use a cable stripper to remove the plastic covering for a cable. Note: When making drop cables or using punchdown blocks, do not remove the plastic covering for individual wires. Use snips to cut cables. Use a punchdown tool to push wires into 66 or 110 blocks and cut wires at the same time. Use a butt set to connect to phone lines to monitor, make, or answer phone calls.

Switch

Can dynamically learn the MAC addresses attached to various ports by looking at the source MAC address on frames coming into a port

Multilayer Switch

Can make forwarding decisions based on upper-layer information. Could function as a router.

Which of the following fire extinguisher suppressant types is best used for electrical fires that might result when working with computer components? Soda acid Water-based Carbon dioxide (CO2) Dry powder

Carbon dioxide (CO2)

What is the minimum cable specification that supports 1000 Mbps Ethernet?

Cat 5

Which of the following cable types often includes a solid plastic core?

Cat 6

MDF

Centralized Distribution Frame that connects out to multiple IDFs

Which of the following are advantages of virtualization? select two

Centralized administration Easy migration of systems to different hardware

You manage a network that uses 1000BaseT Ethernet. You find that one device communicates on the network at only 100 Mbps. Which tool should you use to test the drop cable and the connection to the network?

Certifier

You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this?

Chain of custody

You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this?

Chain of custody

You are troubleshooting a workstation connection to the network. During your troubleshooting, you replace the drop cable connecting the computer to the network. Which type of document should you update? Change documentation Configuration documentation Wiring schematic Network diagram

Change Documentation

You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device? Change management Resource allocation Acceptable use SLA

Change management

You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device? Change management resources allocation SLA acceptable use

Change management

You just developed a new Cisco router that connects several network segments in your organization. The router is physically located in the server route that requires an ID card to gain access. You backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using Telnet client with a username admin and a password of admin. You used the MDS hashing algorithm to protect the password. What should you do to increase the security of this device? select two

Change the default administrative username and password Use an SSH client to access the router configuration

You recently installed a new all-in-one security appliance in a remote office. You are in the process of configuring the device. You need to: • Increase the security of the device. • Enable remote management from the main office. • Allow users to be managed through Active Directory. You want to configure the device so you can access it from the main office. You also want to make sure the device is as secure as possible. Which of the following tasks should you carry out? (Select two.)

Change the default username and password. Configure the device's authentication type to use Active Directory.

Which wireless technology is used to enable 802.11a-ht and 802.11g-ht networks to emulate 802.11n network speeds?

Channel bonding

You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?

Circuit level

You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?

Circuit-level

Which type of network establishes a dedicated physical connection between two hosts who need to communicate on the network, not allowing any other host to use the medium until the communication is complete?

Circuit-switched

Consider the following IP addresses .

Class A, B, B, C

Consider the following IP addresses. 1) 124.77.8.5 2) 131.11.0.9 3) 190.66.250.10 4) 196.5.89.44

Class A, Class B, Class B, Class C

Consider the following IP address. 1. 124.77.8.5 2. 131.11.0.9 3. 190.66.250.10 4. 196.5.89.44 Which list represents the IP address class of each listed IP address?

Class A, Class B, Class B, Class C.

Which of the following fire extinguisher types is best used for electrical fires that might result when working with computer components? Class A Class B Class C Class D

Class C

You manage a server that uses an IP address of 192.168.255.188 with a mask of 255.255.0.0 Which of the following describes the address type?

Classless

You manage a server that uses an IP address of 192.168.255.188 with a mask of 255.255.0.0. Which of the following describes the address type?

Classless

Which of the following are often synonymous with or made possible by CIDR?

Classless VLSM

Which of the following terms are often synonymous with or made possible with CIDR? (Select two.)

Classless VLSM

You manage a server that uses an IP address of 192.168.255.188 with a mask of 255.255.0.0. Which of the following describes the address type?

Classless.

You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this?

Client-side scripts

Which of the following is NOT true regarding cloud computing?

Cloud computing requires end-user knowledge of the physical location and configuration of the system that delivers the services.

Which of the following network strategies connects multiples servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service? Mirroring Clustering Adapter bonding Storage Area Networks (SANs)

Clustering

Which of the following is not a reason to use subnets on a network?

Combine different media type on to the same subnet.

Match each type of switch on the left with its corresponding characteristics on the right. Each switch may be used once, more than once, or not at all.

Commonly sold at retail stores Unmanaged switch Provide port security features Managed switch Support VLANs Managed switch Provide very few configuration options Unmanaged switch Can be configured over a network connection Managed switch Can be configured over a dedicated communication channel Managed switch

RG-6

Commonly used by local cable companies to connect individual homes to the cable company's distribution network.

Match each third-party integration phase on the left with the tasks that need to be complete during that phase on the right. Each phase may be used once, more than once, or not at all Communicate vulnerability assessment findings with the other party. Compare your organization's security policies against the partner's policies. Disable VPN configurations that allow partner access to your network. Communicate vulnerability assessment findings with the other party. Disable the domain trust relationship between networks. Identify how privacy will be protected. Draft an ISA. Conduct regular security audits choices Ongoing operations Off-boarding Onboarding

Communicate vulnerability assessment findings with the other party. - Ongoing operations Compare your organization's security policies against the partner's policies. - Onboarding Disable VPN configurations that allow partner access to your network. - Off- boarding Communicate vulnerability assessment findings with the other party. - Onboarding Disable the domain trust relationship between networks. - Off-boarding Identify how privacy will be protected. - Onboarding Draft an ISA. - Onboarding Conduct regular security audits - Ongoing operations

As a victim of a Smurf attack, what protection measure is the most effective during the attack?

Communication with our upstream provider

Match each switch management method on the left with its corresponding characteristics on the right. Each method may be used once, more than once, or not at all.

Competes with normal network traffic for bandwidth In-band management Uses a dedicated communication channel Out-of-band management Must be encrypted to protect communications from sniffing In-band management Does not compete with normal network traffic for bandwith Out-of-band management Affected by network outages In-band management

SNMP agent

Component of SNMPv1/v2c Network Management Solution: A piece of software that runs on a managed device (for example, a server, router, or switch).

MIB

Component of SNMPv1/v2c Network Management Solution: Information about a managed device's resources and activity is defined by a series of objects.

SNMP manager

Component of SNMPv1/v2c Network Management Solution: Runs a network management application. Sometimes referred to as a network management system (NMS).

Coaxial Cable

Composed of two conductors Inner Conductor: Insulated Outer Conductor: Made of metallic foil or woven wire, protects wire

Computers A and B are on the same VLAN and are separated by two switches, as shown in the exhibit. Computer A sends a Fram to Computer B. Which of the following best describes the composition of the frame as it travels from A to B?

Computer A sends a normal frame. The first switch appends a VLAN ID to the frame. The second switch removes the VLAN ID before forwarding it to Computer B.

Besides protecting a computer from under voltages, a typical UPS also performs which two actions:

Conditions the power signal Protects from over voltages

You are concerned that the wireless access points may have been deployed within your organization without authorizations. What should you do. select two

Conduct a site survey Check the MAC addresses on devices connected to your wired switch

You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do? (Select two. Each response is a complete solution.)

Conduct a site survey. Check the MAC addresses of devices connected to your wired switch.

"A user copies files from her desktop computer to a USB flash device and puts the device into her pocket. Which of the following security goals is most at risk?"

Confidentiality

Cell Phones with cameras and data transfer capabilities pose a risk to which security goal?

Confidentiality

You want to make sure that the correct ports on a firewall have been opened or closed. Which document should you check? Wiring schematic Policy Configuration documentary baseline

Configuration Document

Your Company has decided to temporarily partner with a third party organization for an upcoming project....... What should you do to allow routing information to be exchanged?

Configure a border router to use route redistirbution

Which of the following enterprise wireless configurations strategies best keeps public wireless access separate from private wireless access?

Configure a guest access WLAN that uses open authentication and that isolates guest WLAN traffic from other clients on the same access point.

You have just connected four switches as shown in the Exhibit. Assuming the default switch configuration, how can your force Switch C to become a root bridge?

Configure a priority number of 4096 for switch C

You have configured a wireless access point to create a small network. For security, you have disabled SSID broadcast. From a client computer, you try to browse to find the access point. You see some other wireless networks in the area, but cannot see your network to connect to it. What should you do?

Configure a profile on the wireless client.

"You have hired 10 new temporary workers who will be with the company for 3 months. You want to make sure that after that time the user accounts cannot be used for log on. What should you do?"

Configure account expiration in the user accounts

"For users on your network, you want to automatically lock their user accounts if four incorrect passwords are used within 10 minutes. What should you do?"

Configure account lockout policies in Group Policy

"You want to make sure that all users have password over 8 characters and that passwords must be changed every 30 days. What should you do?"

Configure account policies in Group Policy

You are the wireless network Admin for your organization. As the size of the organization has grown, you've decided to upgrade your wireless network to use 802.11x authentication instead of pre-shared keys. What should you do

Configure all wireless access points with client certs. Configure the RADIUS server with a server cert.

Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them. To increase security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? select two

Configure and apply security policy settings in a mobile device management system Enroll the devices in a mobile device management system

You are the network administrator for a city library. Thought the library are several groups of computers that provide public access to the internet..... The library computers are in croups of four. each group of four computers is connected to a hub that is connected to the library network... What can you do?

Configure port security on the switch

You have three switches configured as shown in the Exhibit. How can you guarantee that switch C becomes the root bridge?

Configure switch C with a lower priority value

A salesperson in your organization spent most of her time traveling between customers sites. After a customer visit, she must complete various managerial tasks, such as updating your organizations order database. Because she rarely... many of the things... Which key step should you take when implementing this configurations? select two

Configure the VPN connection to us IPsec Configure the browser to sent HTTPS requests through the VPN connection

You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the following would be a required part of your configurations?

Configure the remote access server as RADIUS clients

You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Witch of the following would be required pare of your configuration?

Configure the remote access servers as RADIUS clients.

You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the following would be a required part of your configuration?

Configure the remote access servers as RADIUS clients. When configuring a RADIUS solution, configure a single server as a RADIUS server. Then configure all remote access servers as RADIUS clients.

You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this?

Connect one server through a different ISP to the internet.

You want to create a rollover cable that has an RJ-45 connector on both ends. How should you connect the wires within the connectors?

Connect pin 1 to pin 8, pin 2 to pin 7, pin 3 to pin 6, and pin 4 to pin 5

Ring

Connects neighboring nodes until they form a ring. Signals travel in one direction. Malfunctioning node or cable break can prevent signals from reaching nodes further along the ring.

Bus

Consists of a trunk cable with nodes either inserted directly into the trunk or tapped into the trunk using offshoot cables called drop cables. Messages are sent to all devices connected to the bus

You have recently discovered that a network attack has compromised your database server. In the process, customer credit card numbers might have been taken by an attacker. You have stopped the attack and put measures in place to prevent the same incident from occurring in the future. What else might you be legally required to do?

Contact your customers to let them know of the security breach

You have recently discovered that a network attack has compromised your database server. In the process, customer credit card numbers might have been taken by an attacker. You have stopped the attack and put measures in place to prevent the same incident from occurring in the future. What else might you be legally required to do?

Contact your customers to let them know of the security breach.

Which of the following is not a valid concept to associate with integrity.

Control access to resource to print unwanted access

• You notice that a router/firewall/content filter UTM device has been implemented in the server closet to protect the internal network from external attacks. Which securityrelated recommendations should you make to this client? (Select two.)

Control access to the work area with locking doors and proximity readers. //Relocate the switch to the locked server closet.

Which of the following applications typically use 802.1x authentication?

Controlling access though a switch Controlling access though a wireless access point

Match the Cisco device password type on the left with its function on the right.

Controls the ability to log on through a LAN or WAN interface configured on the device. VTY Controls the ability to switch configuration modes EXEC Controls the ability to connect to the device using a direct connection Console

You have a network configured to use the OSPF routing protocol. Which of the following describes the state when all OSPF routers have learned about all other routes in the network?

Convergence

You have a network configured to use the OSPF routing protocol. Which of the following describes the state when all OSPF routers have learned about all other routes in the network?

Convergence

You have a network configured to use the OSPF routing protocol. Which of the following describes the state when all OSPF routers have learned about all other routes in the network?

Convergence

You have a network configured to use the OSPF routing protocol. Which of the following describes the state when OSPF routers have learned about all other routes in the network?

Convergence.

Which of the following is a text file provided by a website to a client that is stored on a user's hard drive in order to track and record information about the user?

Cookie

Application

Corresponds to the Session, Presentation, and Application layers of the OSI model

You are the IT Security Administrator for a small corporate network. You would like to allow a group of desktop administrators to have administrative rights to all of the workstations in the domain. The workstations are located in the Workstations OU. Your task in this lab is to complete the following actions on the CorpDC server: Create a global security group named Desktop Admins in the Admins OU. Members of the group will be added later. Configure a restricted group policy in the WorkstationGPO object that adds the Desktop Admins group to the local Administrators group on the workstations.

Create a Group 1. From Hyper-V Manager click CorpServer > R click CorpDC server > Connect 2. From Server Manager, select Tools > Active Directory Users and Computers. 3. Browse the Active Directory structure and the parent OU, R click the OU or other container in which the new group must be created. From the pop up menu, click New - Group. 4. Type a name for the group, Select a group scope and group type then click ok. Create a Restricted Group 1. From Server Manager, select Tools > Group Policy Management. 2. Browse to the policy object. R click the policy and select Edit. 3. In the group policy management editor, browse to computer configuration/policies/windows settings/ security settings/ restricted groups. 4. R click and select Add Group 5. Click browse, and then enter the group name , click ok. 6. In the This Group is a member of: click add. 7. Type the name of the local group to the group will be added to ( do not browse) click ok.

You are the IT Security Administrator for a small Corporate Network. You would like to allow a group of desktop administrators to have administrative rights to all of the workstations in the domain. The workstations are located in the Workstations OU. Your task in this lab is to complete the following actions on the CorpDC server: -Create a global security named Desktop Admins in the Admins OU. -Configure a restricted group policy in the WorkstationsGPO object that adds the Desktop Admins group to the local admins group on the workstations.

Create a Group CorpServer > R click CorpDC , Connect > From Server Manager select Tools > Active Directory Users and Computers > Browse the Active Directory structure to the parent OU > R click the OU or other container in which the new group must be created > From pop up menu click New > Group > Type a name for the group > Select a group scope and group type then click ok. Create a Restricted Group: From Server Manager, select Tools > Group Policy Management > Browse to policy object R click and select edit > In group policy Management editor, browse to computer Configuration / Policies / Windows Settings / Security Settings / Restricted Groups / R click and Select Add Group > Click browse then enter name of group > click ok > In the "This Group is a member of" section click Add > Type the name of the local group to the group will be added > Click ok

You work as the IT Administrator for a small corporate network. You have two servers in addition to your DNS server that use static addresses on the 192.168.0.0/24 subnet . You plan to install three additional servers soon. You need to create DNS records for these servers on the CorpDC DNS server. Your task in this lab is to: Create an IPv4 Active Directory-integrated reverse lookup zone for subnet 192.168.0.0/24. (Accept the default replication and dynamic updates settings.) Manually create A records and PTR records for the following hosts: Host IP Address CorpServer.CorpNet 192.168.0.10 CorpFiles08.CorpNet 192.168.0.12 CorpFiles12.CorpNet 192.168.0.13 CorpDHCP.CorpNet 192.168.0.14 CorpWeb.CorpNet 192.168.0.15

Create a Primary Reverse Lookup Zone 1. From Hyper-V Manager, click CORPSERVER. 2. R click the CorpDC server and select connect. 3. From server manager select tools > DNS 4. If necessary, expand the server node that will host the new zone. 5. R click reverse lookup zone, and select new zone. 6. Click next to begin the new zone wizard. 7. Select primary zone as the zone type and verify that store the zone in active directory is selected, then click next. 8. Select the appropriate replication scope, then click next. 9. Select the type of reverse lookup zone you wish to create. Click next 10. Enter the network ID. From the address, omit any trailing zeros that are excluded based on the subnet mask. click next. 10.1 For subnet 10.1.0.0/16 click next 11. Specify the type of dynamic updates that will be accepted for the DNS zone. 12. Click next, finish. Create a Host (A) and Associated Pointer (PTR) Record 1. In the DNS console, expand the server and the Forward Lookup zone nodes. 2. R click the zone that will hold the new host record and select New Host (A or AAAA) 3. Enter the host name and IP address. 4. To create the PTR record automatically, check the Create Associated pointer (PTR) record option. The reverse lookup zone must exist for this record to be created. 5. Click Add Host, then click ok. 6. Repeat steps 3 through 5 to add additional host records as necessary. 7. Click done to close the New Host dialog.

You want to store your computer-generated audit logs in case they are needed in the future for examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future?

Create a hash of each log.

You are responsible for maintaining Windows workstation operating systems in your organization. Recently, an update from Microsoft was automatically installed on your workstations that caused an in-house application to stop working. To keep this from happening again, you decide to test all updates on a virtual machine before allowing them to be installed on production workstations. Currently, none of your testing virtual machines have a network connection. However, they need to be able to connect to the update servers at Microsoft to download and install updates.

Create a new virtual switch configured for bridged (external) networking Connect the virtual network interfaces in the virtual machine to the virtual switch

You are an application developer. You use a hypervisor with multiple virtual machines installed to test your applications on various operating system versions and editions. Currently, all of your testing virtual machines are connected to the production network through the hypervisor's network interface. However, you are concerned that the latest application you are working on could adversely impact other network hosts if errors exist in the code. To prevent this, you decide to isolate the virtual machines from the production network. However, they still need to be able to communicate directly with each other. What should you do?

Create a new virtual switch configured for host-only (internal) networking. Connect the virtual network interfaces in the virtual machines to the virtual switch.

"You want to give all managers the ability to view and edit a certain file. To do so, you need to edit the discretionary access control list (DACL) associated with the file. You want to be able to easily add and remove managers as their job positions change. What is the best way to accomplish this?"

Create a security group for the managers. Add all users as members of the group. Add the group to the file's DACL

You want to give all managers the ability to view edit a certain file. To do so, you need to edit the discretionary access control list (DACL) associated with the file. You want to be able to easily add and remove managers as their job positions change. What is the best way to accomplish this?

Create a security group for the managers. Add all users as members of the group. Add the group to the file's DACL.

A user reports that she can't connect to the internet. After some investigation, you find the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point. What should you do next?

Create an action plan.

A security administrator logs on to a Windows server on her organization's network. She then runs a vulnerability scan on that server. What type of scan was conducted in this scenario? Ping scan TCP SYN scan Credentialed scan Non-Credentialed scan

Credentialed scan

Which of the following is an example of privilege escalation? Separation of duties Creeping privileges Principle of least Privilege Mandatory vacations

Creeping privileges

Which of the following is an example of privilege escalation? Separation of duties Creeping privileges Principle of least privilege Mandatory vacations

Creeping privileges

You are building network cables and attaching RJ45 connectors to each end. Which tool do you need fo this task?

