NetworkExam4
A network technician has configured a point-to-point interface on a router. Once the fiber optic cables have been run, though, the interface will not come up. The technician has cleaned the fiber connectors and used an optical power meter to confirm that light is passing in both directions without excessive loss. What is the MOST likely cause of this issue?
Wavelength mismatch. Wavelength mismatch is when one or more wavelengths in a fiber optic cable are unequal and cannot be measured using an optical power meter. Cross-talk and EMI are both elements that are irrelevant to Fiber optics.
A technician wants to update the organization's disaster recovery plans. Which of the following would allow network devices to be replaced quickly in the event of a device failure?
Archives/Backups. Having backups of the server data would allow for a quick recovery in the event of a device failure.
Exploiting a weakness in a user's wireless headset to compromise the mobile device is known as what?
Bluejacking. Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs, or laptop computers or sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another.
You are conducting a port scan of an older server on your network to determine what services are being run on it. You find that port 80 and 443 are open, but port 20 and 21 are reported as closed. All other ports are reported as FILTERED. Based on this report, what can you determine about the server?
The server is running as a web server and is denying any other requests. When a port scanner returns a result of CLOSED, it means the service is denying the inbound traffic on that port. In this case, it is denying FTP traffic on ports 20 and 21. This server is running a web server (port 80 and 443), but those are showing as OPEN and receiving traffic. All the FILTERED ports are being blocked by the network firewall.
On which type of cable is an F-connector is used?
RG6. An F connector is a coaxial RF connector commonly used for cable television with an RG6 cable. RG6 is a type of coaxial cable used to transmit audio and video signals to devices such as television sets.
What is used to authenticate remote workers who connect from offsite?
802.1x. 802.1x can be used because it is designed to enhance the security of wireless local area networks (WLANs) . WLANs provide an authentication framework, allowing a user to be authenticated by a central authority. RADIUS (Remote Authentication Dial-In User Service) allows a company to maintain user profiles in a central database that all remote servers can share. It provides better security, allowing a company to set up a policy that can be applied at a single administered network point. Remote users connect to one or more Remote Access Servers. The remote access servers then forward the authentication requests to the central RADIUS server. 802.1X is an IEEE Standard for Port-based Network Access Control (PNAC). It provides an authentication mechanism to devices wishing to attach to a network. 802.1X authentication involves three parties: a supplicant, an authenticator, and an authentication server. The supplicant is a client that wishes to attach to the network. The authenticator is a network device, such as an Ethernet switch, wireless access point or in this case, a remote access server and the authentication server is the RADIUS server.
You are installing a Small Office/Home Office (SOHO) network consisting of a router with 2 ports, a switch with 8 ports, and a hub with 4 ports. The route has one port connected to a cable modem and one port connected to switch port #1. The hub's first port is connected to switch port #2. Based on the description provided, how many collision domains exist in this network?
9. Based on the description provided, there are 9 collision domains. Each port on the router is a collision domain (2), each port on the switch is a collision domain (8), and all of the ports on the hub make up a single collision domain (1). But, since one of the ports on the router is connected to one of the ports on the switch, they are in the same collision domain (-1). Similarly, the hub and the switch share a common collision domain with their connection to each other over the switch port (-1). This gives us 9 collision domains total: the 8 ports on the switch, and the 1 port on the route that is used by the cable modem.
Which of the following devices does a CSU/DSU connect?
A CSU/DSU device is designed to connect a terminal device to a T1 line. The terminal device or Data Terminal Equipment (DTE) such as a router will connect to the T1 line via CSU/DSU (Channel Service Unit/Data Service Unit).
A company-wide audit revealed employees are using company laptops and desktops for personal use. To prevent this from occurring, in which document should the company incorporate the phrase "Company-owned IT assets are to be used to perform authorized company business only"?
AUP. Acceptable Use Policy dictates what types of actions an employee can or cannot do with company-issued IT equipment.
A network administrator is configuring a VLAN across multiple switches. The administrator wants to configure the VLAN once and have that configuration propagate to all of the switches in the network. Which of the following should the administrator do?
