101 FINAL EXAM STUDY GUIDE
On a Cisco switch, what would the security association identifier be for VLAN 13? A - 100013 B - 1013 C - 5013 D - 1000130
A - 100013
A network with 10 bits remaining for the host portion will have how many usable host addresses? A - 1022 B - 510 C - 2046 D - 4192
A - 1022
Given a host IP address of 172.16.1.154 and a subnet mask of 255.255.254.0, what is the network ID for this host? A - 172.16.0.0 B - 172.16.1.0 C - 172.16.2.0 D - 172.0.0.0
A - 172.16.0.0
How many /64 subnets can be created within a /56 prefix? A - 256 B - 512 C - 1024 D - 2048
A - 256
How large is the 802.1Q tag that is added to an Ethernet frame when using VLANs? A - 4 bytes B - 8 bytes C - 12 bytes D - 20 bytes
A - 4 bytes
How many subnets can a /48 site prefix support? A - 65,536 subnets B - 16384 subnets C - 131,072 subnets D - 256 subnets
A - 65,536 subnets
The wireless spectrum, as defined by the FCC, spans between which two frequencies? A - 9 kHz and 300 GHz B - 125 kHz and 150 GHz C - 3 kHz and 500 GHz D - 3 MHz and 300 GHz
A - 9 kHz and 300 GHz
What type of scenario would be best served by using a Platform as a Service (PaaS) cloud model? A - A group of developers needs access to multiple operating systems and the runtime libraries that the OS provides. B - An organization wishes to gain access to applications through an online user interface, while maintaining compatibility across operating systems. C - An organization needs to have a hosted virtual network infrastructure for their services, which are run on virtual machines. D - A small organization needs to have high availability for their web server.
A - A group of developers needs access to multiple operating systems and the runtime libraries that the OS provides.
What statement correctly describes a stateless firewall? A - A stateless firewall manages each incoming packet as a stand-alone entity, without regard to currently active connections. B - A stateless firewall inspects each incoming packet to determine whether it belongs to a currently active connection. C - A stateless firewall blocks designated types of traffic based on application data contained within packets. D - A stateless firewall filters packets based on source and destination IP addresses.
A - A stateless firewall manages each incoming packet as a stand-alone entity, without regard to currently active connections.
Of all the DSL standards, which is the most commonly in use today? A - ADSL B - VDSL C - SDSL D - G.Lite
A - ADSL
Which Bluetooth power class allows for a maximum power output of 100 mW and a range of up to 100 m? A - Class 1 B - Class 2 C - Class A D - Class X
A - Class 1
What special enterprise VPN supported by Cisco devices creates VPN tunnels between branch locations as needed rather than requiring constant, static tunnels? A - Dynamic Multipoint VPN B - Dynamic SmartVPN C - Symmetric VPN Autodial D - Auto Switched VPN Service
A - Dynamic Multipoint VPN
Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers? A - IaaS B - PaaS C - SaaS D - XaaS
A - IaaS
At what point is a packet considered to be a giant? A - It becomes a giant when it exceeds the medium's maximum packet size. B - It becomes a giant when it exceeds 1500 bytes. C - It becomes a giant only when fragmented pieces are reassembled and the packet size is too large. D - It becomes a giant once a VLAN tag is added.
A - It becomes a giant when it exceeds the medium's maximum packet size.
What is the purpose of the Layer 2 LLC sublayer? A - It is used to handle multiplexing, flow and error control, and reliability. B - It is used to manage MAC addresses in message frames. C - It performs management of the physical layer's modulation techniques. D - It is used to manage low-level encryption on a network.
A - It is used to handle multiplexing, flow and error control, and reliability.
Why is the telnet utility a poor choice for remote access to a device? A - It provides poor authentication and no encryption. B - It provides no mechanism for authentication. C - It cannot be used over a public WAN connection. D - It does not allow for control of a computer remotely
A - It provides poor authentication and no encryption.