Crimping tool You should use a crimping tool designed for RJ45 connectors to attach connectors to UTP cable.

You have two switches that you need to connect using their uplink ports. The switches do not support auto-MDI. Which type of cable should you use?

Crossover

You have two switches that you need to connect using their uplink ports. The switches do not support auto-MDI. Which type of cable should you use?

Crossover

You need to transfer data from one laptop to another and would like to use an Ethernet cable. You do not have a hub or a switch. Which type of cable should you use?

Crossover

You need to transfer data from one laptop to another and would like to use an Ethernet cable. You do not have a hub or a switch. Which type of cable should you use?

Crossover

You want to connect the LAN port on a router to the uplink port on a switch. The switch does not support auto-MDI. Which type of cable should you use?

Crossover

You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a wiring closet on the two remaining floors directly above the wiring closet on the main floor. What would you use to connect the wiring closets together? A Smart jack B Demarc extension C Horizontal cross connect D Vertical cross connect

D Vertical cross connect

You want to use the T568A standard for adding connectors to your Cat5 cable. Starting with pin 1, which order should you use for the wires within the connector? A White/orange, orange, white/green, blue, white/blue, green, white/brown, brown B White/blue, blue, white/orange, orange, white/green, green, white/brown, brown C White/orange, orange, white/green, green, white/blue, blue, white/brown, brown D White/green, green, white/orange, blue, white/blue, orange, white/brown, brown

D White/green, green, white/orange, blue, white/blue, orange, white/brown, brown

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?

DDoS A DDoS attack is when multiple PCs attack a victim simultaneously and generate excessive traffic, thereby overloading communication channels, or exploiting software flaws.

You have a TCP/IP network with 50 hosts. There has been in consistant communication problems between hosts. You run a protocol analyzer and discover that two hosts have the same IP address assigned. Which protocol can you implement on your network to help prevent problems such as this?

DHCP

You have a TCP/IP network with 50 hosts. There has been inconsistant communication problems between hosts. You run a protocol analyzer and discover that two hosts have the same IP address assigned. Which protocol can you implement on your network to help prevent problems such as this?

DHCP

You have a network with 50 workstations. You want to automatically configure workstations with the IP address, subnet mask, and default gateway values. Which device should you use?

DHCP Server.

A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organizations firewall. As a result, the switch drops the DHCP message from that server. Which security feature was enabled on the switch to accomplish this?

DHCP snooping

A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organization's firewall. As a result, the switch drops the DHCP message from that server. Which security feature was enabled on the switch to accomplish this?

DHCP snooping DHCP snooping filters out untrusted DHCP messages. An untrusted DHCP message is received from outside the network or firewall. DHCP snooping acts like a firewall between DHCP clients and your DHCP servers.

You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. Which protocol should you implement?

DNS

You need to enable hosts on your network to find the IP address of logical names such as srv1.myserver.com Which device would you use?

DNS server

Which wireless networking component is used to correct multiple APs together?

DS

Which of the following Internet connection technologies requires that the location be within a limited distance of the telephone company central office?

DSL

Which WAN connection type use digital communications over POTS?

DSL ISDN

Breaks data into pieces and ends the pieces access multiple frequencies in a defined range

DSSS

which of the following services automatically creates and deletes host records wen an ip address lease is created or released?

DYNAMIC DNS

Which of the following defines an objects as used in access control.

Data, Applications, systems, networks, and physical space

You have configured a wireless access point to create a small network. You have configured all necessary parameters. Wireless clients seem to take a long time to find the wireless access point. You want to reduce the time it takes for the clients to connect. What should you do?

Decrease the beacon interval.

You have just connected a new computer to your network. The network user static IP addressing. You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having a problem Which of the configuration values would you most likely need to change?

Default gateway.

You have just finished installing the operating system and applications on the ServerParent virtual machine. This virtual machine will be used to create two child virtual machines that use differencing disks. Your task in this lab is to complete the configuration and configure the two child virtual machines. Complete the following: In Hyper-V Manager, delete the ServerParent virtual machine. In File Explorer, set the D:\HYPERV\Virtual Hard Disks\ParentDisk.vhd file to Read Only. Create two new differencing hard disks named Server1.vhd and Server2.vhd. Save all hard disks in D:\HYPERV\Virtual Hard Disks. Use the ParentDisk.vhd disk as the parent disk. Create two new virtual machines named Server1 and Server2. Save the machines in the D:\HYPERV\ directory. Use 4096 MB of RAM for each virtual machine. Configure each virtual machine to use the External network. Configure each virtual machine to use the corresponding virtual hard disk you created earlier.

Delete a Virtual Machine: 1. Tools > Hyper-V Manager 2. Select the tool that holds the machine 3. If necessary, R click the virtual machine and select Turn Off 4. R click the virtual machine and select delete. Make a Virtual Hard Disk Read Only: 1. Click File Explorer 2. Browse to location of the virtual hard disk. 3. R click the ParentDisk.vhd file and select properties. 4. Select Read only check box and click ok. Create a Differencing Disk: 1. In Hyper-V Manager, R click and select New > Virtual Machine click next 2. Type the name for the virtual machine, next 3. Type the amount of memory to use with the virtual machine and click next 4. Select the network used by the virtual machine, click next 5. Select the option for the virtual hard disk to use, either new disk, an existing disk, or attaching a disk later. Click next 6. If you created a new virtual hard disk, you will be prompted for the operating system installation. Select the installation method and click next. Click Finish.

Which of the following describes the point where the service provider's responsibility ends and the customer's responsibility begins for installing and maintaining wiring and equipment? A Smart jack B tor C Punchdown block D Vertical cross connect E Demarc

Demarc

Which of the following describes the point where the service provider's responsibility ends and the customer's responsibility begins for installing wiring and maintaining wiring and equipment?

Demarc

You have a network tha occupies the top floor of a three story building. The WAN service provider has installed the line for the WAN service into the buiilding in a wiring closet on the main floor. What would you use to relocate the WAN line into a wiring closet on your floor?

Demarc extension A demarc extension extends the demacation point from its original location to another location within the building.

An Attack that sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?

Denial of Service

Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions form occurring?

Denial of service attack

Which of the following can be used to stop piggybacking that has been occurring at the front entrance where employees should swipe their smart cards to gain entry?

Deploy a man trap

Which of the following can be used to stop piggybacking that has been occurring at the front entrance where employees should swipe their smart cards to gain entry?

Deploy a mantrap

You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall? Select all that apply.

Destination address of a packet Port number Source address of a packet

You have just installed a packet filtering firewall on you network. What options will you be able to set on you firewall?

Destination address of packet Source of address of a packet Port number

A service Level Agreement (SLA) defines the relationship between, and the contractual responsibilities of, providers and recipients of service. Which of the following characteristics are most important when designing an SLA? select two

Detailed provider responsibilities for all continuity and disaster recovery mechanisms. Clear and detailed descriptions of penalties if the level of service is not provided

Which of the following information are you likely to find in a procedure document An inventory of the hardware components in a specific device a record of the repairs made to the specific device The relationship of routers to other routers on the network Details on how to test and deploy patches

Details on how to test and deploy patches

TDR

Detects the location of a fault in a copper cable by sending an electric signal down the copper cable and measuring the time required for the signal to bounce back from the cable fault. Can then mathematically calculate the location of the fault.

OTDR

Detects the location of a fault in a fiber cable by sending light down the fiber-optic cable and measuring the time required for the light to bounce back from the cable fault. The OTDM can then mathematically calculate the location of the fault.

When securing a newly deployed server, which of the ff. rules of thumb should be followed?

Determine the unneeded services and their dependencies before altering the system.

A user reports that she can't connect to a server on your network. You check the problem and find out that all users are having the same problem. What should you do next?

Determine what has changed.

Which of the following functions can a port scanner provide?

Determine which ports are open on a firewall. Discover unadvertised servers.

Which of the following functions can a port scanner provide? select two

Determining which ports are open on a firewall Discovering unadvertised servers

Which of the following statements describe how VLANs effect broadcast traffic within an internetwork?

Devices on the same VLAN have the same subnet address Broadcast traffic is transmitted only within a VLAN

Which of the following best describes the concept of VLAN?

Devices on the same network logically grouped as if they were on separate networks

Which of the following best describes the concept of virtual LAN?

Devices on the same network logically grouped as if they were on separate networks.

On your way into the back entrance of the building at work one morning, a man dressed as a plumber asks you to let him in so he can "fix the restroom." What should you do?

Direct him to the front entrance and instruct him to check in with the receptionist.

Which of the following measures will make your wireless network inviable to the casual attacker performing war driving?

Disable the SSID broadcast

What should be done to a user account if the user goes on an extended vacation?

Disable the account

Which of the ff. actions should you take to reduce the attack surface of a server?

Disable unused services

Which of the following actions should you take to reduce the attack surface of a server?

Disable unused services

Which of the following actions should you take to reduce the attack surface of a server?

Disable unused services.

During a recent site survey, you find a rogue wireless access point on your network. Which of the following actions should you take first to protect your network, while still preserving evidence?

Disconnect the access point from the network

If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?

Disconnect the intruder

If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?

Disconnect the intruder.

You manage the website for your company. The web1 server hosts the website. This server has the following configuration: Duel core processor Dual power supplies RAID 5 volume One RAID controller two 1000 Mbps network adapters Which component is a single point of failure for the website? power supply Disk storage Disk controller Network adapter

Disk controller

Which of the following enterprise wireless deployment models uses access points with enough intelligence to allow for the creation of quest WLANs for keeping public wireless traffic separated from private traffic?

Distributed wireless mesh infrastructure

Content Switch

Distributes incoming requests across the various servers in a server farm

Which of the following are true for the IS-IS routing protocol?

Divides large networks into areas. Supports IPv6 routing.

When conducting a forensic investigation, and assuming that the attack has been stopped, which of the following actions should you perform first?

Document what's on the screen

When conducting a forensic investigation, and assuming that the attack has been stopped, which of the following actions should you perform first?

Document whats on the screen

Your wireless network consist of multiple wireless 802.11n access points that are configured as follows.....This network is required to support an ever-increasing number of devices. what should you do?

Double the bandwidth assigned per channel to 40MHz

You have just started a new job as a network team leader for a small company. You are responsible for overseeing the work of help Desk technicians, as well as doing your own share of the administrative work. To improve the safety of your organization, you decide to assemble material safety data sheets (MSDS) for all chemicals used in your organization. How should you get them? Ask you manager for them Download them from the chemical manufacturers' websites. Request them from you local workforce safety & insurance office write them yourself after researching the chemicals

Download them from the chemical manufacturers' websites.

Using the Netstat command, you notice that a remote system has made a connection to your Windows Server 2003 system using TCP/IP port 21. Which of the following actions is the remote system most likely to be performing?

Downloading a file

When you browse to a website, a pop-up window tells you that your computer has been infected with a virus...spyware on your system.

Drive-by download

When you browse to a website, a pop-up window tells you that your computer has been infected with a virus. You click on the window to see what the problem is. Later, you find out that the window has installed spyware on your system. What type of attack has occurred?

Drive-by download Drive-by downloads can occur in a few different ways: • Through social engineering, the user is tricked into downloading the software. • By exploiting a browser or operating system bug, a site is able to install software without the user's knowledge or consent.

You manage the two-location network shown in the exhibit. Workstations and servers at each location connect to a patch panel using behind-the-wall wiring. The patch panel.... Drag the cable type on the left to the most appropriate network location on the right.

Drop Cables Cat6 straight-through UTP Patch Cables Cat6 straight-through UTP Uplink Cables Cat6 crossover UTP WAN Cable Single-mode fiber optic

A router is connected to a network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. There is no default route on router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?

Drop the packet.

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. There is no default route configured on the router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?

Drop the packet.

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24.The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24.There is no default route configured on the router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?

Drop the packet.

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24.The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24.There is no default route configured on the router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?

Drop the packet.

Which of the following are characteristics of SONET?

Dual counter-rotating fiber optic rings Transport protocol used for other traffic types (such as ATM

A user reports that network access from her workstation is very slow. The problem does not seem to be affecting any other users. Which of the following conditions is the most likely cause?

Duplex mismatch

You want to connect your small company network to the Internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connection to internal hosts. What type of NAT should you implement?

Dynamic

A network switch is configured to perform the following validation checks on its ports: • All ARP requests and responses are intercepted. • Each intercepted request is verified to ensure that it has a valid IP-to-MAC address binding. • If the packet has a valid binding, the switch forwards the packet to the appropriate destination. • If the packet has an invalid binding, the switch drops the ARP packet. What security feature was enabled on the switch to accomplish this?

Dynamic ARP Inspection

A network switch is configured to perform the following checks on its ports. -all ARP requests -each intercepted request -if the packet has a valid Binding -if the packet has an invalid binding What security feature was enabled on the switch to accomplish this?

Dynamic ARP inspection

Which of the following terms identifies the wiring closet in the basement or a ground floor that typically includes the demarcation point? A IDF B Smart jack C Horizontal cross connect D 110 block E MDF

E MDF

Which of the following methods would you use to create a crossover cable? A Use the T568A standard on one connector, and the BLOG convention on the other connector. B Use the T568B standard. C Use the T568B standard on one connector, and the BLOG convention on the other connector. D Use the T568A standard. E Use the T568A standard on one connector, and the T568B standard on the other connector.

E Use the T568A standard on one connector, and the T568B standard on the other connector.

You have been contracted by a firm to implement a new remote access solution based on a Windows Server 2003 system. The customer wants to purchase and install a smartcard system to provide a high level of security to the implementation. Which of the following authentication protocols are you most likely to recommend to the client?

EAP

You have been contracted by a firm to implement a new remote access solution based on a Windows Server 2003 system. The customer wants to purchase and install a smartcard system to provide a high level of security to the implementation. Which of the following authentication protocols are you most likely to recommend to the client?

EAP

You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use?

EAP

You want to implement an authentication method that uses public and private key pairs. Which authentication methods should you use?

EAP

Which remote access authentication protocol allows for the use of smart cards for authentication?

EAP Extensible Authentication Protocol (EAP) is a set of interface standards that allows you to use various authentication methods including smartcards, biometrics, and digital certificates.

You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use?

EAP Public and private key pairs are used by certificates for authentication and encryption. Extensible Authentication Protocol (EAP) allows the client and server to negotiate the characteristics of authentication. EAP is used to allow authentication using smart cards, biometrics (user physical characteristics), and certificate-based authentication.

Which of the following routing protocols is classified as a balanced hybrid of routing protocol.

EIGRP

Which of the following routing protocols is classified as a balanced hybrid routing protocol?

EIGRP

You are troubleshooting a client connectivity problem on an Ethernet network. The client system has intermittent connectivity to the network. You discover that the UTP patch cable is run 75 feet from the wall outlet, passes through the ceiling and over several florescent light fixtures before reaching the client system. Which of the following may be a cause of the connectivity problem?

EMI interfaace.

Which of the following statements about ESD is not correct? ESD damage is more likely to occur in low humidity Measuring the moisture content in the air can be helpful in avoiding ESD One of the greatest threats to computer equipment is ESD ESD is much more likely to occure when the relative humidity is above 50%

ESD is much more likely to occure when the relative humidity is above 50%

You have a cable Internet connection at home. The installer had connected the router near the outside wall of your house with RG-6 cable. You move the cable router a distance of 50 meters using RG-8 cables and special connector adapters. Which condition are you most likely to experience?

Echo

How can an organization help prevent social engineering attacks?

Educate employees on the risks and countermeasures Publish and enforce clearly written security policies

Which technologies are used by the 802.11ac standard to increase network bandwidth? select two

Eight MIMO radio streams 80MHz donned channels

RJ-45

Eight-Pin Connector found in most Ethernet Networks. Ethernet usually only uses four of these eight

EMI

Electro Magnetic Interference

You have configured a remote access server to accept dial-up connections for remote access clients... which action would likely correct the problem?

Enable proxy arp on the LAN connection for the remote access server

You have a remote access server to accept dial-up connections for remote access clients. Remote clients are able to connect successfully and access resources on the remote access server. However, the remote clients are not able to connect to other devices located on the same subnet where the remote access server is located. Which action would likely correct the problem?

Enable proxy arp on the LAN connection for the remote access server.

You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. Which of the following will help reduce the effects of a broadcast storm?

Enable spanning tree on the switches

Your organization recently purchased 18 IPad tablets for use by the organizations management team. The devices have iOS pre-installed on them. To increase security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? select two

Enroll the devices in a mobile device management system Configure and apply security policy settings in a mobile device management system

You need to disable the FastEthernet 0/0 interface on a switch Drag the command on the left to the approbate configuration step on the right to accomplish this. Not all of the commands may be required

Enter global configuration mode conf t Enter interface configuration mode int fa0/0 Disable the interface shutdown Verify the interface is disabled show ip interface brief

The FastEthernet 0/0 interface on a s witch is currently disable. You need to enable it so a workstation can be connected to it. Drag the command on the left to the approbate configuration step on the right to accomplish this. Not all of the commands may be required

Enter global configuration mode conf t Enter interface configuration mode int fa0/0 Enable the interface no shut Verify the interface is disabled show interface status

You need to configure the FastEthernet 0/1 interface on a switch to automatically detect the appropriate link speed and duplex setting by negotiating with the device connected to the other end of the link. Drag the command on the left to the approbate configuration step on the right to accomplish this. Not all of the commands may be required

Enter global configuration mode conf t Enter interface configuration mode int fa0/1 Set speed of the interface speed auto Set the duplex setting for the interface duplex auto

On-Site

Equipment residing in a corporate location

Off-Site

Equipment residing in an unknown or non-populated location

Which of the following are solutions that address physical security?

Escort visitors at all times Require identification and name badges for all employees

Dumpster diving is a low-tech means of gathering information that may be useful in gaining unauthorized access, or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving?

Establish and enforce a document destruction policy

You manage a firewall that connects your private network to the Internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use?

Event log.