Configure the switches to utilize VTP. VLAN Trunking Protocol (VTP) shares VLAN information to all switches in a network.
A customer's email service is not sending emails anymore. What is the correct order that you should follow to perform the troubleshooting steps?
Determine if any recent changes; Establish a theory of cause; Test the theory of cause; Establish a plan of action; Implement the solution; Verify full system functionality; Implement preventative measures; Document findings, actions and outcomes
You have been asked by the physical security manager to assist with his risk assessment of his proposed security measures. He is concerned that during a power outage, the server room might be the target of an attack. Luckily, he has many different protection measures in place to keep intruders out of the server room. During a power outage, which of the following security controls would still be usable?
Door locks. A traditional door lock doesn't require power to operate, therefore it will still provide protection to the keep the intruder out of the server room. The other options all require power to function and operate.
A technician just completed a new external website and setup access rules in the firewall. After some testing, only users outside the internal network can reach the site. The website responds to a ping from the internal network and resolves the proper public address. What can the technician do to fix this issue while causing internal users to route to the website using an internal IP address?
Implement a split horizon DNS. Split Domain Name System (Split DNS) is an implementation in which separate DNS servers are provided for internal and external networks as a means of security and privacy management.
What anti-malware solution should be implemented to deter attackers from loading custom files onto a distributed target platform?
Network-based anti-malware. The network-based anti-malware can keep the system secure by testing all communications to/from a distributed target platform.
A network technician is using telnet to connect to a router on a network that has been compromised. A new user and password has been added to the router with full rights. The technician is concerned that the regularly used administrator account has been compromised. After changing the password on all the networking devices, which of the following should the technician do to prevent the password from being sniffed on the network again?
Only allow administrators to access routers using port 22. Port 22 uses SSH to authenticate a remote computer or user, or in this case, an administrator. Even if the router has been compromised, the new full rights user would not be able to access their new account without the SSH key, which could only be provided by a true administrator. Telnet uses port 23 and passes all information as unencrypted traffic on the network. Telnet should always be disabled for security reasons and SSH (which uses encryption) should be used instead.
A network technician is asked to redesign an Ethernet network before some new monitoring software is added to each workstation on the network. The new software will broadcast statistics from each host to a monitoring server for each of the five departments in the company. The added network traffic is a concern of management that must be addressed. How should the technician design the new network?
Placing each of the departments on separate VLANs will help minimize the added network traffic. VLANs work by taking multiple physical hosts and LANs and configuring them to act as if they were attached to the same Ethernet switch.
You are working as a network technician and need to create several Cat 5e network cables to run between different computers and the network jacks on the wall. The connections between the switch and the patch panel, and the patch panel and the wall jacks have already been installed and tested. Which of the following tools would NOT be necessary to complete this task?
Punchdown tool. A punchdown tool is used to connect a network cable (such as Cat 5e) to a patch panel, 110-block, or the inside portion of a wall jack, therefore it is not needed for this task. A wire stripper is used to remove the outer plastic shielding from the Cat 5e cable so that you can reach the inner wiring pairs. The RJ-45 connectors are used to make the connection between the cable and a network jack, and the cable crimper is used to ensure the RJ-45 connector stays attached to the end of the Cat 5e cable.
An administrator has configured a new 100Mbps WAN circuit, but speed testing shows poor performance when downloading larger files. The download initially reaches close to 100Mbps but begins to drop and show spikes in the download speeds over time. The administrator checks the router interface and sees the following: NETRTR01# show interface eth 1/1 GigabitEthernet 1/1 is up, line is upHardware is GigabitEthernet, address is 000F.33CC.F13AConfigured speed auto, actual 1Gbit, configured duplex fdx, actual fdxMember of L2 VLAN 1, port is untagged, port state is forwarding What is the issue?
Remove default 801.q tag and set to server VLAN. Since the VLAN port is untagged, it can be slowing down performance. It is recommended to remove the default VLAN tag and setup a server VLAN to increase performance.