CompTIA Network+ (Test1)
A company has subnetted their Class C network address into four subnets with a /26 subnet mask. What are the addresses of the four subnets?
1. 0, 1, 2, 3 2. 128, 64, 32, 16 3. 1, 2, 4, 6 4. 0, 64, 128, 192 Answer: 4. 0, 64, 128, 192 Explanation 0, 64, 128, and 192 represent all of the possible values of 1s and 0s in the first two columns of the fourth octet in a Class C address: 0 0, 0 1, 1 0, and 1 1. Place those values under a 128 and a 64 and calculate the results.The leftmost two bits of the fourth octet are masked - the 128 and 64 column - using any combination of 1s and 0s in those columns, it would not be possible to generate a 1, 2, 3, 4 or 8. It would also be impssible to generate a 32 or 16 so the other choices are incorrect.
The only Gigabyte Ethernet standard that has a maximum cable length shorter than 100 meters is:
1. 1000Base-T 2. 1000Base-CX 3. 1000Base-SX 4. 1000Base-LX Answer: 2. 1000Base-CX Explanation Correct Answer:1000Base-CX uses copper cabling and is limited to 25 meters.Incorrect Answers:1000Base-LX uses fiber-optic cabling and has a maximum length of 5 km using single-mode fiber.1000Base-SX uses fiber-optic cabling and has a maximum length of 550 meters.1000Base-T uses UTP and has a maximum length of 100 meters.
Which of the following are types of firewalls? (Choose two.)
1. Statement 2. Deep state 3. Stateless 4. Stateful Answer: 3. Stateless 4. Stateful Explanation Firewalls are either stateful or stateless.Statement and deep state are not terms that describe firewalls.
Which statement is not true about 10BaseT
1. 10BaseT runs at 10 megabits per second 2. 10BaseT supports a maximum of 1024 nodes per switch 3. 10BaseT requires Cat 5a UTP cable 4. Maximum distance between the switch and the node is 100 meters Answer: 3. 10BaseT requires Cat 5a UTP cable Explanation 10BaseT can run on Cat 3 or higher UTP.All of the other statements are true.
Which is the default port for NTP?
1. 123 2. 231 3. 321 4. 132 Answer: 1. 123 Explanation NTP uses port 123.The other choices are generally unused ports.
Continuously bombarding a remote computer with broadcast pings that contain a bogus return address is an example of what specific type of attack?
1. DDoS 2. FTP bounce 3. Man-in-the-middle 4. Smurf Answer: 4. Smurf Explanation Correct Answer:This type DoS attack is known specifically as a smurf attack.
Which statement is true of VLAN's?
1. VLANs enable remote stations to connect to the LAN from across the Internet 2. VLANs can only be implemented on specified ports on a router 3. VLANs use SSH tunnels for cross-VLAN traffic 4. VLANs break up broadcast domains into multiple, smaller broadcast domains. Answer: 4. VLANs break up broadcast domains into multiple, smaller broadcast domains. Explanation VLANs break up a single broadcast domains into multiple, smaller broadcast domains.VLANs don't enable hosts from outside the LAN to connect, but VPNs do. VPNs do not encrypt connections, either within the VLAN or when connecting VLANs together. VLANs are implemented in switches, not routers.
Which of the following statements is not true of Gigabit Ethernet?
1. 1000BaseLX supports between 100 m and 10 km and can be used with multi-mode or single-mode fiber optic cable 2. 1000BaseT supports up to 100 meter runs over UTP 3. 1000BaseSX supports runs of up to 100 m over multi-mode fiber optice cable 4. 1000BaseSX supports between 100 m and 10 km and can be used with multi-mode or single-mode fiber optic cable Answer: 4. 1000BaseSX supports between 100 m and 10 km and can be used with multi-mode or single-mode fiber optic cable Explanation 1000BaseSX supports runs of up to 550 m over multi-mode fiber optic cable (220m/275m with 62.5 cable and 500m/550m with 50 micro cable) It does not support 10km runs. All of the other choices are true regarding Gigabit Ethernet.
A small factory would like to connect a separate warehouse on their property to the network. The warehouse is about 200 meters (656 feet) away from the main factory building. They need a high-speed connection, but do not have an unlimited budget. Which would be the MOST cost-effective method to supply a gigabit Ethernet connection to the second building?
1. 1000BaseSX 2. 1000BaseT 3. 10GBaseLW 4. 1000BaseLX Answer: 1. 1000BaseSX Explanation Correct Answer:1000Base-SX - Long run (up to 500 m), fiber-optic cable that supports gigabit speed over multimode fiber. It is commonly used for intra-building links.Incorrect Answers:10GBase-LW is for 10Gigabit and is very expensive. 1000BaseT is twisted pair and only good for 100 meters. 1000Base-LX is single-mode fiber used as a backbone run because it supports long runs of up to 10 km.
Which networking technology is best defined as Fast Ethernet?
1. 1000BaseSX 2. 100BaseT 3. 10BaseFL 4. 1000BaseT Answer: 2. 100BaseT Explanation Correct Answer:Fast Ethernet is also known at 100BaseT. It can also be associated with 100BaseTX, 100BaseT4, and 100BaseFX. Are you seeing the pattern? If it has "100" in it, it's good for Fast Ethernet. However, if I was given a choice between all of the different 100BaseXX's, I would most likely choose 100BaseT as my final answer.Incorrect Answers:All of the other answers do not have "100" in their name. They are incorrect based on that alone.
Doug needs to install a fiber run between the MDF and the IDF in his building. The distance between the buildings is roughly 20 meters. He wants to use the fastest connection possible. Which standard should he use?