You are the IT Administrator for a small corporate network. Until now, the network has consisted only of workstations accessing the Internet through a consumer grade switch. You have convinced management that adding a server would ease your administrative burden. As a result, you are testing various configurations of the Windows Server 2012 operating system. You have installed Windows Server 2012 on a server named CorpServer. During installation, you created a single volume for the operating system using 200 GB on the first disk. Two additional unused disks are installed in the server. Complete the following tasks: Extend the System (C:) volume to use the remaining space on Disk 0. Create a new volume using Disk 1 and Disk 2 with the following settings: Use all of the disk space on Disk 1 and 600 GB (614400 MB) on Disk 2. Drive letter = M File System = NTFS Volume label = Data

Extend a Volume: 1. in the lower left-hand corner, R click the start page thumbnail and select disk management 2. if needed, click ok to initialize any new disks. 3. R click the volume and select extend volume. 4. click next. 5. for the system volume, you can only extend the volume onto the existing disk. type the amount of disk space to add to the volume and click next. click finish. Convert a Disk to Dynamic 1. In Disk management, R click the disk and select convert to Dynamic Disk 2. Select the disk to convert, click ok. 3. Click convert 4. If the disk contains a volume, you will be shown a warning message. Click Yes to continue. Create a Spanned Volume 1. In disk management, R click a disk or free space on a disk and select New Spanned Volume. 2. Click Next 3. Select the disks that will be part of the spanned volume and click Add. You must select at least 2 disks to create a spanned volume. 4. To modify the amount of space used on a disk for the new volume, select the disk in the right box, and then edit the number in the select the amount of space in MB: field. 5. Click next 6. Select the drive letter and click Next 7. Type the volume label, then click next 8. Click finish 9. If the new volume includes a space from a disk that is currently a basic disk, you will be prompted to convert the disk to a dynamic disk. Click Yes to create the volume.

You have just signed up for a broadband home Internet service that uses coaxial cable. Which connector type will you most likely use?

F-type

Which of the following is a valid IPv6 address?

FEC0::AB:9007

Uses a narrow frequency band and hops data signals in a predictable sequence

FHHS

Which of the following is likely to be located in a DMZ?

FTP server

You have two switches connected as shown in the Exhibit. You would like to configure rapid spanning tree on switch A. On which ports would you use portfast command?

Fa0/1 and Fa0/2

You are moving a client to a new location within an Ethernet network. Previous to the move, the client system did not have any difficulty accessing the network. During the relocation, you attach a patch cable from the client system to the wall jack and from the patch panel to the switch. Once connected you do not get a link light on the network card or the switch. You swap out the cable running between the patch panel and the switch with a known working one but you can still not connect. Which of the following might you suspect as the problem?

Failed patch cable between the client system and the wall jack.

Which of the following terms is used to describe an event in which a person is denied access to a system when they should be allowed to enter?

False negative (Type I error) occurs when a person who should be allowed access is denied access.

Which component of a Change and Configuration Management policy identifies technical and budgetary considerations associated with a proposed change and also identifies any potential impacts to the network? Authorized downtime Rollback Feasibility analysis Change request

Feasibility analysis

Ethernet 100BaseFX networks use what type of cabling?

Fiber-optic

Which of the following are characteristics of a packet filtering firewall? (Select two.)

Filters IP address and port Stateless

Which of the following are characteristics of a circuit-level gateway? (Select two.)

Filters based on sessions Stateful

Which of the following is a reason to use a protocol analyzer?

Find devices that might be using legacy protocols, such as IPX/SPX or NetBIOS

Which of the following identifies an operating system or network service based upon it response to ICMP messages?

Fingerprinting

Plenum

Fire Retardant and minimizes toxic fumes released by the cable if it would catch on fire

You have heard about a Trojan horse program where the compromised systems sends personal information to a remote attacker on a specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker. Which log would you monitor?

Firewall

Match the virtualization feature on the right with the appropriate description on the left.

Flexibility - Moving virtual machines between hypervisor hosts Testing - Verifying that security controls are working as designed Server consolidation - Performing a physical-to-virtual migration (P2V) Sandboxing - Isolating a virtual machine from the physical network

Bit errors / Bits transmitted

Formula for BER

A router is connected to a network 192.169.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The router is also configured with a static route of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to the network 10.1.0.0/16. What will the router do with the packet.

Forward the packet to the next hop router specified by the route network 0.0.0.0

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The router is also configured with a static route of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?

Forward the packet to the next hop router specified by the route to network 0.0.0.0

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24.The router is also configured with a static router of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to network 10.1.0.0/16.What will the router do with the packet?

Forward the packet to the next hop router specified by the route to network 0.0.0.0.

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24.The router is also configured with a static router of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to network 10.1.0.0/16.What will the router do with the packet?

Forward the packet to the next hop router specified by the route to network 0.0.0.0.

You have just configured a scope on the CorpDHCP12 server to service the 192.168.0.0/24 subnet. You defined a scope to distribute IP addresses between 192.168.0.1 and 192.168.0.100. You need to prevent the DHCP server from assigning addresses used by the servers and network devices. Your task in this lab is to create two exclusion ranges as follows: Create a range to exclude addresses 192.168.0.1 to 192.168.0.6 Create a range to exclude addresses 192.168.0.10 to 192.168.0.

From Hyper-V Manager, Click CORPSERVER R Click the CorpDHCP12 server and select connect From Server Manager, select Tools > DHCP Expand the Server node and expand the appropriate protocol. Expand the scope folder. R click the address pool node and choose New Exclusion Range Enter the starting and ending IP addresses. To exclude a single IP address, leave the ending address blank. Click Add Click close to close the add exclusion range dialog.

The CorpWeb server is running Windows Server 2008 R2. You previously configured the server with a static IP address. You now need to configure a DNS server address. You also want the Server to use sales.private, mrktg.private, and private as search suffixes when simple names are submitted for DNS name resolution. Your task in this lab is to: -Configure 192.168.0.11 as the DNS server address -Configure search suffixes so that the server searches the domains as described above.

From Hyper-V Manager, click CORPSERVER > R click CorpWeb server and select connect > R click the Network icon and select open network and connection sharing > Click change adapter settings > R Local Area Connection and select properties > Select IPv4 and select properties > Advanced > DNS tab > To add a DNS server address click Add > Type IP > Click ok > Verify that the server addresses are in the desired order > Select append these DNS suffixes in order > Click Add > Type the DNS suffix you want to use > Click ok > Verify they are in correct order > Click ok to close.

You work as the IT administrator for a small corporate network. The marketing department wants to create an intranet site that is only accessible from the private network. You have selected mrktg.private as the domain name that will hold all records for the zone. You want all client computers in the domain to update their records automatically with DNS. Because security is important, you want to make sure only computer that created the DNS record can update it in the future. Your task in this lab is to: -Create the mrktg.private zone on the CorpDC DNS server. -Configure the new zone to be stored in Active Directory -Replicate data with all DNS servers in the domain. -Allow only secure dynamic updates

From Hyper-V Manager, click CorpServer R click CorpDC server and select Connect From Server Manager, select Tools > DNS Expand the server node that will host the new zone. R click forward lookup zones and choose new zone, click next Select primary zone as the zone type and verify the store the zone in active directory option, click next select how you want the DNS data replicated through your network, click next select the dynamic update option, click next click finish

You have installed Hyper-V on the CorpServer server. You are experimenting with virtual hard disks. Your task in this lab it to create two virtual hard disks named Test1 and Test2 in the D:\HYPERV\Virtual Hard Disks directory. Use the following settings: For Test1: Select a format that will allow for maximum backwards compatibility. Configure the disk for best performance. Configure a size of 500 GB. For Test2: Configure the disk to use the smallest possible amount of disk space. Configure a size of 4 TB (4096 GB).

From Server Manager, select Tools > Hyper V Manager R click the server and select New > Hard Disk > click next Select the disk format, and then click next Select the disk type, and then click next Type the name and path for the hard disk file, click next Type the size for the new virtual disk, click next Click Finish

You have installed Hyper-V on the CorpServer server. You want to use the server to create virtual machines. Prior to creating the virtual machines, you are experimenting with virtual switches. Your task in this lab is to create the following virtual switches: -Create a virtual switch named Switch 1. This switch is to be used only by virtual machines to communicate with each other. No other device should be able to use this switch. - Create a virtual switch named Switch 2. This switch is to be used by the virtual machines and the CorpServer server. Other network devices should not be able to use this network.

From Server Manager, select Tools > Hyper-V Manager R Click the server and select Virtual Switch Manager Select New virtual network switch in the left pane. In the right pane, select the type of switch type and click create virtual switch type the virtual switch name and configure additional properties as necessary. click apply button, click yes to apply changes.

What type of virtualization completely simulates a real physical host?

Full Virtualization

Which of the following can route layer 3 protocols across an IP network?

GRE

Match the network Access Protection (NAP) component on the left with is description on the right.

Generates a stament of Health (SoH) that reports the client configuration for health requirements. NAP Client Runs the System Health Validator (SHV) NAP Server Is the connection point for clients to the network Enforcement Server (ES) Contain resources accessible to non-compliant computers on the limited-access network. Remediation Server

"You have multiple users who are computer administrators. You want each administrator to be able to shut down systems and install drivers."

Grant the group the necessary user rights. Create a security group for the administrators: add all user accounts to the group.

"For users who are members of the Sales team, you want to force thier computers to use a specific desktop background and remove access to administrative tools from the Start menu."

Group Policy

For users who are member of the Sales Team, you want to force their computers to use a specific desktop background and remove access to administrative tools from the Start menu. Which solution should you use?

Group Policy

Which of the ff. solutions would you use to control the actions that users can perform on a computer, such as shutting down the system, logging on through the network, or loading and unloading device drivers?

Group Policy

You have contracted with a vendor to supply a custom application that runs on Windows workstations. As new application versions and patches are released, you want to be able to automatically apply these to multiple computers. Which tool would be the best choice to use?

Group Policy

Which of the following is true of a wireless network SSID?

Groups wireless devices together into the same logical network

Which of the following fire extinguisher types poses a safety risk to users in the area? (Select two.) Halon CO2 Water Foam

Halon CO2

Match each physical security control on the left with an appropriate example of that control on the right. Each security control may be used once, more than once, or not at all.

Hardened carrier Protected cable distribution Biometric authentication Door locks Barricades Perimeter barrier Emergency escape plans Safety Alarmed carrier Protected cable distribution Antipassback system Physical access control Emergency lighting Safety Exterior floodlights Perimeter barrier

Match each physical security control on the left with an appropriate example of that control on the right. Each security control may be used once, more than once, or not at all.

Hardened carrier >> Protected cable distribution Biometric authentication >> Door locks Barricades >> Perimeter barrier Emergency escape plans >> Safety Alarmed carrier >> Protected cable distribution Anti-passback system >> Physical access control Emergency lighting >> Safety Exterior floodlights >> Perimeter barrier

Match each physical security control with the appropriate example:

Hardened carrier: Protected cable distribution Biometric authentication: Door locks Barricades: Perimeter barrier Emergency escape plans: Safety Alarmed carrier: Protected cable distribution Anti-passback system: Physical access control Emergency lighting: Safety Exterior floodlights: Perimeter barrier

By definition, what is the process of reducing security exposure and tightening security controls?

Hardening

Which method can be used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence?

Hashing

You are adding a new rack to your data center, which will house two new blade servers and a new switch., The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through plenum UTP cable that will be run through the suspended tile ceiling of the data center. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server, The only power available in the data center is located on the wall opposite the new server rack, so you must run extension cords across the floor to plug in the UPS unit. There are problems with this plan. What should you do? User standard (non-plenum) UTP cabling for runs that go through suspended tile ceilings. Use a cross-over cable to connect the two switches together Hire an electrician to install a wall outlet near the new rack Use 4u server for virtualization. Implement the UPS and power supplies externally to the rack

Hire an electrician to install a wall outlet near the new rack

Which of the following is a common form of social engineering attack?

Hoax virus information e-mails

As a security precaution, you have implemented IPsec that is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?

Host based IDS

As a security precaution, you have implemented IPsec that is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?

Host based IDS.

You have been given a laptop to use for work. You connect the laptop to you company network, use it from home, and use it while traveling. You want to protect the laptop form internet based attacks. Which solution should you use?

Host based firewall

You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use?

Host-based firewall

Client-Server

Hosts have specific roles.

Which of the following terms describes a Windows operating system patch that corrects a specific problem and is release on a short-term, periodic basis (typically monthly)?

Hotfix

Which of the following terms describes a Windows operating system patch that corrects a specific problem and is release on a short-term, periodic basis (typically monthly)? A. Targeted software patch B. Hotfix C. Kernel fix kit D. Service pack

Hotfix Explanation: A hotfix is an operating system patch that corrects a specific known problem. Microsoft typically releases hotfixes monthly. Service packs include a collection of hotfixes and other system updates. Service packs are not released as Often, but contain all hotfixes released to that time.

Active Hub

Hub that regenerates incoming bits as they are sent out all the ports on a hub, other than the port on which the bits were recieves

Which organization is responsible for allocating public IP addresses?

IANA

Which organization is responsible for allocation public IP addresses?

IANA

You have a network that occupies both floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the second floor directly above the wiring closet that directly above the wiring closet that holds the demarc. Which of the following terms describes the closet on the second floor?

IDF An intermedaite distribution frame (IDF) is a smaller wiring distribution point within a building. IDFs are typically located on each floor directly above the MDF, although additional IDFs can be added on each floor as necessary.

What security mechanism can be used to detect attacks originating on the Internet or from within an internal trusted subnet?

IDS

Which of the following devices can monitor a network and detect potential security attacks?

IDS

Which of the following is a security service that monitors network traffic in real time of reviews the audit logs on servers looking for security violations?

IDS

Which protocol does an IP host use to inform a router that it wants to receive specific multicast frames?

IGMP

You have a private network connected to the Internet. Your routers will not share routing information about your private network with the Internet routers. Which of the following best describes the type of routing protocol you would use?

IGP

You have a private network connected to the Internet. Your routers will not share routing information about your private networkwith Internet routers. Which of the following best describes the type of routing protocol you would use?

IGP

You have a private network connected to the Internet.Your routers will not share routing information about your private network with Internet routers. Which of the following best describes the type of routing protocol you would use?

IGP

Match the default administrative distance with the route type

IGRP - 100 RIP - 120 Static Route - 1 EIGRP Internal Route - 90 OSPF - 110 EIGRP Summary Route - 5 Connected Interface - 0 EIGRP External Route - 170

You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following dose the router use for identifying allowed or denied packets?

IP Address

You have a small network with a single subnet connected to the Internet as shown in the Exhibit. The router has been assigned the two addresses shown. You need to manually configure the workstation to connect to the network. The workstation should use RouterA as the default gateway, and DNS1 as the DNS server address. From the drop-down lists, select the appropriate paramteres to configure the workstation's TCP/IP settings.

IP Address: 192.168.12.46 Subnet Mask: 255.255.255.240 Default Gateway: 192.168.12.34 DNS Server: 192.162.1.22

You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?

IP address A router acting as a firewall at layer 3 is capable of making forwarding decisions based on the IP address.

You are concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action when possible to stop or prevent the attack Which tool should you use?

IPS

You are connected about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action when poosible to stop or prevent the attacks. Which tool should you use?

IPS

Which of the following are security devices that perform stageful inspections of packet data, looking for patterns that indicate malicious code? select two

IPS IDS

Which of the following network layer protocols authentication and encryption services for IP based network traffic?

IPSec

Which of the following is the best countermeasure against man-in-the middle attacks?

IPsec

Which of the following is the countermeasure against man in the middle attacks?

IPsec

Which of the following network layer protocols provides authentications and encryptions services for IP based network traffic?

IPsec

Listed below are several DNS record types. Match the record type on the left with its function on the right.

Identify a domain controller- SRV identify a mail server- MX Map a host name to an IPv4 address- A Map an IPv4 address to a host name- PTR

Your organization is in the process of negotiating an Interoperability Agreement (IA) with another organization. As part of this agreement, the partner organization proposes that a federated trust be established between your domain and their domain. This configuration will allow the users in their domain to access resources in your domain and vice versa. As a security administrator, which tasks should you complete during this phase?(Select two.) Conduct security audit on the partner organization Reset all passwords used by the third party to access data or applications on your network Identify how data ownership will be determined verify compliance with the IA documents Identify how data will be shared

Identify how data ownership will be determined Identify how data will be shared

A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the router back online. After doing some research, you find that the most likely cause of the problem is a bug in the router's software. A new patch is available from the manufacturer that is supposed to eliminate the problem. What should you do next?

Identify possible effects of the solution.

Arrange the steps in the Change and Configuration Management process on the left in the correct order in which they should be completed on the right. Identify the need for a change. Conduct a feasibility analysis. Define the procedure for implementing the change. Notify affected parties of the pending change. Implement the change. Test the implementation. Document the change.

Identify the need for a change. Conduct a feasibility analysis. Define the procedure for implementing the change. Notify affected parties of the pending change. Implement the change. Test the implementation. Document the change.

A user is unable to connect to the network. You investigate the problem and determine that the network adapter is defective. You replace the network adapter and verify that it works. What should you do next?

Identify the results and effects of the solution

Match each network enumeration technique on the left with its corresponding description on the fish.

Identifying phone number with modems War dialing Scanning for wireless access points Wardriving Identifying operating system type and version number Banner grabbing Identifying services that can pass through a firewall Firewalking

Under which of the following circumstances might you implement BGP on your company network and share routes with Internet routers?

If the network is connected to the Internet using multiple ISPs.

Under which of the following circumstances might you implement GBP on your company network and share routes with Internet routers?

If the network is connected to the Internet using multiple ISPs.

cable certifier

If you are working with existing cable and want to determine its category, or if you simply want to test the supported frequency range (and therefore data throughput) of the cable, you can use this.

Which of the following is not a form of social engineering?

Impersonating a user by logging on with stolen credentials

The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for patrons. The owner has asked..... Under no circumstances should..... What should you do?

Implement a guest network

The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for patrons. The owner has asked that you implement security controls such that only paying patrons are allowed to use the wireless network. She wants them to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at check-in, they should then be allowed full access to the Internet. If a patron does not provide the correct code, they should not be allowed to access the Internet. Under no circumstances should patrons be able to access the internal hotel network where sensitive data is stored. What should you do?

Implement a guest network

You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around the facility you note the following: When you enter thefacility a receptionist greets you and escorts you through a locked door to the work area where the office manager sits. The office manager informs you that the orgnaizations servers are kept in a locked closet. An access card is required to enter the server closet She infroms you that the server backups are configured to run each night. A rotation of tapes are used as the backup media You notice the orgnaiation's network switch is kept in the server closet You notice that the router/firewall/content filter all in one device has been implemented in the server closet to protect the internal network from external attacks. The office manager information you that her desktop system will no longer boot and asks you to repair or replace it, recovering as much data as possible in the rpocess. You carry the workstation to our car and bring it back to your office to work on it. What securityrelated recommendations should you make to the client?

Implement a hardware checkout policy

• The office manager informs you that her desktop system will no longer boot and asks you to repair or replace it, recovering as much data as possible in the process. You carry the workstation out to your car and bring it back to your office to work on it. What securityrelated recommendations should you make to this client?

Implement a hardware checkout policy

Which of the following would be the best action to take in order to fix the problem?

Implement an IP Helper address on the router.

As you are helping a user with a computer problem you notice that she has written her password on a note stuck to her computer monitor. You check the password policy of your company and find that the following settings are currently required: • Minimum password length = 10 • Minimum password age = 4 • Maximum password age = 30 • Password history = 6 • Require complex passwords that include numbers and symbols • Account lockout clipping level = 3 Which of the following is the best action to take to make remembering passwords easier so that she no longer has to write the password down?