What optional protocol can be used in 802.11 to reserve the medium for one node's use? A - RTS/CTS (Request to Send/Clear to Send) B - RAR/CTU (Reserve Airtime Request/Clear to Use) C - HA/RA (Hold Airtime/Reserved Airtime) D - RT/FT (Request Time/Fair Time)
A - RTS/CTS (Request to Send/Clear to Send)
When using Spanning Tree Protocol, what is the first step in selecting paths through a network? A - STP must first select the root bridge, or master bridge. B - STP examines the possible paths between all other bridges. C - STP disables links that are not part of a shortest path. D - STP begins to block BPDUs on non-designated ports.
A - STP must first select the root bridge, or master bridge.
On an ATM network, how is the path that data will take determined? A - Switches determine the optimal path between sender and receiver, and then establish the path before transmission. B - Data is transmitted, and then the path taken will vary depending on the load encountered at each ATM participant node. C - A frame relay route table establishes each hop that will be taken to a single destination. D - When data is ready to be transmitted, an ATM participating router will contact the destination ATM router, establish a tunnel, then pass the data.
A - Switches determine the optimal path between sender and receiver, and then establish the path before transmission.
You are troubleshooting a client's wireless networking issue. Which of the following will prevent the client from connecting to the network? A - The client has a wireless profile configured for the "campus" SSID, but the access point is broadcasting the "CAMPUS" SSID. B - The client is using an 802.11n wireless adapter, but the access point only supports up to 802.11g. C - The client is using a network adapter with outdated firmware. D - The client is only able to get line of sight with an omnidirectional antenna.
A - The client has a wireless profile configured for the "campus" SSID, but the access point is broadcasting the "CAMPUS" SSID.
Which statement regarding the use of a bridged mode vNIC is accurate? A - The vNIC will its own IP address on the physical LAN. B - The vNIC will be assigned a NAT-ed IP address. C - The vNIC will only be able to communicate across the bridge to the host PC. D - The vNIC will utilize the host PC's IP address.
A - The vNIC will its own IP address on the physical LAN.
Which file transfer protocol has no authentication or security for transferring files, uses UDP, and requires very little memory to use? A - Trivial FTP (TFTP) B - Secure FTP (SFTP) C - FTP Secure (FTPS) D - File Transfer Protocol (FTP)
A - Trivial FTP (TFTP)
You have been asked by your superior to configure all Cisco network switches to allow only acceptable MAC addresses through switch access ports. How is this accomplished? A - Use the switchport port-security command to enable MAC filtering. B - Use the mac-limit command to prevent more than one MAC from being accepted. C - Use the allowed-mac command to filter by MAC address. D - Use the secure port mac-address command to limit the port to learned addresses only.
A - Use the switchport port-security command to enable MAC filtering.
What 802.11 frame type is involved in association and reassociation, including probe and beacon frames? A - management frames B - control frames C - data frames D - extended frames
A - management frames
VMware's AirWatch and Cisco's Meraki Systems Manager are both examples of what type of software? A - mobile device management software B - software defined network software C - virtual device management software D - cloud network management software
A - mobile device management software
Each managed object on a managed device using SNMP is assigned which of the following? A - object identifier (OID) B - TCP/UDP port C - process ID D - inode number
A - object identifier (OID)
All wireless signals are carried through the air by electromagnetic waves. True False
True
Although MPLS can operate over Ethernet frames, it is more often used with other Layer 2 protocols, like those designed for WANs. T/F
True
An 802.11 data frame contains four address fields, in contrast to the two address fields in 802.3 Ethernet. True False
True
An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models. T/F
True
By default, Active Directory is configured to use the Kerberos protocol, but can be configured to use LDAP or a combination of LDAP and Kerberos. T/F
True
By default, the native VLAN is the same as the default VLAN. T/F
True
Class of Service utilizes 8 levels of priority, and modifies the PCP field in an 802.1Q tag. T/F