1. 10GBaseSR 2. 1000BaseSX 3. 10GBaseT 4. 10GBaseSW Answer: 1. 10GBaseSR Explanation Correct Answer:10GBaseSR will run at 10 Gbps over fiber. The "S" states that it is short range. It can go at distances up to roughly 300 meters. The "R" means that it is designed to be used with existing Ethernet standards.Incorrect Answers:1000BaseSX while fast, is not fast enough. It does however, use fiber at short ranges.10GBaseT is fast enough, but it uses twisted pair, not fiber.10GBaseSW is almost perfect, except for that "W," which means that it is designed for WAN connections, using the existing SONET infrastructure.
Which choice is not a valid representation of the IPv6 address: 2001:C2A:0000:0000:BB29:0000:3F00:A5B6?
1. 2001:0C2A::BB29:0000:3F00:A5B6 2. 2001:C2A::BB29::3F00:A5B6 3. 2001:0C2A:0000:0000:BB29:3F00:A5B6 4. 2001:0C2A:0000:0000:BB29:0000:3F00:A5B6 Answer: 2. 2001:C2A::BB29::3F00:A5B6 Explanation IPv6 addresses cannot use more than one set of double colons (::) to represent strings of zeroes.2001:0C2A::BB29:0000:3F00:A5B6 most efficiently shortens the address in the question. 2001:C2A:0000:0000:BB29:0000:3F00:A5B6 has dropped the leading zero in the second hextet - it's okay to drop leading zeros. 2001:0C2A:0000:0000:BB29::3F00:A5B6 has replaced a string of four zeros in the sixth hextet with a set of double colons (::). It would be more efficient to replace the eight zeros in the third and fourth hextet with double colons (::) but any string of zeros can be replaced with (::).
1000Base-LX has the longest maximum run distance for Gigabit Ethernet running multimode fiber- what is that distance?
1. 25 meters 2. 550 meters 3. 2000 meters 4. 100 meters Answer: 2. 550 meters Explanation Correct Answer:1000Base-LX running multimode has a maximum length of 550 meters.
Which network solution provides at least 50Mbps of bandwidth and supports full duplex communication?
1. 5.0GHz 802.11a 2. 10Base2 Ethernet 3. 2.4GHz 802.11g 4. 10/100 layer 2 switch Answer: 4. 10/100 layer 2 switch Explanation Correct Answer:10/100 layer 2 switch - Switches are usually configured to be full duplex, and the 100 part of the label means that the switch supports 100 Mbps.Incorrect Answers:802.11a and 802.11g are wireless and are only half duplex. 10Base2 Ethernet is only 10 Mbps, and because data flows on a single wire, it is necessarily half-duplex.
What does ad-hoc mode describe?
1. A bluetooth environment comprised of a mouse and keyboard 2. Wireless network comprised only of peer computers 3. 802.11 network 4. Wireless devices connected to a WAP Answer: 2. Wireless network comprised only of peer computers Explanation Ad-hoc networks are Wi-Fi networks comprised only of peer computers.Wi-Fi devices that connect to a wireless access point (WAP) is known as an infrastructure network. Ad-hoc is not a term that applies to bluetooth. 802.11 is the standards committee that governs all aspects of Wi-Fi networks, not just ad-hoc.
Which best describes a model?
1. A representation of a real object or process 2. Multiple steps of a process converted into a single step 3. A duplicate of a real object or process 4. The expansion of a single process step into multiple steps Answer: 1. A representation of a real object or process Explanation A model is a representation of a real world object or process.Models do not change a process by expanding or compressing it. Models don't duplicate a process, they represent it to improve understanding of the underlying principles.
Which choice is true of a rogue DHCP server?
1. A rogue DHCP server increases the pool of available IP addresses 2. A rogue DHCP server can assign incompatible IP addresses to hosts. 3. A rogue DHCP server ensures that hosts will get compatible APIPA addresses 4. A rogue DHCP server increases the speed of the DHCP service Answer: 2. A rogue DHCP server can assign incompatible IP addresses to hosts. Explanation Rogue DHCP servers can assign incompatible IP addresses to hosts on a network making them unable to communicate with other hosts or the Internet.Rogue DHCP servers cause IP address incompatibilities or worse - they do not increase network performance by either increasing DHCP assignment speeds or the size of IP address pools. The existence of a DHCP server, rogue or approved, ensures that hosts will not generate APIPA addresses.
Which protocol maps IP addresses to Layer 2 (Data Link Layer) addresses?
1. ARP 2. Netstat 3. Ping 4. TCP Answer: 1. ARP Explanation Correct Answer:ARP is the protocol used to resolve an IP address into a MAC address, which functions at Layer 2 (Data Link Layer) of the OSI seven-layer model.Incorrect Answers:Ping test connectivity, Netstat deals with sessions, and TCP doesn't deal with MAC addresses.
Doug is troubleshooting a wiring closet in 2013. The cabling diagrams and documents are five years old and have little resemblance to what Doug sees. What configuration management process has fallen behind?
1. Asset management 2. System logs 3. Change management 4. Baselining Answer: 3. Change management Explanation Correct Answer:Change management - Keeping track of all the system changes since the last baseline was performed can save lots of time.Incorrect Answers: Baselining is done after the network is established. System logs are concerned with how the system is running, not what changes have been made. Asset management is concerned with the disposition of equipment.
Which of the followin gcan provide Michelle, a network technician, with a performance reference point that can be checked and compared to after hardware repair?
1. Asset management 2. Wire scheme 3. Network map 4. Baseline Answer: 4. Baseline Explanation Correct Answer:Baseline - Baselining establishes a documented performance level that can be compared to later as conditions on the network change.Incorrect Answers:Network maps and wire schemes are about wiring pinout codes, cable run locations and installed device locations - nothing about performance. Asset management is the process of tracking and installing network devices, but has nothing to do with performance management.
Your company has just purchased 800 new PCs for a roll-out you are about to make. Of the following choices, which should you update accordingly?