Implement end-user training. Instruct users on the importance of security and teach them how to create and remember complex passwords. Making any other changes would violate the security policy and reduce the overall security of the passwords. References

Your organization has recently purchases 20 tablets devices for the Human Resources department to use for training sessions. You are concerned that these devices could represent a security risk to your network and want to strengthen their security profile as much as possible. Which actions should you take? (select 2)

Implement storage implementation. Enable device encryption.

You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?

Implement version 3 of SNMP

You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?

Implement version 3 of SNMP

You manage a local area network with several switches. A new employee has started today so you connect her workstation to a switch port. Which of the following is the most likely cause of the problem?

Incorrect VLAN assignment

Which of the following are reasons to configure VLAN's on a switch as opposed to using switches without VLANs?

Increased Security Increased Number of broadcast domains

Match each type of access point on the left with the wireless network architecture that they are commonly used in on the right

Independent access point infrastructure/ Intelligent AP Hub-and-spoke infrastructure/ Lightweight AP Distributed wireless mesh infrastructure/ Intelligent AP

You have decided to perform a double blind penetration test. Which of the following actions would you perform first?

Inform senior management

Which of the following strategies are used to prevent duplicate IP addresses being used on a network?

Install a DHCP server on the network. Use Automatic Private IP Addressing.

You have worked as a network Admin for a company for seven months. One day all picture files on the server become corrupted. You discover that a user downloaded a virus from the internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss adam at that this situation does not occur. What should you do?

Install a network virus detection software solution.

You have worked as the network administrator for a company for seven months. One day all the picture files on the server become corrupted. You discover that a user downloaded a virus form the internet onto his workstation, and it propagated to the server. You successfully all files from backup, but your bass is adamant that this situation dose not reoccur. What should you do?

Install a network virus detection software.

Your company leases a very fast internet connection and pays for it based on usage. You have been asked by the company president to reduce internet line lease costs. You want to reduce the account of web pages that are downloaded over the leased connection, without decreasing performance. What is the best way to do this?

Install a proxy server

You have been hired by a startup company to install a new data center. The company is small, so they will elect to use an unused employee break room as the data center. You are concerned about truth physical security of the servers that will be installed in the data center. what should you do? select two

Install racks with locking doors Install a biometric lock on the data center door

You manage the information systems for a large manufacturing firm. Supervisory control and data acquistion (SCADA) devices are used on the manfucaturing floor to manager your organization's automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?

Install the latest firmware updates from the device manufacturer Verify that your network's existing security infrastrucutre is working properly.

Twisted-Pair Cable

Insulated copper strands that are intertwined Two Categories: 1. STP 2. UTP

While using a web-based order form...The value entered is large enough to exceed the maximum value...A large sum of money. What type of attack has occurred in this scenario?

Integer overflow

Hybrid Cloud

Integrates one cloud service with other cloud services

Patricipation

Internet, Intranet, Extranet

You have purchased a solar backup power device to provide temporary electrical power to critical systems in your data center should the power provided by the electrical utility company go out The solar panel array captures sunlight, converts it into DC, and stores it in large batteries. However... Which electrical devices should you implement to convert the DC power stored in the batteries into AC power that can be used in the data center?

Inverter

Which two of the following statements about the Dynamic Host Configuration Protocol (DHCP) are true?

It can deliver other configuration information in addition to IP addresses. A DHCP server assigns addresses to requesting hosts.

Which two of the following statementsabout the Dynamic Host Configuration Protocol (DHCP) are true?

It can deliver other configuration information in addition to IP addresses. A DHCP server assigns addresses to requesting hosts.

A switch running STP is in the listening state. A message destined for a different network segment arrives at the switch. Which of the following best describes what the switch will do?

It does not record the address or segment information. It does not forward the message

Which three of the following are characteristics of ISDN?

It lest you transmit voice, video, and data over the same lines. It provides enough bandwidth to transmit data at much higher speeds than standard modems and analog lines. It is a dial-up service that uses existing copper wires for the local loop.

Which of the ff. best describes spyware?

It monitors the actions you take on your machine and sends the information back to its originating source.

Which of the following best describes spyware?

It monitors the actions you take on your machine and sends the information back to itsoriginating source.

A switch running STP is in a learning state. A message destined for a different network segment arrives at the switch. Which of the following best describes what the switch will do?

It uses the source MAC address and network segment information to build its bridge database, but does not forward the message

Your company uses VoIP for phone calls. Recently, employees have been complaining about phone calls with unusual sound effects. Which type of problem is occurring on the VoIP system?

Jitter

Bridges

Joins two or more LAN segments. Because they have separate collision domain, Ethernet can be used to scale into large numbers

Which of the following is the most important thing to do to prevent console access to a network switch?

Keep the switch in a room that uses a cipher lock.

Which of the following is the most important thing to do to prevent console access to a network switch?

Keep the switch in a room that uses a cipher lock.

Which of the following authentication methods uses tickets to provide single sign-on?

Kerberos

Which of the following protocols can your portable computer use to connect to your company's network via a virtual tunnel through the internet? select two

L2TP PPTP

Internet

Large, world-wide, public network.

RTP

Layer 4 protocol that carries voice and interactive video

OSI Model layers

Layer 7-Application Layer 6-Presentation Layer 5-Session Layer 4-Transport Layer 3-Network Layer 2-Data Link Layer 1-Physical (All People Seem To Need Data Processing)

The chain of custody is used for what purposes?

Listing people coming into contact with evidence

You have a Web site that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before the performance is negatively impacted. Which tool should you use?

Load tester

You have a website that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before the performance is negatively impacted. Which tool should you use?

Load tester

IDF

Locations where cables from nearby offices terminate

Which of the following controls is an example of a physical access control method?

Locks on doors

Data Link (Layer 2)

Logical link control (LLC), Media access control (MAC). Defines the rules and procedures for hosts

Which of the following is the single best rule to enforce when designing complex passwords.

Longer passwords

Which of the following authentication protocols uses a three-way handshake to authenticate users to the network?

MS-CHAP CHAP

Which two of the following tasks do routers perform?

Maintain information about paths through an internetwork. Route data based on logical network addresses.

What is the primary goal of business continuity planning? Protecting an organization from major computer services failure Maintaining business operations with reduced or restricted infrastructure capabilities or resources Minimizing the risk to the organization from delays and interruptions in providing services Minimize decision making during the development process

Maintaining business operations with reduced or restricted infrastructure capabilities or resources

What is the primary goal of business continuity planning?

Maintaining business operations with reduced or restricted infrastructure capabilities or resources.

You have two folders that contain documents used by various departments: o The Development group has been given the Write permission to the Design folder. o The Sales group has been given the Write permission to the Products folder. No other permission have been given to either group. User Mark Tillman needs to have the Read permission to the Design folder and the Write permission to the Products folder. You want to use groups as much as possible. What should you do?

Make Mark a member of the Sales groupl add Mark's user account directly to the ACL for the Design folder.

You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activities on the disk to see what kind of information it contains. What should you do first?

Make a bit-level copy of the disk

You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activities on the disk to see what kind of information it contains. What should you do first?

Make a bit-level copy of the disk Before conducting an investigation of data on a disk, you should create a hash of the disk, create a bit-level copy of the disk, then create a hash of your copy of the disk. Perform any investigative activities on your copy of the disk, not on the original disk.

"You have two folders that contain documents used by various departments: The Development group has been given the Write permission to the Design folder. The Sales group has been given the write permission to the Products folder. User Mark Tilman needs to have the Read permission to the Design folder and the Write permission to the Products folder. You want to use groups as much as possible. What should you do?"

Make mark a member of the Sales group; add Mark's user account directly to the ACL for the Design folder.

Router

Makes forwarding decisions based on logical network address information (IP addresses)

Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which security concern?

Man in the middle attack

Match each wireless device on the left with is corresponding characteristics on the right.

Manages all of the Apps that are connected to it/ Wireless controller Suppors 30 to 50 wireless clients per access point/ Wireless controller Profides NAT routing and an ethernet switch in one device/ SOHO wireless router Supports a maximum of 5-10 wireless clients/ SOHO wireless router Pushes wireless configurations settings to connected access points/ Wireless controller

Session (Layer 5)

Manages the session in which date are transferred.

You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks. The next hop router for the default route has changed. You need to make changes with the least amount of effort possible. What should you do?

Manually configure the default route to point to the next hop router.

You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks?

Manually reconfigure the default route to point to the new next hop router.

You have a router configured to share routing information using RIP.In addition,you have a single static router that identifies a default route for all other networks. The next hop router for the default route has changed.You need to make the change with the least amount of effort possible.What should you do?

Manually reconfigure the default route to point to the new next hop router.

You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks. The next hop router for the default route has changed. You need to make the change with the least amount of effort possible. What should you do?

Manually reconfigure the default route to point to the next hop router.

Which business document is a contract that defines a set of terms that will govern future agreements between two parties? Master service agreement statement of work memorandum of understanding interconnection security agreement

Master service agreement

Which of the following tests can be performed by a TDR?

Measure the length of a cable. Identify the location of a fault on a cable.

When multiple routes to a destination exist, what is used to select the best possible route?

Metric

You decide to use a packet sniffer to identify the type of traffic sent to the router. You run the packet sniffing software on a device which is connected to a hub with three other computers. The hub is connected to the same switch that is connected to the router. When you run the software, you only see frames addressed to the four workstations but not to the router. Which feature should you configure?

Mirroring.

You manage a network of multiple subnets connected to the Internet. A user reports that she can't access the Internet. You investigate the problem and find that she can access all hosts on the private network, but no hosts on the Internet. Which of the following is likely the cause of the problem?

Missing default route on a router.

You manage a network with multiple subnets connected to the Internet... which of the following is most likely the cause of the problem?

Missing route on the default gateway router

You manage a network with multiple subnets connected to the Internet. A user reports that she can't access the new server used in the accounting department. You check the problem and find out that her computer cannot access any server on the subnet, however the computer does access other computers on other subnets as well as the Internet. Which of the following is most likely the cause of the problem?

Missing route on the default gateway router.

When recovery is being performed due to a disaster, which services are to be stabilized first? Mission critical Outside communications Financial support Least business critical

Mission critical

To access the internet through the PSTN, what kind of connectivity device must you use?

Modem

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with a user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?

Move the router to a secure server room

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration from your notebook computer using an SSH client with the user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?

Move the router to a secure server room

Match the wireless networking term or concept on the left with its appropriate description on the right.

Moving an wireless device/Roaming Used by Cisco wireless equipment/ LWAPP Specifies the number of clients/ Device density Automatically partitions a single/ VLAN pooling Graphically displays wireless/ Heat map Connects tow wired networks/ Wireless bridge Identifies how strong/ The number of useful bits/ Goodput

Which of the following address types is shared by multiple hosts, and is used to form groups of computers that should receive the same data stream?

Multicast

Which of the following address types is shared by multiple hosts,and used to form groups of computers that should receive the same data stream?

Multicast

Which type of address is the IP address 232.111.255.250?

Multicast

You want to measure the voltage, amps, and ohms of various devices. Which tool should you use?

Multimeter.

MMF

Multiple Paths of Light Progression for a Fiber-Optic Cable

Which of the following best describes one-factor authentication?

Multiple authentication credentials may be required, but they are all of the same type One-factor authentication uses credentials of only one type, but may require multiple methods within the same type. For example, you might log on with just a password, or with a password along with answering a cognitive question (such as your mother's maiden name). One-factor authentication that uses multiple credentials of the same type is also sometimes called strong authentication.

Which of the following features of MS-CHAP v2 that is not included in CHAP?

Mutual authentications

Members off the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use?

NAC

The outside sales reps from your company use notebooks computers, tablets, and phones to connect to the internal company network. While traveling, they connect thier devices to the internet using airport and hotel networks. What should you do?

NAC

Members of the Sales team use laptops to connect to the company network. While traveling, they connect their laptops to the Internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use?

NAC Network Access Control (NAC) controls access to the network by not allowing computers to access network resources unless they meet certain predefined security requirements

The outside sales reps from your company use notebook computers, tablets, and phones to connect to the internal company network. While traveling, they connect their devices to the Internet using airport and hotel networks. You are concerned that these devices will pick up viruses that could spread to your private network. You would like to implement a solution that prevents devices from connecting to your network unless antivirus software and the latest operating system patches have been installed. When a host tries to connect to the network, the host should be scanned to verify its health. If the host is not healthy, then it should be placed on a quarantine network where it can be remediated. Once healthy, the host can then connect to the production network. Which solution should you use?

NAC Network Access Control (NAC) prevents devices from accessing network resources unless they meet certain predefined security requirements.

You manage a network with three dedicated storage devices, as shown in the diagram. Users on the network see only a single file server. Which network-based storage technology is being used?

NAS with Clustering.

Which of the following network devices or services prevents the use of IPsec in most cases?

NAT

Which of the following networking devices or services prevents the use of IPsec in most cases?

NAT IPsec cannot typically be used when static IP addresses are not used by both communication partners. NAT proxy performs network address translation on all communications. For this reason, the IP address seen for a system outside of the proxied network is not the real IP address of that system. This prevents the use of IPsec.

You have a file server named Srv3 that holds files used by the Development department. You want to allow users to access the files over the network, and control access to files when files are accessed through the network or through a local logon. Which solution should you implement?

NTFS and share permissions

What is the LEAST secure place to locate an access point with an omni-directional antenna when creating a wireless cell?

Near a window

Which of the following principles is impleneted in a mandatory access control model to detrmine access to an object using classification level?

Need to know

If an organization shows sufficient due care, which burden is eliminated in the event of a security breach? Investigation Negligence Liability Asset loss

Negligence

Which media types can backup files be saved to? select two

Network Attached Storage (NAS) External hard drives

You manage a small network at work. Users use workstations connected to your network, No portable computers are allowed. As part of your security plan, you would like to implement scanning of e-mails for all users. You want to scan the e-mails and prevent any emails with malicious attachments for being received by users. Your solution should minimize administration, allowing you to centrally manage to scan settings. Which solution should you use?

Network based firewall

Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?

Network based firewall

You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part of your security plan, you would like to implement scanning of e-mails for all users. You want to scan the e-mails and prevent any e-mails with malicious attachments from being received by users. Your solution should minimize administration, allowing you to centrally manage the scan settings. Which solution should you use?

Network based firewall A network-based firewall inspects traffic as it flows between networks. For example, you can install a network-based firewall on the edge of your private network that connects to the Internet and scans all incoming e-mail. Scanning e-mail as it arrives at your e-mail server allows you to centralize management and stop malicious e-mails before they arrive at client computers.

In troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet address of each connected subnet. Which type of document would most likely have this information? Procedure Policy Wiring schematic Baseline Network diagram

Network diagram

NaaS

Network features can be provided by a service provider

Local Area Network (LAN)

Network in a small geographic area (i.e. office)

You are in the process of implementing a Network Access Protection (NAP) infrastructure to increase your networks security. You are currently configuring the remediation network that non-compliant clients will connect to in order to become compliant. the remediation network needs to be isolated from the secure network. Which should you implement to do this?

Network segmentation

You have a network connected using a physical bus topology. One of the cables connecting a workstation to the bus breaks. Which of the following best describes what happens to network communications?

No device is able to communicate.

You have a network connected using a physical bus topology. One of the cables connecting a workstation to the bus breaks. Which of the following best describes what happens to network communications?

No device will be able to communicate

You are installing network wiring for a new Ethernet network at our company's main office building. The project specs call for Category 5 UTP network cabling and RJ-45 wall jacks. near the end of the project, you run out of wire before the last few runs are complete. You have a spool of Category 3 network cable in storage. Upon investigation, it appears very similar to Category 5 wiring. Should you substitute Category 3 cabling for Category 5 cabling to finish the project?

No, Category 5 cabling has more twists per inch that Category 3 cabling to reduce cross-talk and support higher data rates.

You are configuring a switch so that you can manage it via PuTTY from the same network segment as the switch. On the switch, you enter the following commands: switch#config terminal switch(config)#interface vlan 1 switch(config-if)#ip address 192.168.1.10 255.255.255.0 Will this configuration work?

No, the no shutdown command needs to be entered.

You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through plenum UTP cable that will be run along the floor around the perimeter of the data center to prevent tripping. To provide power for the net devices.... Will this configuration work?

No, you should consider relocating the new rack next to the existing rack.

You are adding a new rack to your data center, which will house five new blade servers. The new servers will be installed in a cluster that will host a customer tracking database. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to connect each new server to the switch in the existing rack using straight-through UTP cables that will be run along the floor around the perimeter of the data center. To provide power for the new devices, you will hire an electrician to install several new 20-amp wall outlets near the new rack. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work?

No, you should run the cable around the perimeter of the room in a cable tray.

Long ass question #1... Will this implementation work?

No, you shouldn't use multimode patch cables with single mode GBIC moduals

Your 24U rack currently houses two 4U server systems. To prevent overheating, yo've installed a rock-mounted environment monitoring device within the rack. Currently, the device shows the temp within the rack to be 79 degrees. what should you do?

Nothing, the temperature within the rack is within acceptable limits

Which of the following routing protocols divides the network into areas, with all networks required to have an area 0 (area 0 identifying the backbone area)?

OSPF

Which of the following routing protocols divides the network into areas, with all networks required to have an area of 0 (area 0 identifying the backbone area)?

OSPF

Which of the following routing protocols divides the network into areas,with all networks required to have an area 0 (area 0 identifying the backbone areas)?

OSPF

Which of the following routing protocols uses relative link cost as the metric?

OSPF

Which of the following routing protocols are classified as link state routing protocols?

OSPF IS-IS

Which of the following routing protocols are classifies as link state routing protocols? (Select two.)

OSPF IS-IS

Which of the following best describes OSPF

OSPF is a classless link-state routing protocol.

Which of the following best describes OSPF?

OSPF is a classless link-state routing protocol.

What are the main differences between the OSPF and IS-IS routing protocols?

OSPF requires an area 0, while IS-IS does not.

What are the main differences between the OSPF and IS-IS routing protocols?

OSPF requires an area, while IS-IS does not.

optical time domain reflectometer

OTDR

You have a web server that will be used for secure transactions for customers who access the website over the internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?

Obtain a certificate from a public PKI

You have a web server that will be used for secure transactions for customers who access the web site of the internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?

Obtain a certificate from a public PKI.

You have a web server that will be used for secure transactions for customers who access the website over the Internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?

Obtain a certificate from a public PKI.

You are setting up a wireless hotspot in a local coffee shop. For best results, you want todisperse the radio signals evenly throughout the coffee shop.Which of the following types of antennas would you use on the AP to provide a 360degree dispersed wave pattern?

Omni-Directional

Which two of the following describe the channels and data transfer rates used for ISDN BRI?

One D channel operating at 16 kbps Twp B channel operating at 64 kbps each

What is the primary difference between impersonation and masquerading?