True
Current research indicates that a long, random string of words, such as correct horse battery staple is more secure than a random series of letters, numbers, and symbols that is short enough to be remembered. T/F
True
Digital certificates are issued, maintained, and validated by an organization called a certificate authority (CA). T/F
True
IPv6 addressing does not utilize classful addressing, therefore every IPv6 address is classless. T/F
True
In a frame relay WAN, the ISP typically has the data circuit terminating equipment (DCE). T/F
True
In a public switched telephone network, lines are terminated at the central office. T/F
True
In order to identify the transmissions that belong to each VLAN, a switch will add a tag to Ethernet frames that identifies the port through which they arrive at the switch. T/F
True
Most UNIX and Linux desktop operating systems provide a GUI application for easily viewing and filtering the information in system logs. T/F
True
Most satellites circle the Earth 22,300 miles above the equator in a geosynchronous orbit. T/F
True
Network segmentation at Layer 2 of the OSI model is accomplished using VLANs. T/F
True
Office 365 is an example of an SaaS implementation with a subscription model. True False
True
Over a long-distance connection, using SSH keys is more secure than using passwords. T/F
True
PPP can support several types of Network layer protocols that might use the connection. T/F
True
Proxy servers and ACLs on network devices are examples of non-security devices with security features, while firewalls and IDS/IPS systems are the network's specialized security devices. T/F
True
Sudden unexplained increases in file sizes and unusual error messages with no apparent cause are both potential symptoms of a viral infection. T/F
True
The PEAP standard creates an encrypted TLS tunnel between the supplicant and the server before proceeding with the usual EAP process. T/F
True
The SNMP version 3 protocol introduces authentication, validation, and encryption for messages exchanged between devices and the network management console. T/F
True
The Virtual Network Computing (VNC) application uses the cross-platform remote frame buffer (RFB) protocol. True False
True
The Wi-Fi Protected Setup PIN can be easily cracked through a brute force attack. True False
True
The Wireless Personal Area Network (WPAN) is defined in the 802.15 standard. True False
True
The day after Patch Tuesday is informally dubbed Exploit Wednesday. T/F
True
The most secure Wi-Fi communication is made possible by combining a RADIUS server with WPA or WPA2, known as WPA-Enterprise or WPA2-Enterprise, respectively. True False
True
The storm-control command is a type of flood guard that is available on most major network switch vendor platforms. T/F
True
The supplicant is an EAP entity responsible for requesting authentication, such as a smartphone or laptop. T/F
True
The term malware is derived from a combination of the words malicious and software. T/F
True
The word "synchronous" as used in the name of Synchronous Optical Network means that data being transmitted and received by nodes must conform to a timing scheme. T/F
True
User access to network resources falls into one of these two categories: 1) the privilege or right to execute, install, and uninstall software, and 2) permission to read, modify, create, or delete data files and folders. T/F
True
Wireshark or any other monitoring software running on a single computer connected to a switch doesn't see all the traffic on a network, but only the traffic the switch sends to it, which includes broadcast traffic and traffic specifically addressed to the computer. T/F
True
You can find out where various logs are kept on some UNIX and Linux systems by viewing the /etc/syslog.conf or /etc/rsyslog.conf files. T/F
True
Which of the following suggestions can help prevent VLAN hopping attacks on a network? A - Install an additional switch to isolate traffic. B - Disable auto trunking and move native VLANs to unused VLANs. C - Install a router to process the untagged traffic on the VLAN. D - Use MAC address filtering.
B - Disable auto trunking and move native VLANs to unused VLANs.
What does the Common Address Redundancy Protocol do? A - It allows a pool of computers or interfaces to share the same MAC address. B - It allows a pool of computers or interfaces to share the same IP address. C - It allows multiple devices to share the same fully qualified domain name. D - It allows multiple devices to share hardware resources.
B - It allows a pool of computers or interfaces to share the same IP address.