1. Asset management 2. Wire schemes 3. Baselines 4. Change management Answer: 1. Asset management Explanation Correct Answer:Asset management is the documentation we use to keep track of all the network equipment and assets.Incorrect Answers:Change management is the documentation we update and refer to when something on the network has changed and it effects policy or adversely effects performance.Baselines are used as a guideline or benchmark to assess network performance.Wire schemes tell use what kind of cabling and connectors we'll be using.
WPS is used for what purpose?
1. Automatically sets up a personal area network. 2. Automatically configures a wireless device to connect to a WAP 3. Automatically shares the Wi-Fi password 4. Automatically applies protection services to wireless devices Answer: 2. Automatically configures a wireless device to connect to a WAP Explanation Wireless Protected Setup (WPS) automatically negotiatiates anc configures Wi-Fi settings between a peripheral and a WAP.The Wi-Fi password is shared, but there is more that happens under WPS. WPS does not establish a personal network. WPS does not provide protection services except during the initial configuration.
Which techniques should a technician utilize to achieve HA? (Choose three.)
1. Back up server drives 2. Aggregate Links 3. Install RAID 4. Redundant systems Answer: 2. Aggregate Links 3. Install RAID 4. Redundant systems Explanation Backups don't keep systems running, they make it easy to recover.High Availability (HA) is achieved with tools such as RAID arrays, Link Aggreation of multiple NICs and redundant systems. Redundant system may include power supplies, routers, etc. will help keep systems running in the event of a failure.
What is the quickest and easiest technology available to keep servers and equipment up and running?
1. Battery backup/UPS 2. RAID array 3. Business-continuity plan 4. Disaster-recovery plan Answer: 1. Battery backup/UPS Explanation Correct Answer:A battery backup/UPS on each rack or critical node keeps systems up and running in the event of power failure.Incorrect Answers:RAID arrays are great to keep things running but if power goes out, they are not available.A disaster-recovery plan is for dealing with a situation where the system is already down.A business-continuity plan is for dealing with a situation where the system is already down.
What TCP/IP protocol is used to resolve an IP address to a MAC address?
1. BootP 2. UDP 3. ARP 4. DHCP Answer: 3. ARP Explanation Correct Answer:Address Resolution Protocol (ARP) is a TCP/IP protocol that is responsible for resolving an IP address to a MAC address. Incorrect Answers:DHCP allows automatic TCP/IP configuration of DHCP clients.BootP is a legacy means of dynamically assigning IP addresses. It is mostly used in diskless workstations.User Datagram Protocol (UDP) is a connectionless Transport layer protocol that enables communication between devices.
In what folder is the HOSTS file located in a Windows computer?
1. C:\Windows\System32\etc 2. C:\Windows\etc 3. C:\etc 4. C:\Windows\System32\Drivers\etc Answer: 4. C:\Windows\System32\Drivers\etc Explanation In a Windows-based computer, the HOSTS file is found in the C:\Windows\System32\Drivers\etc folder.The other folder choices do not hold the HOSTS file.
Which of the following is not a cable test?
1. Cable length 2. Continuity 3. Wiremap 4. Ping Answer: 4. Ping Explanation Ping can fail even if the wiring is connected and functional.Wiremap, continuity and distance (cable length) are all wiring tests.
What is the value of a baseline performance analysis?
1. Causes CPU performance to scale up when more processing power is needed. 2. Shows the cause of network slowdowns 3. Provides an inventory of all network and computer components 4. Provides a quantifiable reference to measure against current performance Answer: 4. Provides a quantifiable reference to measure against current performance Explanation Correct Answer:A performance baseline can be used to verify perceived performance slowdowns.Incorrect Answers:Analysis does not cause performance changes, such as scaling up CPU power; it provides a measurable comparison.Performance analysis is not an inventory system.Analysis can reveal performance differences but does not pinpoint the cause.
A technician suspects a problem with the structured cabling system. The work areas have all been tested and verified as functioning properly. What other elements should be checked? (Choose three)
1. Check temperature in equipment room. 2. If many users cannot connect, suspect a fail switch 3. Check power in the equipment room and to rack gear 4. Check for multi-modal distortion in the UTP horizonal runs. Answer: 1. Check temperature in equipment room. 2. If many users cannot connect, suspect a fail switch 3. Check power in the equipment room and to rack gear Explanation Failed power and failed switches can impact multiple users. Overheating can cause equipment to shut down.Multi-modal distortion only happens in multi-mode fiber optica cable, not Unshielded Twisted Pair (UTP).
Which of the following is not a packet switching technology?
1. Circuit switch 2. Frame Relay 3. MPLS 4. ATM Answer: 1. Circuit switch Explanation Circuit switching is the opposite of packet switching - it creates a hard wired circuit between two communicating nodes.Frame relay, Asynchronous Transfer Mode (ATM), and Multiprotocol Label Switching (MPLS) are all examples of packet switching networks.
Which choice is not found in a change request?
1. Cost of implementation 2. Rollback process 3. Potential impact 4. Type of change 5. Configuration procedures 6. Notification Answer: 1. Cost of implementation Explanation Cost is not included in a change request. Cost is evaluated by the change-management team and approved or denied by management.There are five items found in a change request: type of change, configuration procedures, rollback procedure, potential impact, and notification.
Oliver has inherited a network without any labeled ports on the patch panel. What tool will he need to get the patch panel properly labeled?
1. Crossover cable 2. Toner 3. TDR 4. Hardware Loopback Answer: 2. Toner Explanation Correct Answer:The only tool that will work in this situation is the toner. A toner, which consists of a tone probe and tone generator, can be used to trace out the cables to determine the two ends of each cable.Incorrect Answers:A TDR determines the length of a cable, which does not help in this situation.A crossover cable allows two systems to be directed connected together.Hardware Loopback is used to test that a NIC is functioning properly.