One is more active, the other is more passive

Mesh

Only exists when there are multiple paths between any two nodes on a network. Point to point connections.

You are the administrator for a secure network that uses firewall filtering. Several network users have requested to access Internet Usenet groups but are unable. What needs to be done to allow users to access the newsgroups?

Open port 119 to allow NNTP service

You have placed an FTP server in your DMZ behind your firewall. The FTP server will be used to distribute software updates and demonstration versions of your products. Users report that they are unable to access the FTP server. What should you do to enable access?

Open ports 20 and 21 for inbound and outbound connections.

Match the firewall type on the left with its associated characteristics on the right. Each firewall type may be used once, more than once, or not at all.

Operates at Layer 2 >> Virtual firewall Operates at Layer 3 >> Routed firewall Counts as a hop in the path between hosts >> Routed firewall Does not count as a hop in the path between hosts >> Virtual firewall Each interface connects to a different network >> Routed firewall Each interface connects to the same network segment >> Virtual firewall

You have been hired to troubleshoot a wireless connectivity issue for two separate networks located within a close proximity. Both networks use a WAP from the same manufacturer and all settings, with the exception of SSIDs, remain configured to the default. Which of the following might you suspect as the cause of the connectivity problems?

Overlapping channels

Which of the following associates a port number with a host on a private network?

PAT

Consider the network diagram shown below. Click on the item in the diagram that does not follow a standardized labeling scheme

PC2

Match the authentication factor types on the left with the appropriate authentication factor on the right. Each authentication factor type can be used more than once.

PIN ==> Something you know Smart card ==> Something you have Password ==> Something you know Retina scan ==> Something you are Fingerprint scan ==> Something you are Hardware token ==> Something you have User name ==> Something you know Voice recognition ==> Something you are Wi-Fi triangulation ==> Somewhere you are Typing behaviors ==> Something you do

Which of the following is a mechanism for granting and validating certificates?

PKI

Which of the following is a mechanism for granting and validating certificates?

PKI Certificates are obtained from a Public Key Infrastructure (PKI). A PKI is a system that provides for a trusted third party to vouch for user identities. A PKI is made up of Certification Authorities (CAs), also called certificate authorities. A CA is an entity trusted to issue, store, and revoke certificates.

Which of the following describes the lines used in the local loop for dial-up telephone access?

POTS

You are configuring your computer to dial up to the internet. What protocol should you use?

PPP or Point-to-Point Protocol

Which of the following protocols or services is a commonly used on cable internet connections for user authentication?

PPPoE

You have just signed up for internet access using a local provider that gives you fiber optic line into you house form there, Ethernet and wireless connections are used to create a small network within your home. Which of the following protocols would be used to provide authentication , authorization, and accounting for the internet connection?

PPPoE

You want to use a protocol that can encapsulate other LAN protocols and carry the data securely over an IP network. Which of the following protocols is suitable for this task?

PPTP

You have a group of salesmen who would like to access your private network through the Internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?

PPTP L2TP

Which of the following terms identifies the network of the dial-up telephone and the long-distances lines?

PSTN

You are traveling throughout North America to many metropolitan and rural areas. Which single form of Internet connectivity provides the greatest potential connectivity wherever you travel?

PSTN

You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose?

PTZ

You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose?

PTZ A Pan Tilt Zoom (PTZ) camera lets you dynamically move the camera and zoom in on specific areas to monitor (cameras without PTZ capabilities are manually set looking a specific direction). Automatic PTZ mode automatically moves the camera between several preset locations; manual PTZ lets an operator remotely control the position of the camera.

Which of the following best describes the Platform as a Service (PaaS) cloud computing service model?

PaaS delivers everything a developer needs to build an application onto the cloud infrastructure

You are concerned about attacks directed against the firewall on your network. You would like to examine the content of individual frames sent to the network. Which tool should you use?

Packet sniffer.

You are concerned about attacks directed against your firewall on your network. You would like to examine the content of individual frames sent to the network. Which tool should you use?

Packet sniffer.

You want to know what protocols are being used on your network. You'd like to monitor network traffic and sort traffic based on protocol. Which tool should you use?

Packet sniffer.

A Smurf attack requires all but which of the following elements to be implemented?

Padded cell

A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts. Which process did the administrator use in the penetration test in this scenario?

Passive fingerprinting

Which of the following is the most common form of authentication?

Password Most secure systems require only a username and password to provide users with access to the computing environment. Many forms of online intrusion attacks focus on stealing passwords. This makes using strong passwords very important. Without a strong password policy and properly trained users, the reliability of your security system is greatly diminished.

You work as the IT Administrator for a small corporate network. You are configuring a password policy for the domain. Your task in this lab is to edit the Default Domain Policy on CorpDC using Group Policy Management and configure the Account Policy settings to meet the following requirements. -Passwords must be 10 characters long -Passwords must contain uppercase letter, lowercase letter, number, and symbol characters. -Users must change passwords every 90 days. -Users cannot change a new password for at least 14 days. -Any new password must be different than the previous 10 passwords. -If five incorrect passwords are entered within a ten minute interval, lock the account. -Keep accounts locked for 1 hour, then unlock the account automatically.

Password Policy Minimum Password length-10 characters Password must meet complexity requirements- Enabled Maximum password age-90 days Minimum password age- 14 days Enforce password history- 10 passwords remembered Account Lockout Policy Account lockout threshold- 5 Reset account lockout counter after - 10 min Account lockout duration- 60 min

You are the IT Administrator for a small corporate network. As your network grows, you need to delegate common administrative tasks. You have defined the following administrative roles: PasswordAdmins: Delegate permissions to reset passwords to the entire domain ComputerAdmins: Delegate permissions to join computers to the domain for the entire domain GPOLinkAdmins: Delegate permissions to manage GPO links for the Accounting, Marketing, Research-Dev, Sales and Support OU.

PasswordAdmins: Delegate permissions in CorpNet domain to reset passwords to the entire domain ComputerAdmins: Delegate permissions in CorpNet domain to join computers to the domain for the entire domain. GPOLinkAdmins: Delegate permissions to manage GPO links for the Accounting, Marketing, Research-Dev, Sales and Support OU.

Which of the following is used to terminate individual wires from a 25 pair or 100 pair cable using female RJ-45 ports.

Patch panel A patch panel is a device that typically connects individual stranded wires into female RJ-45 conncetors. For example, you might connect 4 pairs of wires from a punchdown block to a port on the patch panel. On the patch panel, you then drop cables (cables with RJ-45 connectors) to the patch panel on one end and a computer on the other end. Use 66 and 110 blocks to connect individual wires within a wiring closet. These punchdown blocks connect the individual wires together, but not terminate in RJ-45 connectors. A horizontal cross connect connects IDFs on the same floor.

You have discovered a computer that is connected to you r network that was used for an attack. You have disconnected the computer from the network to isolate it from the network and stop the attack. Which should you do next?

Perform a memory dump

You have discovered a computer that is connected to your network that was used for an attack. You have disconnected the computer from the network to isolate it from the network and stop the attack. What should you do next?

Perform a memory dump

You have discovered a computer that is connected to your network that was used for an attack. You have disconnected the computer from the network to isolate it from the network and stop the attack. Which should you do next?

Perform a memory dump

You suspect that your web server has been the target of a denial-of-service attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?

Performance

Virtual Switch

Performs layer 2 functions between various server instances running on a single server

DHCP

Performs the task of auto-assigning IP addresses and assigning parameters to those addresses Does 4 Functions (DORA): 1. Discover 2. Offer 3. Request 4. Pack

DNS

Performs the task of taking a Domain Name and resolving that name into a corresponding IP address

Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. What step must be taken to ensure that the information is useful in maintaining a secure environment?

Periodic reviews must be conducted to detect malicious activity or policy violations.

Geography

Personal Area Network (Pan), Local Area Network (LAN), Wireless Local Area Network (WLAN), Metropolitan Area Network (MAN), Wide Area Network (WAN

An attacker uses an exploit to push a modified hosts file to client systems. This hosts fileredirects traffic from legitimate tax preparation sites to malicious sites to gather personal andredirects traffic from legitimate tax preparation sites to malicious sites to gather personal andfinancial information.financial information. What kind of exploit has been used in this scenario?

Pharming DNS poisining

An attacker is trying to compromise a wireless network that has been secured using WPA2-PSK and AES. She first tried using airsnort to capture packets, but found that she couldn't break the encryption. What attack techniques did the attack us? select two

Pharming Evil twin

Users in your organization receive email messages informing them that suspicious activity hasbeen detected on their bank account. They are directed to click a link in the email to verify theirbeen detected on their bank account. They are directed to click a link in the email to verify theironline banking username and password. The URL in the link is in the .ru top-level DNS domain.online banking username and password. What kind of attack has occurred?

Phishing

Users on your network report that they have received an email stating that the company has just launched a new web site for employees, and to access the web site they need to go there and enter their user name and password information. No one in your company has sent this email.

Phishing

Users on your network report that they have received an email stating that the company has just launched a new website. The email asks employees to click the website link in the email and log in using their username and password. No one in your company has sent this email. What type of attack is this?

Phishing

Match the social engineering description on the left with the appropriate attack type on the right.

Phishing -An attacker sends an email pretending to be from a trusted organization, asking users to access a website to verify personal information. Whaling -An attacker gathers personal information about the target individual, who is a CEO. Spear phishing -An attacker gathers personal information about the target individual in an organization. Dumpster diving -An attacker searches through an organization's trash for sensitive information. Piggybacking -An attacker enters a secured building by following an authorized employee through a secure door without providing identification. Vishing -An attacker uses a telephone to convince target individuals to reveal their credit card

What topology is used with 100BaseTX Fast Ethernet networks?(2 answers)

Physical star/logical bus, Physical star/logical star

Match the authentication factor types on the left with the appropriate authentication factor on the right.

Pin Something you know Smartcard something you have Password Something you know Retina scan Something you are Fingerprint scan Something you are Hardware token Something you have User name Something you know Voice récognition Something you are WI-FI triangulation Somewhere you are Typing behaviors Something you do

You need to terminate a Cat6 UTP cable with an RJ45 connector. Your organization's IT policy states that all cable connectors must be wired according to ITA568A standards.

Pin 1 White with green stipe Pin 2 Solid green Pin 3 White with orange stripe Pin 4 Solid blue Pin 5 White with blue stripe Pin 6 Solid orange Pin 7 White with brown stripe Pin 8 Solid brown

which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building>

Place access points above where most clients are

Which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building?

Place accès points above where most clients are

You are adding new wires in your building for some new offices. The building has a false ceiling that holds the lights. You would like to run your Ethernet cables in this area. Which type of cable must you use?

Plenum

Which of the following features is used with digital IP phones to supply power through a switch port?

PoE

Which of the following features us used with digital IP phones to supply power through a switch port?

PoE

Which switch features are typically used with VoIP

PoE VLAN

Which switch features are typically used with VoIP?

PoE VLAN

You have a series of WAN links that connects your site to multiple other sites. Each remote site is connected to you site using a dedicated link.

Point-to-Point

You have a site in your network that is connected to multiple other sites. A single virtual circuit is used to connect to all other sites. What type of connection is being used?

Point-to-multipoint

Listed below are several DNS record types. Match the record the on the left with its function on the right.

Points a hostname to an IPv4 A Provides alternate names to hosts that already have a host record. CNAME Points an IP address to a hostname PTR Points a hostname to an IPv6 address AAAA identifies servers that can be used to deliver mail. MX

A new law was recently passed that states that all businesses must keep a history of all e-mails sent between members of the board of directors. You need to ensure that your organization complies with this law. Which document type would you update first in response to this new law? Change documentation Configuration documentation Procedure Policy

Policy

You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug their computers to the free network and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?

Port authentication

You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug their computers to the free network jacks and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?

Port authentication

You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug their computers to the free network and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?

Port authentication.

Which of the following techniques allows incoming traffic addressed to a specific port to move through a NAT router and be forwarded to a specific host?

Port forwarding

You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use?

Port scanner

Which type of security uses MAC addresses to identify devices that are allowed or denied a connection to a switch?

Port security

Which statements accurately describes port states of both bridges and switches?

Ports in a blocked state still receive BPDUs In the learning state the MAC address table can be populated, but frames not forwarded.

You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into the server components and affecting the ability of the network. Which of the following should you implement?

Positive pressure system

A network utilizes a Network Access Control (NAC) solution to protect against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called? Quarantine Port security Posture assessment Remediation

Posture assessment

A network utilizes a Network Access Control (NAC) solution to protect against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called?

Posture assessment When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. This is called a posture assessment. The agent then submits the results of the assessment as a Statement of Health (SoH) to the System Health Validator (SHV).

Your company recently installed a unified communication system. Employees are now able to inform each other of their availability.

Presence information

In which stage of the evidence lifecycle is the forensic report created?

Preservation and analysis

You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the Internet. From your work office, you can try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the Internet. Why can't you access the server?

Private addresses are not accessible through the Internet.

You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the Internet. From your work office, you try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the Internet. Why cant you access the server?

Private addresses are not accessible through the Internet.

You have a small network at home that is connected to the Internet.On your home network you have a server with the IP address of 192.168.55.199/16.All computers on your home network can connect to the Internet. From your work office,you try to access your home computer using its IP address,but are unable to communicate with the server.You are able to connect other hosts on he Internet Why can't you access the server?

Private addresses are not accessible through the Internet.

CorpServ is a small company with 14 client systems and a network printer. Because there are only a limited number of networked systems, you decide to use APIPA addressing for the network. With APIPA configured, all systems are able to communicate with each other but you are having trouble configuring Internet access. What is the likely cause of the problem?

Private addresses cannot directly communicate to hosts outside the local subnet.

Extranet

Private network that used internet technologies but its resources are made available to external users.

Intranet

Private network the uses internet technologies. Intranet only available to hosts.

A relatively new employee in the data entry cubical farm was assigned a user account similar tothat of all of the other data entry employees. However, audit logs have shown that this useraccount has been used to change ACLs on several confidential files and has accessed data inaccount has been used to change This situation indicates which of the following has occurred?

Privilege escalation

You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffer software on a device which is connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation and not other devices. Which feature should you configure?

Promiscuous mode.

What does hashing of log files provide?

Proof that the files have not been altered

Besides protecting a computer from under voltage, a typical UPS also performs which two actions.

Protects from over voltage Conditions the power signal

You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use?

Protocol analyzer.

Public cloud

Provides cloud services to just about anyone

Your computer has an IP address of 161.13.5.15. Your computer is on a:

Public Network

You computer has an IP address of 161.13.5.15. Your computer is on a:

Public network

Your computer has an IP address of 161.13.5.15.You computer is on a:

Public network

How can an organization help prevent social engineering attacks?

Publish and enforce clearly written security policies //Educate employees on the risks and countermeasures

What tool should you use to extend network services beyond demarc?

Punchdown tool A demarc is the location where the local network ends and the telephone company's network begins. This location is usually at a punch down block in a wiring closet. You use a punchdown tool to attach wires to the punch down block.

You are working with 25 pair wires and 66 blocks. You have pushed the wires onto the 66 block, but now need to cut off the excess end of each wire. Which tool should you use?

Punchdown tool Use a punchdown tool to push into 66 or 110 blocks and cut wires at the same time. The punchdown tool has a blade on one side that cuts off the excess wires. Use snips to cut cables or wires. However, a punchdown tool would be easier to use for this task than wire snips. Use a cable stripper to remove the plastic covering for a cable. Note: When making drop cables or using punchdown blocks, do not remove the plastic covering for individual wires. Use a butt set to connect to phone lines to monitor, make, or answer phone calls.

When analyzing assets, which analysis method assigns financial values to assets? Acceptance Quantitative Qualitative Transfer

Quantitative

You are the IT Security Administrator for a small corporate network. You are planning to use the CorpServer server for your production server and need to have the most throughput possible. As a result, you would like to configure NIC teaming. Your task in this lab is to configure a NIC Team on CorpServer as follows: -Make a note of the current IP configuration for the primary adapter. -Configure all adapters as members of a NIC Team: -Team name: NetTeam -Configure all adapters as members of the team. -Teaming Mode: Switch Independent -Load Balancing Mode: Address Hash -Standby Adapter: Ethernet 3 -Configure the new NIC Team with the static IP address previously used by the primary adapter. Verify the status of the team and your network connection in Network and Sharing Center.

R click the Network icon and select Open Network and Sharing Center. Click on Primary Adapter and write down IPv4 configuration In Server Manager, select Local Server from the menu on the left. Next to NIC Teaming click the disabled link to configure NIC Team. In the Teams Panel, select Task > New Team Type the name of the team and select the adapters to be included in the team. Click additional properties and configure as required. Click ok. In network and sharing center, click change adapter settings. R click the NIC Team adapter and select properties, select IPv4 and click properties. Enter the configuration information used previously and click ok.

Which of the following is a platform independent authentication system that maintains a database of user accounts and passwords that centralizes the maintenance of the accounts?

RADIUS

You want to implement 802.1x authentication on your wireless network. Which of the following will be required>

RADIUS

Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access? (Select two.)

RADIUS TACACS+

Which of the following is a platform independent authentication system that maintains a database of user accounts and passwords that centralizes the maintenance of those accounts?

RADIUS The Remote Authentication Dial-In User Service (RADIUS) is an authentication system that allows the centralization of remote user account management.

Which type of device is required to implement port authentication throughout a switch?

RADIUS Server

Which of the following are differences between RADIUS and TACACS+?

RADIUS combines authentication and authorization into a single function: TACACS+ allows these services to be split between different servers.

Which of the following are differences between RADIUS and TACACS+?

RADIUS combines authentication and authorization into a single function; TACACS+ allows these services to be split between different servers.

You want to set up a service to allow multiple users to dial in to the office server form modems on their home computers. Which service should you implement?

RAS or Remote Access Service

Which of the following protocols or services would you associate with Windows Remote Desktop Services network traffic?

RDP

You are in the middle of a big project at work. All of you work files are on a sever at the office. You want to be able to access the sever desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer a t home. Which protocol should you use?

RDP

You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer at home. Which protocol should you use?

RDP

You have a small home network connected to the Internet using an RG-6 cable. You need to move the router connecting the network to the Internet, but can't find any RG-6 cable. Which cable types could you use instead?

RG-59

Of the following cables, which offer the best protection against EMI?

RG-6

Which of the following protocols has a limit of 15 hops between any two networks?

RIP

Which of the following protocosl has a limit of 15 hops between any two networks?

RIP

What is the main difference between RIP and RIPv2?

RIP is a classful protocol, while RIPv2 is a classless protocol.

What is the main difference between RIP and RIPv2?

RIP is a classful protocol,while RIPv2 is a classless protocol.

Which of the following statements about RIP is true?

RIP uses hop counts as the cost metric.

Which of the following standards is typically used in a rollover cable?

RJ-232

Which standard is typically used in a rollover cable?

RJ-232

Which of the following connectors is used with Ethernet 10BaseT networks?