How many transponders are contained within a typical satellite? A - 8 to 16 B - 16 to 24 C - 24 to 32 D - 32 to 48
C - 24 to 32
The C-Band utilized by satellites consists of what frequency range? A - 1.5 - 2.7 GHz B - 2.7 - 3.5 GHz C - 3.4 - 6.7 GHz D - 12 - 18 GHz
C - 3.4 - 6.7 GHz
802.11ac Wave 2 devices can theoretically support how much maximum throughput? A - 600 Mbps B - 1.3 Gbps C - 3.47 Gbps D - 6.93 Gbps
C - 3.47 Gbps
What is the maximum throughput of a DS3 connection? A - 1.544 Mbps B - 3.152 Mbps C - 44.736 Mbps D - 274.176 Mbps
C - 44.736 Mbps
In an 802.11 data frame, what is the size of the frame check sequence field? A - 2 bytes B - 4 bytes C - 6 bytes D - 8 bytes
C - 6 bytes
In an ISDN connection, what amount of throughput did a single B channel provide? A - 32 Kbps B - 48 Kbps C - 64 Kbps D - 96 Kbps
C - 64 Kbps
What is the maximum number of host IP addresses that can exist in a Class B network? A - 8190 B - 1022 C - 65,534 D - 32,766
C - 65,534
Which of the following is NOT a task that a VPN concentrator is responsible for? A - A VPN concentrator manages encryption for VPN transmissions. B - A VPN concentrator authenticates VPN clients. C - A VPN concentrator shuts down established connections with malicious traffic occurs. D - A VPN concentrator establishes tunnels for VPN connections.
C - A VPN concentrator shuts down established connections with malicious traffic occurs.
The Link Aggregation Control Protocol was initially defined by what IEEE standard? A - IEEE 802.3af B - IEEE 802.1cd C - IEEE 802.3ad D - IEEE 802.3bd
C - IEEE 802.3ad
A differential backup covers what data on a system? A - It includes all data every time it is performed. B - It includes only data that has changed since the last backup. C - It includes data that has changed since the last full backup. D - It includes data that has changed since the last incremental backup.
C - It includes data that has changed since the last full backup.
When using RFID, what is an ARPT (Active Reader Passive Tag)? A - It is a battery-powered tag actively transmits its credentials at regular time intervals, which can be read remotely. B - It is a tag that requires an active reader, but still contains a battery in the tag. C - It is a tag that is activated by an active reader, and uses power from the reader's radio to power its transmission. D - It is a tag that can be read remotely up to a distance of 50 m, but requires a powerful active reader.
C - It is a tag that is activated by an active reader, and uses power from the reader's radio to power its transmission.
When an 802.1Q tag is added to an Ethernet frame, where is it placed? A - It is inserted between the preamble and the destination address. B - It is appended to the end of the frame. C - It is inserted between the source address and the Ethernet type field. D - It is inserted between the destination and the source addresses.
C - It is inserted between the source address and the Ethernet type field.
In regards to the use of local authentication, what statement is accurate? A - Local authentication provides the most security. B - Local authentication is scalable for large networks. C - Local authentication is network and server failure tolerant. D - Local authentication does not allow for strong enough passwords.
C - Local authentication is network and server failure tolerant.
By default, what network connection type is selected when creating a VM in VMware, VirtualBox, or KVM? A - host-only mode B - bridged mode C - NAT mode D - lockdown mode
C - NAT mode
In a software defined network, what is responsible for controlling the flow of data? A - flow director B - vRouter C - SDN controller D - SDN switch
C - SDN controller
Which protocol designed to replace STP operates at Layer 3 of the OSI model? A - Rapid Spanning Tree Protocol (RSTP) B - Transparent Interconnection of Lots of Links (TRILL) C - Shortest Path Bridging (SPB) D - Multiple Spanning Tree Protocol (MSTP)
C - Shortest Path Bridging (SPB)
How does the 802.11 data frame indicate how a large packet should be fragmented? A - It uses the preamble header to estimate the ideal packet size. B - The frame check sequence dictates the calculated packet size. C - The sequence control field indicates how packets will be subdivided. D - The duration field determines how long the station can transmit a packet, which then determines how it is divided.
C - The sequence control field indicates how packets will be subdivided.