DHCP servers pull IP addresses from a pool of IP addresses. This pool is called the:
1. DHCP scope 2. DHCP pool 3. DHCP array 4. DHCP lease Answer: 1. DHCP scope Explanation Correct Answer:The pool of IP addresses available for the DHCP server to hand out is called the DHCP scope.Incorrect Answers:DHCP lease describes how long the ip address is good for. Other answers don't apply.
Which of the following protocols is associated with monitoring devices on a network?
1. EIGRP 2. RDP 3. SNMP 4. SMTP Answer: 3. SNMP Explanation Correct Answer:Simple Network Management Protocol (SNMP) is designed to monitor networks, reporting an incredible amount of detail about devices on a network.Incorrect Answers:SMTP is used to send mail.EIGRP is hybrid routing protocol.RDP is the remote desktop protocol.
Which choices are examples of asymmetric encryption? (Choose two).
1. Eliptical Curve Cryptography 2. Data Encryption Standard 3. Rivest-Shamir-Adleman 4. Blowfish Answer: 1. Eliptical Curve Cryptography 3. Rivest-Shamir-Adleman Explanation Eliptical Curve Cryptography (ECC) and Rivest-Shamir-Adleman (RSA) are examples of asymmetric encryption.Blowfish and Data Encryption Standard (DES) are examples of symmetric encryption.
Which statement is not true of 100 megabit Ethernet?
1. Ethernet can run at 100mbps on fiber or copper 2. Both 100BaseF and 100BaseFX run over multi-mode cable 3. Both 100BaseT and 100BaseTX runs over unshielded twisted pair 4. 100BaseTX supports runs of up to 2KM Answer: 4. 100BaseTX supports runs of up to 2KM Explanation 100BaseTX only supports runs of up to 100 meters.All of the other choices are true regarding 100mbps Ethernet.
Network administrator Marie manages one Linux and two Windows servers. She wants to be able to review all of the server logs centrally. Which of the following services could Lisa use in this scenario?
1. Event logs 2. Syslog 3. Change management 4. Baselines Answer: 2. Syslog Explanation Correct Answer:Syslog - Syslog can run on different platforms and generate common reports to a central collection computer.Incorrect Answers:Event logs and baselines are necessarily different for Windows and Linux platforms. Change management is unique to different platforms as well.
Which of the following is not a common certificate error or warning?
1. Expired certificate 2. Self-signed certificate 3. Certificate is on the Certificate Relocation List (CRL) 4. Certificate not valid for the site Answer: 3. Certificate is on the Certificate Relocation List (CRL) Explanation The CRL is the Certificate Revocation List, not the Certificate Relocation List.The other choices are common certificate errors.
FTP uses TCP port 20 and TCP port 21. Which choice BEST describes how the ports are used?
1. FTP servers listen for commands on port 21 and respond with data on port 20. 2. FTP servers listen for commands on port 20 and respond with data on port 21 3. FTP clients send requests on port 20 and receive data on port 20 4. FTP clients send requests on port 21 and receive data on port 21 Answer: 1. FTP servers listen for commands on port 21 and respond with data on port 20. Explanation Active FTP servers receive commands on port 21 and respond with data on port 20.All of the other choices do not accurately describe how FTP uses ports 20 and 21.
Two of the following devices work together to trace out a cable: One sends an electrical signal along the cable at a particular frequency; the other one emits a sound when it detects that signal on the cable. What are the two devices? (Select two.)
1. Frequency locator 2. Tone generator 3. Tone probe 4. Tone emitter Answer: 2. Tone generator 3. Tone probe Explanation Correct Answers:Tone generator and tone probe work together to trace cables by sending an electrical signal along the wire at a particular frequency.Incorrect Answers:While these things may exist, they are not industry terms or typical equipment.
Mesh networks come in two varieties. What are the two primary variants? (Select two.)
1. Full 2. Client-server 3. Partial 4. Peer-to-peer Answer: 1. Full 3. Partial Explanation Correct Answers:Mesh network topologies can be installed as a partial mesh or a full mesh.Incorrect Answers:Client-server is a computing architecture model.Peer-to-peer is a computing architecture model.
Clark is troubleshooting a user's PC. They are using their browser to visit Web sites such as Paypal, eBay, and Newegg. They begin seeing SSL certificate mismatch warnings. Which of the following attacks could be happening?
1. Honey pot 2. Man-in-the-middle 3. Zombie 4. Smurf Answer: 2. Man-in-the-middle Explanation Correct Answer:A man-in-the-middle attack is a form of eavesdropping in which the attacker makes a connection with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.Incorrect Answers:Smurf and Zombie attacks are variations of DoS and DDoS attacks.A honey pot is a fake network that is setup to attract a hacker.
Patch panels and punch down tools are used on which kind of network cables?
1. Horizontal runs 2. Work area cables 3. Patch cables 4. Fiber optic runs Answer: 1. Horizontal runs Explanation Horizontal runs are punched down to the back of a patch panel on one end and on the back of the wall jack of a work area at the other end.Patch cables patch from the front of the patch panel to a switch port or another patch panel. Work area cables are terminated on each end and go from the wall jack in a work area to a computer or other device. Fiber optic runs are not punched into punch down blocks - they are always terminated with a fiber optic connector.
Which committee governs the standards of Ethernet?
1. IEEE 9001 2. IEEE 9002 3. IEEE 802.11n 4. IEEE 802.3 Answer: 4. IEEE 802.3 Explanation IEEE 802.3 manages and maintains Ethernet standards.IEEE 802.11n manages and maintains aspects of one of the Wi-Fi wireless standards. ISO 9001 and 9002 are quality control standards but they are not IEEE committees.
Which protocol in the TCP/IP protocol suite deals with logical addresses for hosts and resides at Layer 3 (Network Layer) of the OSI model?