RJ-45

Which of the following are requirements of the 1000BaseT Ethernet standards?(3 answers)

RJ-45 connectors The cable length must be less than or equal to 100m CAT 5e cabling

Which of the following connector types are used with UTP cables? (Select two)

RJ45 RJ11 Both RJ11 and RJ45 connectors are used with UTP (unshielded twisted pair) cables. BNC and F-Type connectors are used with coaxial cables. SC connectors are used with fiber optic cables.

Which of the following connector types would you most likely use to connect a T1 WAN service?

RJ48c

Which of the ff. password attacks uses preconfigured matrices of hashed dictionary words?

Rainbow table

Which phase or step of security assessment is a passive activity

Reconnaissance

You need to find out what kind of laws might apply to the design and operation of your network which type of document would you consult? Baseline Procedure Policy Regulation

Regulation

You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around the facility you note the following: When you enter the facility, a receptionist greets you and directs you down the hallway to the office manager's cubicle. The receptionist uses a notebook system that is secured with a cable lock. The office manager infroms you that the organizations servers are kept in a locked closet. Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access the closet. She informs you that the server backups are configured to run each night. A rotation of external usb hard drisks are used a backup media You notice the orgnaization's network switch is kept in an empty cubicle adjacent to the office managers workspace You notice that a router/firewall/content filter all in one device has been implemented in the server closet to protect the internal network from external attacks. Which security related recommendations should you make to this client?

Relocate the switch to the locked server closet Control access to the work area with locking doors and card readers

You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: • When you enter the facility, a receptionist greets you and directs you down the hallway to the office manager's cubicle. The receptionist uses a notebook system that is secured to her desk with a cable lock. • The office manager informs you that the organization's servers are kept in a locked closet. Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access the closet. • She informs you that server backups are configured to run each night. A rotation of external USB hard disks are used as the backup media. • You notice the organization's network switch is kept in an empty cubicle adjacent to the office manager's workspace. • You notice that a router/firewall/content filter all-in-one device has been implemented in the server closet to protect the internal network from external attacks. Which security-related recommendations should you make to this client? (Select two.)

Relocate the switch to the locked server closet. Control access to the work area with locking doors and card readers.

You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: • When you enter the facility, a receptionist greets you and directs you down the hallway to the office manager's cubicle. The receptionist uses a notebook system that is secured to her desk with a cable lock. • The office manager informs you that the organization's servers are kept in a locked closet. Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access the closet. • She informs you that server backups are configured to run each night. A rotation of external USB hard disks are used as the backup media. • You notice the organization's network switch is kept in an empty cubicle adjacent to the office manager's workspace. • You notice that a router/firewall/content filter UTM device has been implemented in the server closet to protect the internal network from external attacks. Which security-related recommendations should you make to this client? (Select two.)

Relocate the switch to the locked server closet. Control access to the work area with locking doors and proximity readers.

Match the definition on the left with the SCADA technology term on the right

Remote Terminal Unit- Connects equipment to the network via a wireless signal and converts digital data from the network into signals that the equipment can process. DCS- A network of components that work together in order to remotely manage industrial equipment. Network Link- Connects the supervisory computer to the RTUs or PLCs. Supervisory Computer-Communicates with and send control commands to connected SCADA devices. Programmable logic Controller- Connects equipment to the network via a physical medium and converts digital data into signals that the equipment can process

A smart phone was lost at the airport. There is no way to recover the device. Which of the following will ensure data confidentiality on the device?

Remote Wipe

SCADA systems are typically implemented using which of the following components?

Remote terminal units (RTUs), and programmable Logic Controllers (PLCs)

You are implementing a wireless network inside a local office. You require a wireless link to connect a laptop in the administrator's office directly to a system in the sales department. In the default configuration, the wireless AP uses a 360dispersed RF wave design. After installed, the signal between the two systems is weak as many obstacles interfere with the signal.

Replace the Omni-directional antenna with a directional antenna

A user from the Sales department calls to report that he is experiencing problems connecting to the Sales file server. All users in the Sales department connect to the Sales server through a single Ethernet switch. No other users have reported problems connecting to the Sales server. Which of the following troubleshooting actions are you most likely to perform first?

Replace the network card in the user's computer.

Which of the following are solutions that address physical security?(Select two)

Require identification and name badges for all employees //Escort visitors at all times

A user named Bob smith has been assigned a new desktop workstation to complete his day-to-day work. the computer runs Windows 7. When provisioning Bob's user account in your organization's Romain, you assigned an account name of BSmith with an initial password of bw2Fs3D. On first logon, Bob is prompted to change his password, so he change it to Fido, the name of his dog. What should you do to increase the security of Bob's account?(select two) Require users to set a stronger password upon initial logon. Configure user account names that are easy to guess. Upgrading the workstation to windows 8 Do not allow users to change their own passwords. Train user not to use password that are easy to guess

Require users to set a stronger password upon initial logon. Train user not to use password that are easy to guess

Your company has developed and implemented counter measures for the greatest risks to their assets. How ever, there is still some risk left. What is the remaining risk called? residual risk Exposure loss risk

Residual risk

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. What type of security risk is this?

Rogue access point

Workstation -> Router Config Port. What cable?

Rollover

You have purchased a new router that you need to configure. You need to connect a workstation to the router's console port to complete the configuration task. Which type of cable would you most likely use?

Rollover

You have heard about a new malware program that presents itself to user as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to various system components. The program then tracks system activity and allows an attacker to remotely gain administrator access to the computer. Which of the ff. terms best describes this software?

Rootkit

You have heard about a new malware program that presents itself to users as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to various operating system components. The program then tracks system activity and allows an attacker to remotely gain administrator access to the computer. Which of the following terms best describes this software?

Rootkit A rootkit is a set of programs that allows attackers to maintain permanent, administrator-level, hidden access to a computer. Rootkits require administrator access to install, and typically gain this access using a Trojan horse approach--masquerading as a legitimate program to entice users to install the software.

You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the same switch which is in VLAN 2. What should you configure so that the two devices can communicate?

Routing

You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAn 2 on each switch. A device on the first switch in VLAN 1 needs to be communicate with a device on the same switch is VLAN 2. What should you configure so that the two devices can communicate?

Routing

You are troubleshooting access to a server in a remote network. You use the tracert command and see the following: Trace route to 192.168.2.250 over a maximum of 30 hops: 1 2 ms 2 ms 2 ms 192.168.12.11 2 2 ms 2 ms 2ms 192.168.11.1 3 5 ms 5 ms 3 ms 192.168.10.15 4 2 ms 2 ms 2 ms 192.168.9.1 5 5 ms 5 ms 3 ms 192.168.11.1 6 2 ms 2 ms 2 ms 192.168.10.15 7 5 ms 5 ms 3 ms 192.168.9.1 ...additional output omitted What is the problem?

Routing loop.

You have a development machine contains sensitive information relative to your business. You are concerned that spyware and malware installed while browsing websites could compromise your system or pose a confidentiality risk. Which of the ff. would best protect your system?

Run the browser within a virtual environment

You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do?

Run the packet sniffer application on Host B.

you want to use a protocol for encrypting e-mails that uses a PKI with x.509 certificates. which method should you choose

S/MIME

Which of the following is an example of smart technology embedded within networked devices associated with automated factory equipment?

SCADA systems

Which of the following internet services provides equal upload and download bandwidth?

SDSL

Which of the following protocols are used by VoIP to set up, maintain, and terminate a phone call?

SIP

Which of the following protocols is used by VoIP to set up, maintain, and terminate a phone call?

SIP

Which of the following protocols is used by VoIP to set up,maintain,and terminate a phone call?

SIP

Which of the following protocols are used with VoIP?

SIP RTP

Which of the following protocols are used with VoIP? (Select two.)

SIP RTP

What type of attack is most likely to succeed against communications between Instant Messaging clients?

SNIFFING

Because of an unexplained network slowdown on your network, you decide to install monitoring software on several key network hosts to locate the problem. You will then collect and analyze data from a central network host. What protocol will the software use to detect the problem?

SNMP

Simple Network Management Protocol

SNMP

Which protocol uses traps to send notifications from network devices?

SNMP

Get

SNMP Message Type: Retrieves information from a managed device.

Set

SNMP Message Type: Sets a variable in a managed device or triggers an action on a managed device.

Trap

SNMP Message Type: an unsolicited message sent from a managed device to an SNMP manager, which can notify the SNMP manager about a significant event that occurred on the managed device.

authPriv

SNMP Security Level: Offers HMAC MD5 or SHA authentication and provides privacy through encryption. Specifically, the encryption uses the Cipher Block Chaining (CBC) Data Encryption Standard (DES) (DES-56) algorithm.

authNoPriv

SNMP Security Level: Provides authorization using hashed message authentication code (HMAC) with message digest 5 (MD5) or Secure Hash Algorithm (SHA). However, no encryption is used.

noAuthNoPriv

SNMP Security Level: Uses community strings for authorization and does not use encryption to provide privacy.

Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet?

SSH

Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable to Telnet?

SSH

Which of the following network services or protocols uses TCP/IP port 22?

SSH

Which of the following protocols can be used to securely manage Authentication for agents and managers?

SSH

Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet?

SSH SSH (Secure Shell) allows for secure interactive control of remote systems. SSH uses RSA public key cryptography for both connection and authentication. SSH uses the IDEA algorithm for encryption by default, but is able to use Blowfish and DES.

you have physically added a wireless access point to your network and installed a wireless network card in two laptops running windows. Neither laptop can find the network and you have come to the conclusion that you must manually configure the wireless access points (AP). Which of the following values uniquely identifies the network AP?

SSID

You want to connect your client computer to a wireless access point connected to your wired network air work. The network Admin tells you that the access point is configured to use WPA2 personal with the strongest encryption method possible. SSID broadcast is ruined off. Which of the following must you configure manually on the client. select three

SSID AES Preshared Key

FTPS uses which mechanism to provide security for authentication and data transfer?

SSL

Which protocol does HTTPS use to offer greater security for Web transactions?

SSL

You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations.

SSL

You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports,hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls?

SSL

Which protocol does HTTPS use to offer greater security in Web transactions?

SSL HTTPS uses Secure Sockets Layer (SSL) to offer greater security in Web transactions.

You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls?

SSL Ports must be opened in firewalls to allow VPN protocols. For this reason, using SSL for the VPN often works through firewalls when other solutions do not because SSL uses port 443--a port that is often already open to allow HTTPS traffic. In addition, some NAT solutions do not work well with VPN connections.

Which of the following protocols are often added to other protocols to provide secure transmission of data?

SSL TLS

You can use a variety of methods to manage the configuration of a network router. Match the management option on the right with its corresponding description on the left. (Each option can be used more than once.)

SSL Uses publickey cryptography HTTP Transfers data in clear text SSH Uses publickey cryptography Telnet Transfers data in clear text Console port Cannot be sniffed

You can use a variety of methods to manage the configuration of a network router. Match the management option on the right with its corresponding description on the left. (Each option can be used more than once.)

SSL ==> Uses public-key cryptography HTTP ==> Transfers data in clear text SSH ==> Uses public-key cryptography Telnet ==> Transfers data in clear text Console port ==> Cannot be sniffed

Which protocol does HTTPS use to offer greater security for Web transactions?

SSL.

Which of the following connectors is used with fiber optic cables and connects using a twisting motion?

ST

Which of the following cloud computing solutions will deliver software applications to a client either over the Internet or on a local area network?

SaaS

You are configuring a wireless network with two wireless access points. Both access points connect to the same wired network. You watn wireless users to be able to connect to either access point, and to be able to raom between the two access points. How should you configure the access points?

Same SSID, different channel

A health care organization provides mobile clinics throughout the world. Which network technology connectivity for any clinic located anywhere in the world, ever remote areas?

Satellite

Which of the following is most susceptible to interference related to atmospheric conditions?

Satellite

Which security protocols use RSA encryption to secure communications over an untrusted network? (Select two.)

Secure Sockets Layer Transport Layer Security

You want to use CCTV as a preventative security measure. Which of the following is a requirement for your plan?

Security guards

A switch receives a frame addressed to the MAC address FF:FF:FF:FF:FF:FF. What will the switch do with the frame?

Send it out all ports except for the port it was received on

One of the components of Simple Network Management Protocol (SNMP) is an alert. Which of the following best describes an SNMP alert?

Sends a message via email or SMS when an event occurs

What does the MAC method use to control access?

Sensitivity labels

Which of the following protocols is used during the call control process of multimedia communications?

Session Initiation Protocol

Mobile devices in your organization us the access point shown in the figure below to connect to your wireless network. what should you do. select two

Set the channel used by access pint B to 8 Set the access point B to sue 802.11n wireless network

Physical (Layer 1)

Sets standards for sending and receiving electrical signals between devices.

You work as the IT Administrator for a small corporate network. You are creating a share for the H:\Components folder on the CorpFiles12 file server. Research and Development department employees need to store programming components in the shared folder. You want to secure the data in the folder as follows: - Members of the Research Resources group should have full control over this folder. - All other users should be able to view the contents of the folder. -Permissions should apply to both network access through the share and local access.

Share a folder using file explorer: Click CORPSERVER, click CorpFiles12 and select connect. On the taskbar, select file explorer Navigate to the folder you want to share, R click the folder and select properties, on the sharing tab click advanced sharing Select share this folder, in the share name field, type the name to be used when accessing the shared folder. To make the share hidden end the name with a dollar sign ($) If desired, type a comment for the share. If you want to limit the number of users that and concurrently connect to the shared folder, specify a number of users in "Limit the number of simultaneous users to:" Click ok to close advanced sharing. Configure Shared Folder Permissions: From the sharing tab, click advanced sharing, click permissions, select security principal and check or uncheck the desired permissions. click ok. Configure NTFS permissions: From the security tab, click edit. Click add, if necessary, click locations and select the location where windows will look for security principals. Enter the name of each security principal that will receive permission to the folder. or click advanced then Find Now to select security principals from a list. Click ok. Check or uncheck desired permissions. click ok

Which of the following are examples of social engineering?

Shoulder surfing Dumpster diving

Your organizations security policy specifies that any mobile device (regardless of ownership) that connects to your internal network must have remote with enabled. If the device is lost or stolen, then it must be wiped to remove any sensitive data from it. Your organization recently purchased several Windows RT tablets. Which should you do?

Sign up for a Microsoft Intune account to manage the tablets

You are considering using WIFI triangulation to track the location of wireless devices within your organization. However, you have read on the internet that this type of tracking can produce inaccurate results. What is the most important consideration for getting reliable results when implementing this type of system?

Signal strength

Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities listed in a database?

Signature based

Non-Return-to-Zero

Similar to Return-to-zero. tere is no netural (zero) voltage state between bits

Which of the following forms of optical fiber would usually be used to connect two building across campus from each other, which are several kilometers apart?

Single Mode

You want to implement an Ethernet network at very long distances using fiber optic cables. Which standard and cable type would you choose?(2 answers)

Single Mode Fiber 1000BaseLX

Of the following cables, which offer the best protection against EMI?

Single mode fiber optic

SMF

Single path of Light Progression for a Fiber-Optic Cable

RJ-11

Six Pin Connector availability. Usually only consist of 2-4 conductors. Most commonly found in home telephone networks.

Which of the following is a hardware device that contains identification and which can be used to control building access or computer log on.

Smart Card

Users report that the Internet is no longer accessible. You suspect that the line connecting your building to the Internet is not working properly. Which of the following allows the service provider to remotely test the local loop?

Smart jack.

Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?

Smurf

Which of the following are denial of service attacks? (Select two.)

Smurf Fraggle

Which type of social engineering attack uses peer pressure to persuade someone to help an attacker?

Social validation

toner probe

Sometimes called a fox and hound, this allows you to place a tone generator at one end of the connection (for example, in someone's office) and use a probe on the punch-down block to audibly detect to which pair of wires the tone generator is connected.

You have just installed a packet-filtering firewall on your network. Which options will you be able to set on your firewall? (Select all that apply.)

Source address of a packet Port number Destination address of a packet

Which of the following features are common functions of an all-in-one security appliance? (Select two.)

Spam filtering Bandwidth shaping

Which of the following features dynamically places switch ports in blocking or forwarding states?

Spanning tree

You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active patch between any two switches?

Spanning tree

Match each Interoperability Agreement document on the left with the appropriate description on the right. Each document may be used once, more than once, or not at all. Specifies exactly which services will be performed by each party Creates an agreement with a vendor to provide services on an ongoing basis Provides a summary of which party is responsible for performing specific tasks Documents how the networks will be connected Defines how disputes will be managed Specifies a preset discounted pricing structure Choices SLA BPO MOU ISA

Specifies exactly which services will be performed by each party - SLA Creates an agreement with a vendor to provide services on an ongoing basis - BPO Provides a summary of which party is responsible for performing specific tasks - MOU Documents how the networks will be connected - ISA Defines how disputes will be managed - SLA Specifies a preset discounted pricing structure - BPO

One method of preventing routing loops is to not send information about a route back to the router from which the information came? What is this technique called?

Split horizon

Which of the following physical topologies are used with Ethernet networks?(2 answers)

Star Bus

Which of the following are characteristics of a circuit level gateway?

Stateful Filters based on sessions

You are the network administrator for a small company that implements NAT to access the Internet. However, you recently acquired 5 servers that must be accessible from outside your network. Your ISP has provided you with 5 additional registered IP addresses to support these new servers but you don't want the public to access these servers directly. You want to place these servers behind your firewall on the inside network yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these 5 servers?

Static

You have a small network at home that is connected to the Internet.On your home network you have a server with the IP address of 192.168.55.199/16.You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal Web site. What should you use to allow access?

Static NAT

Which type of virus intercepts system requests and alters service outputs to conceal its presence?

Stealth

Arrange the Fibre Channel SAN implementations tasks in the order they should be performed.

Step 1- Install a Fibre Channel adapter in each server that will access the shared storage on the SAN. Step 2- Deploy a Fibre Channel switch. Step 3- Connect each server to the Fibre Channel switch using the appropriate fiber optic cabling for the equipment you are using. Step 4- Deploy a shared storage device, such as an external RAID device containing multiple hard disk drives.

Workstation -> Switch through regular port (not uplink) and switch doesn't support auto-mdi.

Straight Through

You need to connect a workstation to a switch using a regular port on the switch (not an uplink port). The switch does not sport auto-MDI. Which type of cable should you use?

Straight-Through

Management

Subnet, Internetwork, Network

Which of the following best describes the purpose of using subnets?

Subnets divide an IP address into multiple addresses.

Which of the following best describes the purpose of using subnets?

Subnets divide an IP address into multiple network addresses.

Which of the following best describes the purpose of using subnets?

Subnets divide an IP network address into multiple network addresses.

Which of the following best describes how addressing is configured for the subnet?

Supernetting

You manage a subnet that uses the following subnet address: 198.162.1.0/23. Which of the following best describes how addressing is configured for the subnet?