Where are MPLS labels placed within a frame? A - between the layer 3 header and the data payload B - between the data payload and the layer 2 trailer C - between the layer 2 header and the layer 3 header D - at the end of the layer 2 trailer
C - between the layer 2 header and the layer 3 header
What kind of firewall can block designated types of traffic based on application data contained within packets? A - stateful firewall B - stateless firewall C - content-filtering firewall D - packet-filtering firewall
C - content-filtering firewall
The combination of a public key and a private key are known by what term below? A - key set B - key team C - key pair D - key tie
C - key pair
The use of certificate authorities to associate public keys with certain users is known by what term? A - public-key organization B - certified infrastructure C - public-key infrastructure D - symmetric identification
C - public-key infrastructure
On a Linux based system, what command can you use to create a hash of a file using SHA-256? A - sha1sum B - md5sum C - sha256sum D - shasum -a 256
C - sha256sum
If multiple honeypots are connected to form a larger network, what term is used to describe the network? A - combolure B - lurenet C - honeycomb D - honeynet
D - honeynet
On certain Cisco products, what command can be used to create and send helper messages that support several types of UDP traffic, including DHCP, TFTP, DNS, and TACACS+? A - ip create helper server B - ip new helper C - set ip helper address D - ip helper-address
D - ip helper-address
In order to generate a public and private key for use with SSH, what command line utility should you use? A - key-generate B - gpg --ssh C - ssh-newkey D - ssh-keygen
D - ssh-keygen
A person posing as an employee strikes up a conversation with a legitimate employee as they walk into a secured area, in an attempt to gain access. What kind of social engineering is this? A - phishing B - baiting C - quid pro quo D - tailgating
D - tailgating
A RAID 5 configuration requires a minimum of two hard disks to operate. T/F
False
A Type 2 hypervisor installs on a computer before any OS, and is therefore called a bare-metal hypervisor. T/F
False
A hacker, in the original sense of the word, is someone with technical skill and malicious intent. T/F
False
A hot site consists of computers, devices, and connectivity necessary to rebuild a network exist, but without appropriate configuration. T/F
False
A native VLAN mismatch occurs when two access ports that are connected to each other are both tagging traffic with different VLAN IDs. T/F
False
A stateless firewall inspects each incoming packet to determine whether it belongs to a currently active connection. T/F
False
A system with an availability of 99.999% can be down for a maximum of 52 minutes per year. T/F
False
After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel. True False
False
All that is needed to provide communication between two VLANs is a DHCP relay agent. T/F
False
An 802.11ac signal can travel for approximately 2 miles from the source. T/F
False
An unmanaged switch can still support the creation of VLANs, provided there is an interface for configuration. T/F
False
CDMA (Code Division Multiple Access) is an open standard that is accepted and used worldwide. T/F
False
DSL services require many subscribers to share the same local line, causing potential security concerns. T/F
False
DSL signals travel over telephone lines using the 300 to 3300 Hz frequency range. T/F
False
Different types of organizations have similar levels of network security risks. T/F
False
Due to many vulnerabilities and a short key length, the WPA security standard was replaced with WEP. True False
False
FTPS (FTP Security or FTP Secure) and SFTP (Secure FTP) are two names for the same protocol. T/F
False
Infrared technology utilizes an LED that emits light with shorter wavelengths than red light. True False
False
It is ideal to use the same password for multiple different applications, provided the password is complex enough. T/F
False
NFC tags are very expensive and cannot be purchased blank, requiring them to be pre-loaded. True False
False
Network segmentation decreases both performance and security on a network. T/F
False
Of the three methods of access control (RBAC, DAC, and MAC), RBAC is the least secure of the options. T/F
False
Only Class B and Class C networks can be subnetted. T/F
False