1. IP 2. UDP 3. TCP 4. PPP Answer: 1. IP Explanation Correct Answer:Internet Protocol (IP) is the TCP/IP protocol that deals with logical addresses, commonly known as IP addresses, for host computers.Incorrect Answers:TCP and UDP work at the Transport layer, while PPP works at the Data Link layer.
Using an ACL in a firewall to block known malicious Web addresses is an example of which of the following?
1. IP filtering 2. Application filtering 3. Port filtering 4. MAC filtering Answer: 1. IP filtering Explanation Correct Answer:IP filtering - Filtering prevents access by names and/or IP addresses.Incorrect Answers:Application filtering stops types of programs, MAC filtering prevents specific computers, and port filtering prevents specific processes.
Network upgrades have been completed and the network protocols have been modernized. The WINS server was shut down. Since there is no need for NetBIOS traffic, it will no longer be allowed on the network. Which of the following will accomplish this objective?
1. IP filtering 2. Port filtering 3. MAC filtering 4. Content filtering Answer: 2. Port filtering Explanation Correct Answer: Port filtering - NetBIOS uses three well-known ports. Filter these (137, 139, and 15) and there will not be any more NetBIOS traffic. Incorrect Answers: MAC filtering and IP filtering won't stop NetBIOS traffic. Content filtering might work, but there's no guarantee and it would take a lot of filtering.
Which choices are characteristic of an IP address? (Choose two.)
1. IP networks are connected together with switches 2. IP addresses are logical addresses 3. IP addresses are physical addresses 4. IP networks are connected together with routers Answer: 2. IP addresses are logical addresses 4. IP networks are connected together with routers Explanation IP addresses are logically assigned to hosts; they are not fixed values and so can be changed or re-assigned. IP networks (not hosts) are connected with routers.MAC addresses are physically programmed into Network Interface Cards but IP addresses are not. Hosts are connected together with switches but networks are connected by routers.
Which choice is not a step in planning and installing a wireless network?
1. Install patch antenna(s) 2. Plan the WAP locations 3. Perform site survey 4. Configure WAP security Answer: 1. Install patch antenna(s) Explanation Patch antennas may not be appropriate for every installation.Performing a site survey, planning WAP locations, and configuring WAP access and security are all planning and execution steps when installing a wireless network.
Every Ethernet NIC card has a unique permanent number assigned to it.
1. Invoice address 2. MAC address 3. Node address 4. IP address Answer: 2. MAC address Explanation Correct Answer:Each network interface card must have a unique Media Access Control (MAC) address. Incorrect Answers:Although IP addresses must be unique on a given network, NICs are not required to have one unless they want to communicate on a TCP/IP network.
Which techniques can a technician use to harden her network? (Choose three.)
1. Keep account roles separated to avoid conflicts of interest 2. Avoid saving certificates, passwords and keys in the same location 3. Track hardware and software for patch requirements 4. Avoid using privileged accounts Answer: 1. Keep account roles separated to avoid conflicts of interest 3. Track hardware and software for patch requirements 4. Avoid using privileged accounts Explanation It is not wise to use privileged accounts unless necessary to perform administrative tasks. Accounts should be role-based and should not be able to perform tasks that would represent a conflict of interest to reduce the potential for abuse. Hardware such as routers and switches and lots of software application need regular patching to stay secure.Certificates, keys, passwords should be saved in a protected vault such as an online certificate vault or something as simple as an encrypted flash drive.
Which of the following are common network problems? (Choose three)
1. Loops 2. Connecting switches in a tree structure 3. Replay attack 4. Initialization vector attack Answer: 1. Loops 3. Replay attack 4. Initialization vector attack Explanation Wiring loops (between switches or between routers), replay attacks and IV attacks are all network threats and problems.Connecting switches in a tree structure is common when networks are larger and more spread out into clusters.
What is a chunk of data that has been sent out a of NIC called?
1. MAC 2. Frame 3. Segment 4. Packet Answer: 2. Frame Explanation Network interface cards generate and receive frames.A packet comes from the Network layer. A segment comes from the Transport layer. MAC stands for Media Access Control and descibes physical addressing and the rules about creating and transmitting frames.
Which of the following connectors would be found on a fiber-optic cable?
1. MT-RJ 2. BNC 3. RJ-11 4. RS-232 Answer: 1. MT-RJ Explanation Correct Answer:MT-RJ - The way I remember this one is that the MT-RJ supposedly resembles the RJ-45. The MT-RJ is one of four fiber-optic cable connectors, including the ST, SC, and LC.Incorrect Answers:RJ-11 is for phone lines and CAT 3 Ethernet, RS-232 is for printer ports, and BNC is for ThinNet cables.
A technician has been tasked with planning for equipment failures. Which specs will the technician need to review in order to create a failure plan? (Choose three.)
1. MTTR 2. MTBF 3. MTTF 4. SLA Answer: 1. MTTR 2. MTBF 3. MTTF Explanation Mean Time To Repair (MTTR), Mean Time To Failure (MTTF) and Mean Time Between Failures (MTBF) are all specifications that should be known in planning for inevitable future failures.Service Level Agreement (SLA) is a document that describes the job of a service provider to deal with issues like equipment or service failures.
Which type of fiber optic cable supports longer run lengths?
1. Multi-mode 2. Laser-mode 3. Fractal-mode 4. Single-mode Answer: 4. Single-mode Explanation Single mode cable carries laser pulses the longest distance.Multi-mode carries light pulses short and moderate distances. Laser-mode and fractal-mode are nonsense terms in the world of fiber optic cables.
Scott complains about slow access to the server and asks you to fix it. Which of the following utilities can you use to find the bottleneck on the network?
1. Nbstat 2. Tracert 3. Ping 4. Telnet Answer: 2. Tracert Explanation Correct Answer:Tracert traces the route between the host and destination. When it finds a problem, it either shows the slow link with high access times, or simply stops.Incorrect Answers:Ping will only verify the slow access, but will not narrow down the location of the bottleneck.Nbtstat displays the current active socket connections. Telnet allows remote command-line access to another system.