Supernetting

You manage a subnet that uses the following subnet address: 198.162.1.0/23. Which of the following best describes how addressing is configured for the subnet?

Supernetting.

You manage a subnet that uses the following subnet address: 198.162.1.0/23. Which of the following best describes how addressing is configured for the subnet?

Supernetting.

A VPN is used primarily for what purpose?

Support secured communications over an untrusted

A VPN is used primarily for what purpose?

Support secured communications over an untrusted network.

Which of the following are characteristics of VDSL?

Supports both data and voice at the same time unequal down and upload speeds

Which of the following is a characteristic of SDSL?

Supports data traffic only (No Voice)

Which of the following is the least effective power loss protection for computer systems?

Surge protector

Which of the following connectivity hardware is used to create a VLAN?

Switch

You want to reduce collisions by creating separate collision domains and virtual LANs. Which of the following devices should you choose?

Switch

When configuring VLANs on a switch, what is used to identify VLAN membership of a device?

Switch Port

When configuring VLANs on a switch, what is used to identify VLAN membership of a device?

Switch port

Which of the following statements accurately describes a VLAN ID?

Switches append a VLAN ID to the header of each frame to identify the virtual network to which it belongs.

What problem does the Spanning Tree protocol prevent?

Switching loops from developing when redundant paths are implemented between switches.

Which of the following is a standard for sending log messages to a central logging server?

Syslog

Syslog servers

Syslog Logging Component: Receives and stores log messages sent from syslog clients.

Syslog clients

Syslog Logging Component: Send logging information to a syslog server.

Critical (2)

Syslog Severity Level: A less-severe condition, as compared to alerts, which should be addressed to prevent an interruption of service

Alerts (1)

Syslog Severity Level: Conditions requiring immediate attention

Informational (6)

Syslog Severity Level: Detailed information about the normal operation of a system

Debugging (7)

Syslog Severity Level: Highly detailed information (for example, information about individual packets), which is typically used for troubleshooting purposes

Notifications (5)

Syslog Severity Level: Nonerror notifications that alert an administrator about state changes within a system

Errors (3)

Syslog Severity Level: Notifications about error conditions within the system that do not render the system unusable

Warnings (4)

Syslog Severity Level: Notifications that specific operations failed to complete successfully

Emergencies (0)

Syslog Severity Level: The most severe error conditions, which render the system unusable

Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access?

TACACS+ RADIUS

Which of the following protocols includes extensive error checking to ensure that a transmission is sent and received without mistakes?

TCP

time domain reflectometer

TDR

Which encryption method is used by WPA for wireless networks?

TKIP

You have a small wireless network that uses multiple access points. The network currently uses WPA. You want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop?

TKIP encryption Preshared key

Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)

TLS SSL Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are protocols that are used with other protocols to add security. In addition, Secure Shell (SSH) can be used to add security when using unsecure protocols.

What is the primary purpose of penetration testing?

Test the effectiveness of your security perimeter

You have recently experienced a security incident with one of your servers. After some research, you determine that hotfix #568994 that has recently been released would have protected the server. Which of the ff. recommendations should you follow when applying the hotfix?

Test the hotfix, then apply it to all servers.

Transport (Layer 4)

The Transport layer provides a transition between the upper and lower layers of the OSI model making the upper and lower layer transparent from each other.

A small startup company has hired you to harden their new network. Because funds are limited, you have decided to implement a unified threat management (UTM) device that provides multiple security features in a single network appliance: • Firewall • VPN • Anti-spam • Antivirus You join the UTM device to the company's Active Directory domain. The company's traveling sales force will use the VPN functionality provided by the UTM device to connect to the internal company network from hotel and airport public WiFi networks. What weaknesses exist in this implementation?

The UTM represents a single point of failure.

Which of the following is true about single mode fiber optic network cabling?

The central core is smaller than that of multimode fiber optic cabling

A user on your network has been moved to another office down the hall. after the move she calls you complaining that she has only occasional network access through her wireless connection. Which of the following is most likely the cause of the problem?

The client system has moved to far away from the access point.

A network is connected following the IEEE 802.3 specifications. Which of the following best describes when a device can transmit messages?

The device listens to determine if the transmission media is free.

What information does the next hop entry in a routing table identify?

The first router in the path to the destination network.

What information does the next hop entry in the routing table indentify?

The first router in the path to the destination network.

Consider the following output generated by the show interface fa0/0 command generated on a router: Which of the following statements are true about fa0/0 interface. select three

The interface has been dropping incoming packets Several collisions have occurred One cyclic redundancy check error has occurred

Which of the following are true using multiple VLANS on a single switch? select two

The number of broadcast domains increases The number of collision domains remain the same

A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While talking to her, you discover that she is trying to work from the coffee rom two floors above the floor where she normally works. What is the most likely cause of her connectivity problem?

The user is out of the effective range of the wireless access point on her floor

A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer.While talk to her, you discover that she is trying to work from the coffee room two floors above the floor where she normally works. What is the most likely cause of her connectivity problem?

The user is out of the effective range of the wireless access point on her floor.

Your organization uses an 802.11b wireless network. Recently other tenets installed the following equipment in your building....

The wireless tv system

While viewing the status of the interfaces on a Cisco switch, you see abnormally large of oversized ethernet frames being received on one interface. This interface is connected to a workstation located on the 2nd floor. What could be causing this to happen?

The workstation's network board is jabbering

What is the risk associated with smart technology used in network devices such as smart refrigerators, environmental controls, or industrial equipment?

They are vulnerable to exploits due to weaker security.

cable tester

This can test the conductors in an Ethernet cable. It contains two parts. By connecting these parts to each end of a cable under test, you can check the wires in the cable for continuity (that is, check to make sure that there are no opens, or breaks, in a conductor). In addition, you can verify an RJ-45 connector's pinouts (which are wires connected to the appropriate pins on an RJ-45 connector).

When using Kerberos authentication, which of the following terms is used to describe the token that verifies the identity of the user to the target system?

Ticket The tokens used in Kerberos authentication are known as tickets. These tickets perform a number of functions including notifying the network service of the user who has been granted access, and authenticating the identity of the person when they attempt to use that network service.

Which of the following are used when implementing Kerberos for authentication and authorization?

Ticket granting server Time Server

Which of the following are used when implementing Kerberos for authentication and authorization? Select two

Time server Ticket granting server

What purpose does a wireless site survey serve? select two

To Identify existing or potential sources of interference To identify the coverage area and preferred placement of access points.

What is the primary purpose of gateway redundancy?

To overcome a single point of failure on the next hop router

Why should backup media be stored offsite?

To preven the same disaster from affecting both the network and the backup media

Which of the following is a good reason to install a firewall?

To prevent hackers from accessing your whole network.

ESD wrist strap

To prevent static electricity in your body from damaging electrical components on a circuit board, you can wear this. It is equipped with a clip that you can attach to something with a ground potential (for example, a large metal desk). While wearing this, if you have any static buildup in your body, the static flows to the object with a ground potential to which your strap is clipped, thus avoiding damage to any electrical components that you might touch.

Which of the following is an example of three-factor authentication?

Token device, keystroke analysis, cognitive question Three-factor authentication uses three items for authentication, one each from each of the authentication types: • Type I (something you know, such as a password, PIN, pass phrase, or cognitive question) • Type II (something you have, such as a smart card, token device, or photo ID) • Type III (something you are, such as fingerprints, retina scans, voice recognition, or keyboard dynamics)

MDI

Traditional Port found in a PC's NIC

Purchasing insurance is what type of response to risk? Acceptance Transference Rejection Deployment of a countermeasure

Transference

Which electrical devices is used to convert the voltage of an alternating current (AC) from the utilities company's transmission lines to 110 volts that can be used by devices in the data center?

Transformers

Match each WIFI jamming attach on the left with its corresponding description on the right.

Transmits radio signals at random amplitudes and frequencies/ Random noise jamming Transmits pulses of radio signals at random amplitudes and frequencies/Random pulse jamming Repeatedly transmits high-intensity, short-duration RF burst at a rapid pace/ Spark jamming

You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature allows the switches to pass VLAN traffic between the switches?

Trunking

Which of the following allows for easy exit of an area in the event of an emergency, but prevents entry? (Select two.)

Turnstile Double-entry door A double entry door has two doors that are locked from the outside but with crash bars on the inside that allow easy exit. Double entry doors are typically used only for emergency exits, and alarms sound when the doors are opened. A turnstile is a barrier that permits entry in only one direction. Turnstiles are often used to permit easy exit from a secure area.

What is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment but which actively prevents re-entrance through the exit portal?

Turnstiles

What is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment but which actively prevents re-entrance through the exit portal?

Turnstiles Turnstiles allow easy egress from a secured environment but actively prevent re-entrance through the exit portal. Turnstiles are a common exit portal used in conjunction with entrance portal mantraps. A turnstile cannot be used to enter into a secured facility as it only functions in one direction.

What type of cabling is used with 100BaseTX Fast Ethernet networks?

Type 1A STP or Category 5 UTP

RG-59

Typically used for short distance applications, such as carrying composite video between two nearby devices

Match each UC component on the left with its corresponding definition on the right.

UC Server - Manages the entire UC system UC Gateway - Connects a digital network to an analog network UC Server - Makes presence information available to users UC Hardware Device - An IP phone for making phone calls UC Gateway - Connects a UC network to the PSTN UC Software Device - A smart phone used to access the UC system UC Hardware Device - Designed to work specifically with the UC server

Which protocol and port number is used by BOOTP/DHCP?

UDP 67

Which protocol and port number is used by TFTP?

UDP 69

What is the greatest threat to the confidentiality of data in most secure organizations? Malware USB devices Hacker intrusion Operator error

USB devices

Which type of address is the IP address 198.162.12.254/24?

Unicast

If your anti-virus software does not detect and remove a virus, what should you try first?

Update your virus detection software.

You are troubleshooting a connectivity problem in which one clien system is unable to connect to a server. Both the server and client system are connected to the same Ethernet network switch. No other users have complained of a problem, and you suspect that faulty network cabling might be to blame. Which of the following troubleshooting steps are you most likely to perform first?

Use a cable tester to test the cable between the computer system and the network switch.

While configuring a new 802.11g wireless network, you discover another wireless network within range that uses the same channel ID that you intend to use. Which of the following strategies are you most likely to adopt in order to avoid a conflict between the networks?

Use a different channel ID

You manage a network with a single switch. All hosts connect to the network through the switch. You want to increase the security of devices that are part of the accounting department. You want to make sure that broadcast traffic sent by an accounting computer is only received by other accounting computer , and you want to implement ACLs to control traffic sent to accounting computers through the network. What should you do? Configure MAC address filtering on the switch for the accounting computers Implement NAC with 802.1x authentication for the accounting computers. Configure a VLAN on the switch for the accounting computers. Use a router to configure a subnet for the accounting computers.

Use a router to configure a subnet for the accounting computers.

You have 5 salesmen who work out of your office and who frequently leave their laptops laying on their desk in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best protection to implement to address your concerns?

Use cable locks to chain the laptops to the desks

You have 5 salesmen who work out of your office and who frequently leave their laptops laying on their desk in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best protection to implement to address your concerns?

Use cable locks to chain the laptops to the desks

You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users. Which solution should you use?

Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.

You are the network administrator for a growing business. When you were initially hired, the organization was small and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device's console. However, the organization has grown considerably in recent months. You now must manage 8 individual switches and three routers. It's becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner. What should you do?

Use syslog to implement centralized logging.

Which of the following methods would you use to create a crossover cable?

Use the T568A standard on one connector, and the T568B standard on the other connector. The easiest way to create a crossover cable is to arrange the wires in the first connector using the T568A standard and arrange the wires in the second connector using T568B standard. A crossover cable connects the transmit pins on one connector to the receive pins on the other connector (pin 1 to pin 3 and pin 2 to pin 6).

crimper

Used to attach a connector (for example, an RJ-45 connector) to the end of an unshielded twisted-pair (UTP) cable.

"What security mechanism uses a unique list for each object embedded directly in the object itself that defines which subjects to have access to certain objects and the level or type of access allowed?"

User ACL

Which of the following information is typically not included in an access token?

User Account password

Which of the following identification and authentication factors are often well-known or easy to discovery by others on the same network or system?

Username

Which of the following identifications and authentication factors are often well-know or easy to discover by others on the same network or system?

Username

Match each bring your own device (BOYD) security concern on the right with a possible remedy on the left. Each remedy may be used once, more than once, not at all.

Users take pictures of proprietary processes and procedures- Specify where and when mobile devices can be possessed in your acceptable use policy. Devices with a data plan can e-mail stole data- Specify where and when mobile devices can be possessed in your acceptable use policy Devices have no PIN or password configured- Enroll devices in a mobile device management system Anti-malware software is not installed- Implement a network access control (NAC) solution A device containing sensitive data may be lost- Enroll devices in a mobile device management system

Which of the following are characteristics of TACACS+? (Select two.)

Uses TCP Allows for a possible of three different servers, one each for authentication, authorization, and accounting

Star

Uses a hub or switch to connect all network connections to a single physical location

Which of the following statements about SSL VPN are true? select two

Uses port 443 Encrypts the entire communication session

Virtual PBX

Usually a VoIP solution, where voice is encapsulated inside data packets for transmission across a data network

You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?

VLAN

You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?

VLAN Define virtual LANs (VLANs) on the switch. With a VLAN, a port on the switch is associated with a VLAN. Only devices connected to ports that are members of the same VLAN can communicate with each other. Routers are used to allow communication between VLANs if necessary.

You need to keep users in all other departments from accessing the servers used by the finance department. Which of the following technologies should you use to logically isolate the network?

VLANs

You manage a server at work that has just been configured with a new application. Consequently, the server has crashed several times during the last week. you think you have the problem resolved, but you would like to be able to manage the server remotely in case there is a problem Which of the following protocols would you use for remote management? select two

VNC ICA

You have a group of salesmen who would like to access your private network through the Internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?

VPN concentrator

You have just received a generic-looking email that is addressed as coming from the administrator of your company. The email says that as part of a system upgrade, you are to go to a website and enter your username and password at a new website so you can manage your email and spam using the new service. What should you do?

Verify that the email was sent by the administrator and that this new service is legitimate

You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building closet on the main floor. You have a wiring closet on the two remaining fllors directly above the wiring closet on the main floor. What woud you use to connect the wiring closets together?

Vertical cross connect A vertical cross connect connects the main distribution frame (MDF) on the main floor to intermediate distribution frames (IDFs) on upper floors. Cabling runs vertically (up and down) between the MDF and the IDFs. A horizontal cross connect connects IDFs on the same floor. Cabling runs horizontally (sideways) between the IDFs. A smartjack is a special loopback plug installed at the demarcation point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc. A demarc extension extends the demacation point from its original location to another location within the building.

You have configured a virtual network that includes the following virtual components: *Four virtual machines (Virtual OS 1, Virtual OS 2, etc.) *One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Give the port configuration for the virtual switch and the physical switch in the table below, click on on all of the virtual and physical machines Virtual OS 1 can communicate with.

Virtual OS 2 Virtual OS 3

You have configured a virtual network that includes the following virtual components: *Four virtual machines (Virtual OS 1, Virtual OS 2, etc.) *One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Give the port configuration for the virtual switch and the physical switch in the table below, click on on all of the virtual and physical machines Virtual OS 1 can communicate with. Virtual Switch - P1 - Virtual OS 1- Virtual Network1 P2 - Virtual OS 2 - Virtual Network2 P3 - Virtual OS 3 - Virtual Network1 P4 - Virtual OS 4 - Virtual Network2 P5 - Virtual Switch - Virtual Network1, Physical Network Physical Switch P1 - Physical Switch - Physical Network P2 - Physica OS1 - Physical Network P3 - Physica OS2 - Physical Network P4 - Physica OS3 - Physical Network P5 - Physica OS4 - Physical Network

Virtual OS 3 Physical OS 1 Physical OS 2 Physical OS 3 Physical OS 4

You have configured a virtual network which includes the following virtual components Four virtual machines (i.e., Virtual OS1,Virtual OS2,etc.) One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Given the port configuration for the virtual switch and the physical switch in the table below, click on all of the virtual and physical machines that Virtual OS1 can communicate with.

Virtual OS2 & 3

You have configured a virtual network which includes the following virtual components Four virtual machines (i.e., Virtual OS1,Virtual OS2,etc.) One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Given the port configuration for the virtual switch and the physical switch in the table below, click on all of the virtual and physical machines that Virtual OS1 can communicate with.

Virtual OS2 & 3

You have configured a virtual network which includes the following virtual components Four virtual machines (i.e., Virtual OS1,Virtual OS2,etc.) One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Given the port configuration for the virtual switch and the physical switch in the table below, click on all of the virtual and physical machines that Virtual OS1 can communicate with.

Virtual OS3 Physical OS1-4

Which of the following terms describes a test lab environment that does not require the use of physical hardware? offsite virtual storage VLAN Network as a service (NaaS) Virtual sandbox

Virtual sandbox

You need to provide DHCP and file share services to a physical network. These services should be deployed using virtualization. Which type of virtualization should you implement?

Virtual servers

You need to provide DHCP and file share services to a physical network.These services should be deployed using virtualization. Which type of virtualization should you implement?

Virtual servers

You need to provide DHCP and file sharing services to a physical network. These services should be deployed using virtualization. Which type of virtualization should you implement?

Virtual servers.

Which component is most likely to allow physical and virtual machines to communicate with each other?

Virtual swich

What type of component is most likely to allow physical and virtual machines to communicate with each other?

Virtual switch

Which component is most likely to allow physical and virtual machines to communicate with each other?

Virtual switch

What is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found?

Virus

What is the common name for a program that has no useful purpose,m but attempts to spread itself to other systems and often damages resources on the system where it is found? \

Virus

Which of the following social engineering attacks use Voice over IP (VoIP) to gain sensitive information?

Vishing

What is the main difference between vulnerability scanning and penetration testing? The goal of vulnerability scanning is to identify potential weaknesses; the goal of penetration testing is to attack a system. Vulnerability scanning is performed with a detailed knowledge of the system; penetration testing starts with no knowledge of the system. Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter. Vulnerability scanning uses approved methods and tools; penetration testing uses hacking tools.

Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.

You need to add security for your wireless network. You would like to use the most secure method. Which method should you implement.

WPA2

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. What should you do?

Wait for convergence to take place.

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24.The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed.You need to make the change with the least amount of effort possible.What should you do?

Wait for convergence to take place.

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configure dto use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. What should you do?

Wait for convergence to take place/

You are configuring a firewall to allow access to a server hosted on the demilitarized zone of your network. You open TCP/IP ports 80, 25, 110, 143. Assuming that no other ports on the firewall need to be configured to provide access, what application are most likely to be hosted on the server?

Web server, e-mail server

A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind production. The email is sent from someone she doesn't know and he is asking for immediate clarification on several of the project's details so the project can get back on schedule. Which type of an attack best describes the scenario?