Setting a NIC to run in promiscuous mode will allow it to see all network traffic passing through a network switch. T/F
False
The HTTPS (HTTP Secure) protocol utilizes the same TCP port as HTTP, port 80. True False
False
The LLC sublayer is primarily concerned with managing MAC addresses in message frames. True False
False
The Spanning Tree Protocol operates at the Network layer of the OSI model. T/F
False
The original version of the Secure Hash Algorithm was developed by MIT. T/F
False
WANs connect nodes, such as workstations, servers, printers, and other devices, in a small geographical area on a single network. T/F
False
When utilizing Kerberos, an access granting ticket is the same as a key. T/F
False
Z-Wave transmissions have a range of up to 50m per hop, and can tolerate up to 8 hops through repeaters. True False
False
A drop ceiling could be used by an intruder to gain access to a secured room. T/F
True
What makes up the first 6 bits of the 8-bit DiffServ field? A - Priority Code Point (PCP) B - Differentiated Services Code Point (DSCP) C - Class of Service (CoS) D - Forward Error Correction (FEC)
B - Differentiated Services Code Point (DSCP)
Near-field communication devices send data at what fixed frequency? A - 8.65 MHz B - 13.56 MHz C - 21.39 MHz D - 47.1 MHz
B - 13.56 MHz
In an 802.11 data frame, what is the maximum amount of data that can be sent? A - 1500 bytes B - 2312 bytes C - 4582 bytes D - 9000 bytes
B - 2312 bytes
What subnet mask can be used to segment the 172.16.0.0 network to allow for a minimum of 6 subnets while maximizing the number of hosts per subnet? A - 255.255.248.0 B - 255.255.224.0 C - 255.255.192.0 D - 255.255.128.0
B - 255.255.224.0
If you wish to maintain a "4 nines" availability rating, what is the maximum amount of down time you can have per day? A - 0.4 seconds B - 8 seconds C - 1 minute, 26 seconds D - 14 minutes, 23 seconds
B - 8 seconds
Which of the following statements regarding the 802.11ac standard is NOT accurate? A - The standard was officially approved in early 2014. B - 802.11ac access points function more like a hub than a switch. C - 802.11ac access points can handle multiple transmissions at one time over the same frequency. D - 802.11ac operates on the 5-GHz band.
B - 802.11ac access points function more like a hub than a switch.
What IEEE standard specifies how VLAN information appears in frames and how switches interpret that information? A - 802.1c B - 802.1Q C - 802.1V D - 802.1d
B - 802.1Q
What statement regarding denial-of-service (DoS) attacks is accurate? A - A denial-of-service attack occurs when a MAC address is impersonated on the network. B - A denial-of-service attack prevents legitimate users from accessing normal network resources. C - A denial-of-service attack is generally a result of a disgruntled employee. D - A denial-of-service attack is no longer a major concern due to the increased throughput available on most networks.
B - A denial-of-service attack prevents legitimate users from accessing normal network resources.
When troubleshooting wireless issues, what statement is accurate? A - A WPA key can be used to associate with a WEP configured access point. B - Access points that use overlapping channels can cause interference with each other if they are too close. C - Simultaneous wired and wireless network connections do not affect the ability to communicate on the network. D - Access point power levels should always be configured to output as much power as possible.
B - Access points that use overlapping channels can cause interference with each other if they are too close.
What does the VLAN Trunk Protocol (VTP) do? A - It is the protocol that defines how VLAN tagging is accomplished in an Ethernet network. B - It shares VLAN database information amongst switches that participate. C - It shares trunking information amongst switches that participate. D - It is the protocol used by a trunk port for establishing a trunk with another switch.
B - It shares VLAN database information amongst switches that participate.
What does the VLAN Trunk Protocol (VTP) do? A - It shares trunking information amongst switches that participate. B - It shares VLAN database information amongst switches that participate. C - It is the protocol used by a trunk port for establishing a trunk with another switch. D - It is the protocol that defines how VLAN tagging is accomplished in an Ethernet network.
B - It shares VLAN database information amongst switches that participate.