What command will assign a drive letter to a network share?
1. Net share 2. Net assign 3. Net use 4. Net drive Answer: 3. Net use Explanation The net use command assigns a drive letter in the local computer to a shared folder in another computer.Net assign and net drive are invalid net commands. Net share creates a share but does not assign a drive letter.
Which device can determine the length of a cable?
1. Network analyzer 2. Continuity tester 3. Toner 4. TDR Answer: 4. TDR Explanation Correct Answer:Time Domain Reflectometers (TDRs) can accurately determine cable lengths, which can also tell how far down the cable a break exists. This is accomplished by sending a signal down the cable and seeing how long it takes the signal to reflect back.Incorrect Answers:A Toner is used to locate a cable.Continuity Testers test whether or not a cable has a break in it.Network analyzers can be used to capture packets and analyze them.
Get, Response, Set and Trap are communications that occur between an SNMP manager and an SNMP managed device. These communications are examples of what?
1. PDU 2. TCP 3. NMS 4. MIB Answer: 1. PDU Explanation Correct Answer:The commands and responses passed between SNMP managers and devices are sent as protocol data units (PDU).Incorrect Answers:SNMP protocol data units (PDU) are sent as UDP traffic, not TCP.NMS is the program that sends and receives the communications.Managed Information Base (MIB) is the categorized information being queried.
Which of the following tools enables you to inspect network traffic?
1. Ping 2. Throughput tester 3. Connectivity software 4. Protocol analyzer Answer: 4. Protocol analyzer Explanation Correct Answer:A protocol analyzer's job is to capture data traffic and inspect it.Incorrect Answers:A throughput tester will simply test the total bandwidth or throughput that can be sent down your network cable.Connectivity software is used to troubleshoot any connection issues with your network. It will most likely give you a detailed description of what is keeping you from connecting to the resource.Ping is a great tool for testing connectivity between two devices.
What utility would you use on a UNIX system to help determine where an internet connection is being slowed down?
1. Ping 2. Tracert 3. Ifconfig 4. Traceroute Answer: 4. Traceroute Explanation Correct Answer:Traceroute is a UNIX utility that traces out the path of your packets and determines the time it takes for the packet to reach each node along the path. This can help determine where the slowdown is occurring. Incorrect Answer:Tracert performs the same function on Windows systems. Ifconfig is used on UNIX systems to display and configure the TCP/IP settings.Ping can be used on a UNIX or Windows system to determine if a host can be seen on the network by the local machine.
What is the role of port numbers in IP headers?
1. Port numbers identify the path of routers between any two hosts that need to communicate with each other. 2. Port numbers identify which interfaces on a router should receive data in and which interfaces should forward data out 3. Port numbers identify which connectors on a switch that should receive data in and which should forward data out 4. Port numbers identify the sending and receiving processes between two hosts Answer: 4. Port numbers identify the sending and receiving processes between two hosts Explanation Port numbers identify sending and receiving processes in a sender and receiver.Port numbers have nothing to do with switch connectors, router interfaces or routing paths.
Which choice is not true about protocol analyzers such as WireShark?
1. Protocol analyzers can show the contents of packets and frames 2. Protocol analyzers can capture packets 3. Protocol analyzers can generate packets and frames 4. Protocol analyzers can filter packets and frames Answer: 3. Protocol analyzers can generate packets and frames Explanation Protocol analyzers cannot create packets and frames, they can only capture and display them.All of the other choices are true about protocol analyzers.
Port forwarding allows which of the following?
1. Public addresses to be assigned to the LAN side of a NAT router. 2. Outside access to hosts on the LAN side of a NAT router 3. One host on the LAN side of a NAT router to be assigned with the same public address of the router's WAN interface 4. Registers a LAN side host with a portable DNS address. Answer: 2. Outside access to hosts on the LAN side of a NAT router Explanation Port forwarding enables access to hosts on the LAN side of a NAT router from beyond the WAN interface of the router.Port forwarding does not enable support for LAN side hosts to be assigned public addresses. Port forwarding has nothing to do with DNS and there is no such thing as a "DNS address."
Which protocols are implementations of AAA? (Choose two.)
1. RADIUS 2. Encryption Strength 3. Kerberos 4. TACACS+ Answer: 1. RADIUS 4. TACACS+ Explanation RADIUS and TACACS+ provide authentication, authorization,and accounting.Kerberos provides authentication but not authorization or accounting. Encryption does not directly provide authentication, authorization, or accounting.
Which coaxial cable(s) have a characteristic impedance of 50 ohms?
1. RG-6 2. RG-8 3. RG-58 4. RG-59 Answer: 2. RG-8 3. RG-58 Explanation RG-8 and RG-58, known as Thicknet and Thinnet, have 50 ohm impedance and were used in early Ethernet installations.RG-59 has 75 ohm impedance and is found in older CATV installations. RG-6 has 75 ohm impedance is is used in modern CATV and home satellite installations.
Which would be the best solution to make an encrypted tunnel using SSH?
1. Recode an unencrypted tunneling program to support SSH encryption. 2. Piggyback an existing tunnel program onto SSH 3. Set up a tunnel using L2TP/lpsec 4. Set up a tunnel using PPTP Answer: 2. Piggyback an existing tunnel program onto SSH Explanation The only option here that meets the criteria of the question is to piggyback a VPN session over an SSH connection. Recoding an existing tunneling program isn't very practical and may be illegal if the coder does not have rights to change the program. PPTP and L2TP/IPsec are already encrypted so further encrypting them with SSH is not necessary and can introduce performance slowdowns.
What does port mirroring accomplish?