Whaling

punch-down tool

When terminating wires on a punch-down block (for example, a 110 block), you should use a this, which is designed to properly insert an insulated wire between two contact blades in a punch-down block, without damaging the blades.

When would choosing to do nothing about an identified risk be acceptable? When the threat is likely to occur less than once a year When the asset is an intangible asset instead of tangible asset When the cost of protecting the asset is greater than the potential loss when the threat is most likely to come from an internal source instead of an external source

When the cost of protecting the asset is greater than the potential loss

BERT

When troubleshooting a link where you suspect a high bit-error rate (BER), you can use this which contains both a pattern generator (which can generate a variety of bit patterns) and an error detector (which is synchronized with the pattern generator and can determine the number of bit errors) and can calculate a BER for the tested transmission link.

Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.

White box test The tester has detailed information about the target system prior to starting the test. Grey Box test The tester has the same about of information that would be available to a typical insider in the organization. Black box test The tester has no prior knowledge of the target system. Single blind test Either the attacker has prior knowledge about the target system, or the administrator knows that the test is being performed. Double blind test The tester does not have prior information about the system and the administrator has no knowledge that the test is being performed

You want to use the T568B standard for adding connectors to your Cat5 cable. Starting with pin 1, which order should you use for the wires within the connector?

White/orange, orange, white/green, blue, white/blue, green, white/brown, brown The T568A standard switches the green and orange wires (along with their corresponding white wires). Use the order Blue-Orange-Green-Brown (BLOG), with the white wire first, for connecting wires on a 110 punchdown block.

Which of the following documents would likely identify that drop cables on your network use the T568A standard? Policy Baseline Change log Network diagram Wiring schematic

Wiring schematic

You are troubleshooting a workstation connection to the network. During your troubleshooting, you move the cable in the wiring closet to a different port on the patch panel. Which type of document should you update? Wiring schematic logical network diagram Baseline Procedure

Wiring schematic

Which of the following benefits apply only to creating VLANs with switches and not to segmenting the network with regular switches?

You can create multiple broadcast domains

You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a cross-over plenum UTP cable that will be run through the suspended tile ceiling for the data center. what is wrong with this configuration? select two

You should implement a UPS between the wall outlet and the network devices You should implement redundant power supplies for the network devices

The power supply in a tower server system has malfunctioned. To get the server back on line, you decide to open the server case and open it. You place the server on a static mat. ground the server's case to the mat. and then ground yourself to the mat with a wristband. Next, you remove the power supply unit from the server and open it up. To identify which component has failed. you plug in the power supply to the wall outlet and then use a multi meter to test the various components within it. Which safety rules were violated in this scenario?(select two.) You should unplug a device from the wall outlet before connecting yourself to it with a static wristband You should never open a computer supply. You should never use a static wristband when working on computer systems you should never use a static mat when working on computer systems. A toner probe should be used to test a power supply, not a multi meter

You should unplug a device from the wall outlet before connecting yourself to it with a static wristband You should never open a computer supply.

You have just downloaded a file. You created a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file?

Your copy is the same as the copy posted on the website

You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file?

Your copy is the same as the copy posted on the website. A hash is a function that takes a variable-length string (message) and compresses and transforms it into a fixed-length value. Hashes ensure the data integrity of files and messages in transit. The sender and the receiver use the same hashing algorithm on the original data. If the hashes match, then the data can be assumed to be unmodified. Hashes do not ensure confidentiality (in other words, hashes are not used to encrypt data).

Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack?

Zero knowledge team

Which of the ff. are disadvantages to server virtualization?

a compromise of the host system might affect multiple servers;

Which of the following is an example of a strong password?

a8bT11$yi (a strong password should not contain dictionary words or any part of the login name. They should include upper-and lower-case letters, and symbols. In addtioin, longer passwords are stronger than shorter passwords.

One of the components of Simple Network Management Protocol (SNMP) is an alert. Which of the following best describes an SNMP alert? a. An event configured on an agent. When the event occurs, the agent logs details regarding the event b. Sends a message via email or SMS when an event occurs c. Uses GETNEXT messages to navigate the structure of an MIB d. A message sent from a management system, requesting info about a specific OID

b. Sends a message via email or SMS when an event occurs

Which type of attack is the act of exploiting a software program's free acceptance of input in order to execute arbitrary code on a target?

buffer overflow

Network needs to support 1000 Mbps over ethernet. What cables must you replace?

cat 3 cat4

To optimize your network, you want to configure your wireless AP to use a channel that meets the following criteria. non-overlapping, low utilization, low interference.

channel 1

To help prevent browser attacks, users of public computers should do which of the ff.?

clear the browser cache

You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this?

client-side scripts

during the application dev cycle, a developer asks serveral of his peers to asses the portion of the application he was assigned to write

code review

You manage a network with a single switch. On each switch port, a hub connects multiple devices to the switch. which condition are you most likely to experience on the network ?

collisions

Network

computer system controlled by a single organization.

during the application development cycle, an application tester creates multiple virtual machines on a hypervisor, each with a different version

configuration testing

Which of the ff. is a text file provided by a Web site to client that is stored on a user's hard drive in order to track and record information about the user?

cookie

Use of which of the ff. is a possible violation of privacy?

cookies

Wireless Local Area Network (WLAN)

covers an area that is roughtly the same size as a standard LAN but uses radio signals instead of wires.

Baseband communication

entire network medium as a single transmission channel. One channel is used for standard analog voice phonecalls. other used for digital network data.

Which of the following intrusion detection and prevention systems use fake resources to entice intruders by displaying a vulnerability, configuration flaw, or valuable data?

honeypot

You are in the process of configuring an iSCSI storage area network (SAN) for your network.... Which tool should you use?

iSCSI Initiator

Your wireless network consists of multiple 802.11n access points that are configured as follows... what should you do

implement antenna diversity

an attacker inserts SQL database commands into a data input field of an order form used by a web-based application

implementing client-side validation

In a SAN implementation, the servers that connect to shared storage devices are called___________________.

initiators

Which of the ff. is specifically meant to ensure that a program operates on clean, correct and useful data?

input validation

while using a web-based order form, an attacker enters an unusually large value in the quantity field. the value she entered is so large that it exceeds the maximum value supported by the variable type used to store the quantity in the web application.

integer overflow

Application (Layer 7)

integrates network functionality into the host operating system and enables network services. does not include specific applications but rather provides the capability for services to operate on the network. operate multiple layers. Layers include HTTP, Telnet, FTP, TFTP, SNMP

Which command would you use on a switch to enable management from a remote network?

ip default-gateway 192.168.10.185

What is the most common failure of a security policy in an environment? Improperly outlined procedures overlooked critical assets lack of user awareness failure to assign responsibilities

lack of user awareness

Switches running the STP are in the process of exchanging BPDUs and defining their roles. In what state are the switches?

listening

flash explotation

lso exploit

You have decided to conduct a business meeting at a local coffee shop. The coffee shop you chose has a wireless hotspot for its customers who want Internet access. You decide to check your e-mail before the meeting begins, but when you open the browser you cannot gain Internet access. Other customers are on the Internet and because you use a wireless connection at work, you are sure your laptops wireless adapter works. What is the likely cause of this problem?

mismatched SSID

You manage a network with multiple subnets connected to the internet..... which of the following is likely the cause of the problem?

missing default route on a router

you work for a large, multinational organizaiotn that has an extensive global network that is interconnected using WAN links and routers.... what does this mean?

one of the intermediate routers is an MTU black hole

you install a new linux distribution on a server in your network.

open SMTP relay

Host Role

peer-to-peer and client-server

Peer-to-Peer

peer-to-peer network makes it so each host can provide network resources to other hosts or access resources located on other hosts.

What common design feature among Instant Messaging clients make them more insecure than other means of communicating over the Internet?

peer-to-peer networking

users in your organization receive email messages informing them that suspicious activity has be detected on their bank account

phishing

Instant Messaging does not provide which of the ff.?

privacy

De-multiplexing

provides opposite function, combining signals from multiple channels into single channel.

Network Access

responsible for describing the physical layout of the network and how messages are formatted on the transmission medium

Host-to-host

responsible for error checking and reliable packet delivery

Internet OSI

responsible for moving packets through a network

which of the following utilties would you use to view the routing table?

route

which of the following commands woudl display the outputs shown here?

route print

Which of the following commands would display the output shown here?

route print.

Which of the following utilities would you use to view the routing table?

route.

Sampling size

sampling frequency which is the number of samples per second in a sound.

Which connector is usually on one end of a rollover?

serial

an attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware

spam

Which feature prevents switching loops and ensures there is only a single active path between any two switches?

spanning trees

Each of the following tools used to check the health of a network. Which of these is typically used to managing and sending messages from one computer system to another?

syslog

What is the primary purpose of penetration testing? test the effectiveness of security perimeter Infiltrate a competitor's network Evaluate newly deployed firewalls Assess the skill level of new IT security staff

test the effectiveness of security perimeter

Examine the following output: 4 22 ms 21 ms 22 ms sttlawa01gr02.bb.ispxy.com [154.11.10.62] 5 39 ms 39 ms 65 ms plalca01gr00.bb.ispxy.com [154.11.12.11] 6 39 ms 39 ms 39 ms Rwest.placa01gr00.bb.ispxy.com [154.11.3.14] 7 40 ms 39 ms 46 ms svl-core-03.inet.ispoxy.net [205.171.206.29] 8 75 ms 117 ms 63 ms dia-core-01.inet.ispxy.net [205.151.142.1] Which of the following produced this output?

tracert.

Which TCP/IP utility gives you the following output? 2 14 ms <10 ms 14 ms Loopback0.GWI.SLT1.ALTER.NET [137.39.2.123] 3 14 ms <10 ms 13 ms 122.at-6-0-0.XR1.SLT4.ALTER.NET [152.63.91.86] 4 <10 ms 14 ms <10 ms 0.so-0-1-0.TL1.SLT4.ALTER.NET [152.63.1.210] 5 41 ms 41 ms 41 ms 0.so-7-0-0.TL1.PQR3.ALTER.NET [152.63.32.41] 6 42 ms 41 ms 41 ms 0.so.6-0-0.XL1.SEA1.ALTER.NET [152.63.38.82] 7 41 ms 41 ms 41 ms PQS6-0.GW11.SEA1.ALTER.NET [152.63.107.17]

tracert.

You are the network administrator of a branch office of your company. The branch office network is part of a WAN that covers most of the United States. The office has two Windows 2000 servers, two UNIX severs, one Windows NT server, 90 Windows 98 clients, 40 Windows 2000 Professional clients, and five Macintosh clients. Users have been complaining that they are unable to access resources over the WAN at the main headquarters. You suspect that one of the routers between your office and the main headquarters is not working properly. What TCP/IP utility can you use to see if a router is not working properly?

tracert.

You have installed anti-virus software on computes at your business. Within a few days. however, you notice one computer has a virus, When you question the user, she says she did install some software a few days ago, but it was supposed to be a file compression utility. she admits she did not scan the file before running it. What should you add to your security measures to help prevent this from happening again? Account lockout proxy server close unused firewall ports user awareness training

user awareness training

While developing a network application, a programmer adds functionally that allows her to access the running program, without authentication, to capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application. What type of security weakness does this represent?

Backdoor

A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computers represent?

Botnet A botnet refers to a collection of zombie computers which are commanded from a central control infrastructure to propagate spam or to collect usernames and passwords to access secure information.

Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?

Buffer overflow A buffer overflow occurs when software code receives too much input than it was designed to handle and when the programmer of that code failed to include input validation checks. When a buffer overflow occurs, the extra data is pushed into the execution stack and processed with security context of the system itself. In other words, a buffer overflow attack often allows the attacker to perform any operation on a system.

You are building a wireless network within and between two buildings. The buildings are separated by more then 3000 feet. The wireless network should meet the following requirements....

Building 1-location A Right-facing directional Antenna/WPA2 with CCMP Building 1-location B Omni directional Antenna/WPA2 with CCMP Building 1-location C Left-facing directional Antenna/WPA2 with CCMP Building 1-location D Right-Facing Parabolic Antenna/WPA2 with CCMP Building 2-location A Omni Directional/WEP with Open authentication Building 2-location B Left-facing Parabolic Antenna/WPA2 with CCMP

In business continuity planning, what is the primary focus of the scope?

Business processes Company assets are the focus of risk assessment for security policy development, not BCP. Human life and safety are considerations for emergency response, but are not the focus of the BCP scope. Recovery time objective is a consideration in the development of emergency response, not an aspect of BCP scope.

Match each wireless term or concept on the left with its associated description on the right

Compares the level of the WIFI signal to the level of background radio signals/ Signal to Noise ratio Checks channel utilization and identifies sources of RF inference/ Spectrum analysis Identifies how strong a radio signal is at the receiver/Received Signal Level Identifies the number of useful bits delivered from the senders to the receiver/ Causes multiple copies of the same radio signal to be received by the receiving antenna/ Bounce Degrades wireless network performance/ Device saturation

You have a website that uses multiple servers for different types of transactions. For example, one server is responsible for static web content, while another is responsible for secure transactions. You would like to implement a devices to speed up access to your web content..... Which type of device should you choose?

Content switch

Which type of Denial of Service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses?

DNS poisoning

A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the router back online. After doing some research you find that the most likely cause of the problem is a bug in the router's software. A new patch is available from the manufacturer that is supposed to eliminate the problem. What should you do next?

Identify possible effects of the solution.

A user reports that he cant connect to a specific Web site. You go to the user's computer and reproduce the problem. What should you do next?

Identify the affected areas of the network.

A user is unable to connect to the network. You investigate the problem and determine that the network adapter is defective. You replace the network adapter and verity that it works. What should you do next?

Identify the results and effects of the solution

Your company leases a very fast Internet connection and pays for it based on usage. You have been asked by the company president to reduce Internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection, without decreasing performance. What is the best way to do this?

Install a proxy server

When recovery is being performed due to a disaster, which services are to be stabilized first?

Mission critical The services to be restored first are mission critical services. If mission critical services are not restored within their maximum tolerable downtime, the organization is no longer viable.

You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?

On a RADIUS server 802.1x authentication uses usernames and passwords, certificates, or devices such as smart cards to authenticate wireless clients. Authentication requests received by the wireless access point are passed to a RADIUS server which validates the logon credentials (such as the username and password).

A Smurf attack requires all but which of the following elements to be implemented?

Padded cell A padded cell is a type of intrusion enticement mechanism similar to a honey pot. A padded cell is a simulated network environment that is created when an intruder is detected. The intruder is transferred into the padded cell where all of its activities are monitored and logged while isolating the intruder from all sensitive information or controls.

A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts. Which process did the administrator use in the penetration test in this scenario?

Passive fingerprinting Passive fingerprinting is a form of system enumeration that is designed to gain as much information about network computers as possible. It passively listens to network traffic generated by network hosts and attempts to identify which operating systems are in use based upon the ICMP message quoting characteristics they use. Portions of original ICMP requests are repeated (or quoted) within each response. Each operating system quotes this information back in a slightly different manner.

An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information. What kind of exploit has been used in this scenario? (Choose two. Both responses are different names for the same exploit.)

Pharming DNS poisoning

An attacker is trying to compromise a wireless network that has been secured using WPA2-PSK and AES. She first tried using AirSnort to capture packets, but found that she couldn't break the encryption. As an alternative, she used software to configure her laptop to function as an access point. She configured the fake access point with the same SSID as the wireless network she is trying to break into. When wireless clients connect to her access point, she presents them with a web page asking them to enter the WPA2 passphrase. When they do, she then uses it to connect a wireless client to the real access point. What attack techniques did the attacker use in this scenario? (Select two.)

Pharming Evil twin • Evil twin: In this exploit, an attacker near a valid wireless access point installs an access point with the same (or similar) SSID. • Pharming: In this exploit, the access point is configured to display a bogus web page that prompts for credentials, allowing the attacker to steal those credentials.

You want to connect your client computer to a wireless access point connected to your wired network at work. The network administrator tells you that the access point is configured to use WPA2 Personal with the strongest encryption method possible. SSID broadcast is turned off. Which of the following must you configure manually on the client? (Select three.)

Preshared key AES SSID WPA2 Personal uses a shared key for authentication. Once authenticated, dynamic keys are generated to be used for encryption. WPA2 supports AES and TKIP encryption, with AES being the stronger encryption method. With the SSID broadcast turned off, you will need to manually configure the SSID on the client.

Which type of device is required to implement port authentication through a switch?

RADIUS server Port authentication is provided by the 802.1x protocol, and allows only authenticated devices to connect to the LAN through the switch. 802.1x requires a RADIUS server (also called an AAA server) to validate the authentication credentials.

What is the primary security feature that can be designed into a networks infrastructure to protect and support availability?

Redundancy

Even if you perform regular backups, what must be done to ensure that you are protected against data loss?

Regularly test restoration procedures

Which of the following is undetectable software that allows administrator-level access?

Rootkit

Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?

Smurf Smurf is a form of denial of service attack which uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network.

What is modified in the most common form of spoofing on a typical IP packet?

Source address

An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware. What kind of attack has occurred in this scenario?

Spam

Match each troubleshooting command on the left with its function on the right. each utility may be used one, more than once, or not at all

Tests connectivity between two network hosts by sending IPv4 ICMP echo requests packets without modifying the TTL parameters/Ping Computes lost/sent packet statistics for each hop in the route between two hosts/ Pathping Used on Linux systems to identify the route between two IPv6 hosts/ Tracetroute6 Used on Windows systems to identify the route between two IPv4 hosts/ Tracert Tests connectivity IPV6/

A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind production. The email is sent from someone she doesn't know and he is asking for immediate clarification on several of the project's details so the project can get back on schedule. Which type of an attack best describes the scenario?

Whaling Whaling is a form of a social engineering attack that is targeted to senior executives and high profile victims. Social engineering is an attack that exploits human nature by convincing someone to reveal information or perform an activity.

Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.

White box test The tester has detailed information about the target system prior to starting the test. Grey box test The tester has the same amount of information that would be available to a typical insider in the organization. Black box test The tester has no prior knowledge of the target system. Single blind test Either the attacker has prior knowledge about the target system, or the administrator knows that the test is being performed. Double blind test The tester does not have prior information about the system and the administrator has no knowledge that the test is being performed.

Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack?

Zero knowledge team A zero knowledge team is a penetration testing team which most closely simulates a real-world hacker attack as they must perform all of the initial blind reconnaissance.

You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do? a. Implement version 3 of SNMP b. Implement a RADIUS solution c. Combine SNMP with SSL d. Use SSH instead of SNMP

a. Implement version 3 of SNMP


Conjuntos de estudio relacionados

HTML, CSS, JS Interview Questions

View Set

Literacy Grammar: Modifiers - Details in Writing

View Set

PMP Ch 4 - Scope Management Questions (Rita Ch 5)

View Set