A vSwitch (virtual switch) or bridge is a logically defined device that operates at what layer of the OSI model? A - Layer 1 B - Layer 2 C - Layer 4 D - Layer 7
B - Layer 2
Which of the following utilities performs sophisticated vulnerability scans, and can identify unencrypted data such as credit card numbers? A - Nmap B - Nessus C - Metasploit D - L0phtcrack
B - Nessus
At what layer of the OSI model does the IPsec encryption protocol operate? A - Physical layer B - Network layer C - Transport layer D - Application layer
B - Network layer
Which encryption standard was originally utilized with WPA's TKIP? A - Advanced Encryption Standard (AES) B - Rivest Cipher 4 (RC4) C - Blowfish D - Data Encryption Standard (DES)
B - Rivest Cipher 4 (RC4)
When using satellite services for your WAN connection, what statement is accurate? A - Satellite downlink rates range from 50 to 100 Mbps. B - Satellite services suffer more latency and jitter issues. C - Satellite services are only available for fixed location clients. D - Satellite uplink rates range from 5 to 10 Mbps.
B - Satellite services suffer more latency and jitter issues.
What happens when an NMS uses the SNMP walk command? A - The NMS sends a request for data to the agent on a managed device. B - The NMS uses get requests to move through sequential rows in the MIB database. C - The NMS requests a list of all active SNMP traps on the system. D - The NMS walks through a list of given SNMP hosts.
B - The NMS uses get requests to move through sequential rows in the MIB database.
Diffraction has what affect on a wireless signal's propagation? A - The signal is redirected into multiple directions. B - The signal is split into secondary waves that continue in the direction in which they split. C - The signal is returned back towards the source of the original signal. D - The signal is completely absorbed by the diffracting material.
B - The signal is split into secondary waves that continue in the direction in which they split.
When dealing with a Cisco switch, what is NOT one of the pre-established VLANs? A - VLAN 1 B - VLAN 1001 C - VLAN 1003 D - VLAN 1005
B - VLAN 1001
Regarding VNC (Virtual Network Computing or Virtual Network Connection), what statement is accurate? A - VNC is faster than Remote Desktop, and requires less network bandwidth. B - VNC is open source, allowing companies to develop their own software based on VNC. C - VNC uses the Remote Desktop Protocol (RDP). D - VNC is a standard developed by Microsoft and used by Windows Remote Desktop.
B - VNC is open source, allowing companies to develop their own software based on VNC.
What special signal is issued periodically from an AP and contains the network transmission rate and service set identifier (SSID), as well as other information needed for a computer to associate with the AP? A - broadcast frame B - beacon frame C - announcement packet D - alert message
B - beacon frame
Upon connecting to a Wi-Fi network, you're redirected to a login screen and a request to accept terms of service before being connected. What is this an example of? A - guest network profile B - captive portal C - WPA2-Enterprise D - browser hijacking
B - captive portal
The Group Policy utility can be opened by typing what name into a Run box? A - secpol.msc B - gpedit.msc C - grouppol.msc D - grppol.msc
B - gpedit.msc
Which type of backup scheme only covers data that has changed since the last backup? A - full backup B - incremental backup C - differential backup D - snapshot backup
B - incremental backup
In Linux, what command can be used for viewing and setting wireless interface parameters? A - ifconfig B - iwconfig C - wlanconf D - wifid
B - iwconfig
When a device handles electrical signals improperly, usually resulting from a bad NIC, it is referred to by what term below? A - ghost B - jabber C - talker D - blabber
B - jabber
A virus that remains dormant until a specific condition is met, such as the changing of a file or a match of the current date is known as what type of malware? A - encrypted virus B - logic bomb C - boot sector virus D - worm
B - logic bomb
What term is used to describe a space that is rented at a data center facility by a service provider? A - locally exchanged data point (ledp) B - point of presence (PoP) C - central service point (CSP) D - service location (SL)
B - point of presence (PoP)
Which of the following terms is commonly used to describe a VLAN configuration in which one router connects to a switch that supports multiple VLANs? A - router overloading B - router-on-a-stick C - branched router D - router-on-a-branch
B - router-on-a-stick
You are working on a Cisco switch and need to learn what VLANs exist on the switch. Which command will list the current VLANs recognized by the switch? A - get vlans B - show vlan C - list switch-vlans D - show vlandb
B - show vlan
What type of device can be used to assess the quality of a wireless signal? A - Wi-Fi analyzer B - spectrum analyzer C - channel scanner D - frequency hopper
B - spectrum analyzer
An IP address of 192.168.18.73/28 has what network ID? A - 192.168.16.0 B - 192.168.18.0 C - 192.168.18.32 D - 192.168.18.64
D - 192.168.18.64
A fractional T1's bandwidth can be leased multiples of what data rate? A - 28 Kbps B - 32 Kbps C - 48 Kbps D - 64 Kbps
D - 64 Kbps
What is the maximum number of host IP addresses that can exist in a Class B network? A - 1022 B - 8190 C - 32,766 D - 65,534
D - 65,534
Which of the following scenarios represents a phishing attempt? A - An employee at your company has received a malware-infected file in their e-mail. B - A person posing as an employee tried to access a secured area at your organization. C - A gift was offered to an employee with access to secured information in exchange for details. D - An e-mail was sent to a manager at your company that appeared to be from the company's CTO, asking for access.