1. Redirects any outbound traffic from the mirrored port to a host with a specific IP address 2. Doubles switch-port bandwidth by bonding a specified port to the mirrored port 3. Redirects any inbound traffic to the mirrored port to another, specified port 4. Enables inbound and outbound traffic from switch ports to be duplicated at the mirrored port. Answer: 4. Enables inbound and outbound traffic from switch ports to be duplicated at the mirrored port. Explanation Port mirroring sends inbound and outbound traffic from specified switch ports to be duplicated at the mirrored port for the purpose of capturing and monitoring.Port mirroring does not redirect inbound or outbound traffic to or from the mirrored port - the mirrored port sends duplicates of any inbound and outbound traffic to an from specified other ports on the switch. Port mirroring is not connected with port bonding protocols.
Which statement is not true of static routes?
1. Routers can have static routes 2. Static routes are entered manually but can be automatically changed by the router 3. Static routes are entered manually and must be manually changed by a human 4. Hosts can have static routes Answer: 2. Static routes are entered manually but can be automatically changed by the router Explanation Static routes must be manually entered by a human and, once entered, cannot be automatically changed by a router. When a router automatically changes a route, this is called dynamic routing and is the opposite of static routing.Routers and hosts can have static routes. Once entered, static routes can only be changed by a human who manually changes them.
Which of the following is a secure email protocol?
1. SMTP 2. IMPA 3. POP 4. STLS Answer: 4. STLS Explanation Start Transport Layer Security (STLS) is the current approach to running secure email protocols.SMTP, POP, and IMAP are all older, unsecure mail protocols.
Which of the following is not an element of risk management?
1. Security controls 2. Security policies 3. Security procedures 4. Secure infrastructure from threats Answer: 4. Secure infrastructure from threats Explanation While it is important so secure a network's infrastructure, it is not an element of risk management.Among other things, risk management includes creating and following security policies, security controls and security procedures.
When operating multiple, duplicate servers such as web servers, which method is best to to take advantage of the full power of all of the servers?
1. Server Side Load Balancer 2. Round Robin Server 3. DNS Server 4. HSRP Answer: 1. Server Side Load Balancer Explanation A load balancer evenly distributes reqeuests across multiple servers so they all provide roughly equal services.DNS servers can provide some degree of load balancing but the service is not optimized to perform the job. Round robin is a technique used by DNS and load balancing but is not a device. HSRP is the Hot Swap Routing Protocol that allows a backup router to come online in the event that a primary router fails.
A network technician has been tasked with monitoring the network. Which network function is it not necessary for her to monitor?
1. Server utilization 2. Error alerts 3. File hash changes 4. Bandwidth Answer: 3. File hash changes Explanation Changes to file hashes are not a typical, real-world thing that require aggressive or constant monitoring.She should monitor several network metrics, such as server utilization, errors, and bandwidth usage.
A technician needs to protect the network power system. What are good solutions for her to implement? (Choose two.)
1. Solar Power 2. LCD monitors 3. Backup generator 4. Redundant power supply Answer: 3. Backup generator 4. Redundant power supply Explanation Generators and redundant power supplies are excellent solutions to keep systems up and running.Solar power may not work during periods of low light like during the days of rain that come in hurricane season, or at night. Batteries help but they soon run down. LCD monitors are the standard today. They have low power consumption but don't provide any protection in a failed power or power supply condition.
Which statement is not true of a subnet mask?
1. Subnet masks are used by a computer to determine the network ID. 2. Subnet masks are never sent out of a host 3. Subnet masks are sent out as one of the fields in the IP packet 4. Subnet masks are made up of cintiguous 1s starting at the leftmost (most significant bit) of an IP address. Answer: 3. Subnet masks are sent out as one of the fields in the IP packet Explanation Subnet masks are sent out as one of the fields in the IP packet is false - they are never sent out of a host. The other choices are true statements about subnet masks.
A technician suspects that a virus has infected the network. One of its actions appears to be that it utilizes a large amount of network bandwidth. What is the BEST tool that the technician can use to quickly determine which workstations are infected?
1. Syslog 2. SNMP 3. Web Server 4. Network sniffer Answer: 4. Network sniffer Explanation Correct Answer:Network sniffer- A sniffer is used to examine network traffic. These are more commonly known as packet sniffers.Incorrect Answers:Web server… seriously? Syslog might be useful, but it would almost certainly not be quick. SNMP is used for, among other things, remotely managing SNMP-capable devices on the network.
Which characteristic is true of TCP
1. TCP is connectionless 2. TCP uses the FIN message to close a connection 3. The TCP three-way handshake begins with a SYN message, followed by an ACK response followed by an ACK SYN message 4. TCP uses the END message to close a connection Answer: 2. TCP uses the FIN message to close a connection Explanation TCP uses the FIN message to close a connection.TCP is connection-oriented, UDP is connectionless. The TCP three-way handshake is SYN - SYN, ACK - ACK. TCP does not end a connection with END, it uses FIN.
Your network administrator has just added a small router to connect to the Internet, but now you can't connect to your network server. Your system is configured to obtain an IP address automatically. You ran the ipconfig command to find your default gateway address, which is 192.168.4.152. You successfully pinged your default gateway. Ipconfig showed your IP address to be 192.168.4.15. You also were able to ping your IP address. You still cannot connect to your server. What could be causing this problem?
1. The cable connecting the switch to your system is bad. 2. The cable connecting the switch to the router is bad. 3. The network's router is also running DHCP, causing a DHCP conflict. 4. Your switch is malfunctioning Answer: 3. The network's router is also running DHCP, causing a DHCP conflict. Explanation Correct Answer:The network's router may also be running DHCP, causing a DHCP conflict with the DHCP server.Incorrect Answers: The other choices cannot be correct because the pings were successful.
What is the default gateway?
1. The route that connects to the LAN 2. The port where the router connects to the hub 3. The subnet mask for the client that connects to the LAN 4. The IP address of the router interface that connects to the LAN Answer: 4. The IP address of the router interface that connects to the LAN Explanation Correct Answer:Although the terms "gateway" and "default gateway" are often used interchangeably to refer to the router itself, the default gateway is actually the IP address of the router interface that connects to the LAN.