D - An e-mail was sent to a manager at your company that appeared to be from the company's CTO, asking for access.
What is the Nmap utility used for? A - It is used to identify unsecured sensitive data on the network, such as credit cards. B - It is an automated vulnerability and penetration testing framework. C - It is a software firewall that can be used to secure a vulnerable host. D - It is a port scanning utility that can identify open ports on a host.
D - It is a port scanning utility that can identify open ports on a host.
Which legacy authentication protocol requires mutual authentication? A - Password Authentication Protocol (PAP) B - Challenge Handshake Authentication Protocol (CHAP) C - Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) D - Microsoft Challenge Handshake Authentication Protocol, version 2 (MS-CHAPv2)
D - Microsoft Challenge Handshake Authentication Protocol, version 2 (MS-CHAPv2)
What open-source VPN protocol utilizes OpenSSL for encryption and has the ability to possibly cross firewalls where IPsec might be blocked? A - Layer 2 Tunneling Protocol (L2TP) B - Point-to-Point Tunneling Protocol (PPTP) C - Generic Routing Encapsulation (GRE) D - OpenVPN
D - OpenVPN
Which of the following statements regarding the Point-to-Point (PPP) protocol is NOT accurate? A - PPP can negotiate and establish a connection between two endpoints. B - PPP can utilize an authentication protocol, such as MS-CHAPv2 or EAP to authenticate a client. C - PPP can support several Network layer protocols, such as IP, that might use the connection. D - PPP can support strong encryption, such as AH or ESP.
D - PPP can support strong encryption, such as AH or ESP.
What statement regarding the SSH (Secure Shell) collection of protocols is accurate? A - SSH provides a graphical view of the remote computer. B - SSH does not protect against DNS spoofing. C - SSH does not protect against IP spoofing. D - SSH supports port forwarding.
D - SSH supports port forwarding.
With a SIP trunk, what is the only limitation on the number of calls that can run at any one time? A - The maximum number of channels available on the transmission medium. B - The total number of time division slots allocated to the SIP client organization. C - The total number of SIP bearer channels provisioned on the SIP switch. D - The amount of available bandwidth.
D - The amount of available bandwidth.
What is NOT a variable that an network access control list can filter traffic with? A - The Network layer protocol used for the packet. B - The Transport layer protocol used for the packet. C - The source or destination TCP/UDP port number in the packet. D - The operating system used by the source or destination device.
D - The operating system used by the source or destination device.
When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites? A - VPN proxy B - VPN server C - VPN transport D - VPN gateway
D - VPN gateway
An RFID label on a box is an example of what type of physical security detection method? A - motion detection technology B - video surveillance via CCTV C - tamper detection D - asset tracking tagging
D - asset tracking tagging
A community cloud is a service shared between multiple organizations, but not available publicly. True False
True
A /24 CIDR block is equivalent to a 255.255.255.0 subnet mask. T/F
True
A brownout is a momentary decrease in voltage; also known as a sag. T/F
True