Some users on a wireless network, but not all, are having trouble accessing certain network resources. Which of the following is the least likely cause?
1. The wireless access point has lost power 2. Server ports have changed to non-standard port 3. TCP and or UDP ports have been blocked by a firewall 4. Access Control Lists have been changed Answer: 1. The wireless access point has lost power Explanation If the WAP is unpowered, all users will be affected. TCP and UDP ports can be modified in a network-based firewall which. Servers can be changed to listen to non-standard ports. ACLs can be set to allow or deny access to a resource or through a gateway based o MAC addresses, IP addresses or other criteria. Being blocked by a gateway ACL would prevent access to any resource on the other side of the gateway.
Fox and Hound is a brand name for what device?
1. Toner 2. Hub 3. Multimeter 4. Crimper Answer: 1. Toner Explanation Correct Answer:Fox and Hound is a brand name for a Toner, a device comprised of a Tone Locator and a Tone Generator, used to locate specific cables.
Shelly has several users that are complaining about someone tampering with their computers. She knows that their passwords are not very secure and are easy to guess. She explains the recommended password practices. Which of the following statements should she include in her recommendations? (Select three)
1. Use a password length of at least 8 characters 2. Use a password with a combination of upper and lower case, numbers and special symbols. 3. Write the password down and keep it somewhere safe. 4. Use a family member's name as your password to make it easy to remember 5. Change your password every 30 days at least. Answer: 1. Use a password length of at least 8 characters 2. Use a password with a combination of upper and 5. Change your password every 30 days at least. Explanation Correct Answers:Using at least 8 characters; using a combination of upper and lower case letters, numbers, and special symbols; and changing your password every 30 days all help prevent someone from guessing your password.Incorrect Answers:The first thing people try when they want to crack your password is your family members' names and pet names.The other thing people will do is look around your desk area for notes that would lead to a possible password.
Remote desktop is a term that describes what?
1. Using a computer to take over the screen and keyboard of another computer. 2. Duplicating the output of a monitor to another monitor 3. Separating the monitor from a computer so it can be operated over a distant connection 4. Installing two keyboards and two monitors on the same computer that it can run two different sessions, simultaneously. Answer: 1. Using a computer to take over the screen and keyboard of another computer. Explanation Remote desktop enables one computer to remotely operate another computer by taking over its screen and keyboard.Remote desktop protocol (RDP) does not support multiple simultaneous sessions with dual keyboards and monitors on the same computer. Duplicating monitor output is part of remote desktop but there is much more to RDP. Running a wirelessly connected monitor is not an element of remote desktop.
Which of the following is not a DDos attack profile?
1. Volume attack 2. Protocol attack 3. Application attack 4. Certificate attack Answer: 4. Certificate attack Explanation Certificate attack is a made-up term.Volume attacks, protocol attacks and application attacks are all profiles of Distributed Denial of Service (DDoS) attacks.
Preparation for incidents is a multifaceted process that includes which tasks? (Select two)
1. Vulnerability scanning 2. Penetration testing 3. Statement of work 4. Service-level agreement Answer: 1. Vulnerability scanning 2. Penetration testing Explanation Correct Answers:Vulnerability scanning and penetration testing show where network resources are exposed to risk. Once known, these resources can be hardened against threats.Incorrect Answers:Service -level agreements and statements of work are standard business documents that do not directly prepare for incidents.
Which term describes the process of scouting for Wi-Fi networks that may be vulnerable?
1. War driving 2. Sniffing 3. Fox hunting 4. Snooping Answer: 1. War driving Explanation War driving is the term to describe searching for vulnerable wireless networks. Snooping, sniffing and fox hunting are descriptions of seeking vulnerable networks but war driving is the appropriate term.
Your Internet connection works just fine, but you cannot access www.totalsem.com using its domain name or IP address. What command can you use to see if the Web site is down or if the problem is a router between your machine and the Web server?
1. arp www.totalsem.com 2. tracert www.totalsem.com 3. ping 255.255.255.0 4. nbstat www.totalsem.com Answer: 2. tracert www.totalsem.com Explanation Correct Answer:Whether you cannot reach a Web site, or the connection is just sluggish, if you trace the path to the site using tracert (or traceroute in UNIX/Linux), you will discover if the site itself is not responding or if a server or router between your machine and the remote host is causing the problem.Incorrect Answers:Ping will only determine whether or not you can reach the Web site.Arp resolves IP addresses into MAC addresses.Nbtstat helps in troubleshooting WINS problems.
Every day, you check the news at www.cnn.com. Today, it takes 3 minutes longer than usual to view the page. What is one thing you can do to see where the bottleneck is?
1. telnet www.cnn.com 2. ping www.cnn.com 3. tracert www.cnn.com 4. nslookup www.cnn.com Answer: 3. tracert www.cnn.com Explanation Correct Answer:If you trace the route (tracert) that the packets take, you may be able to determine which server or router is causing the bottleneck.Incorrect Answers:Ping www.cnn.com will only confirm that you are able to connect to the Web site.Telnet www.cnn.com will attempt to remotely access the cnn.com Web server, which would not be a good idea.Nslookup is a utility used to query DNS servers.
A network technician needs to check the configuration of a port on a switch. Which tools is he MOST likely to use to verify the configuration?
1. traceroute command 2. dig command 3. nbstat command 4. SNMP monitor Answer: 4. SNMP monitor Explanation Correct Answer:SNMP - The simple network messaging protocol is used to, among other things, remotely administer SNMP-enabled devices.Incorrect Answers:Traceroute tells you what routers your packets are passing through on their way to a destination. Nbtstat is only used in NetBIOS/netbeui networks, and dig is a DNS query tool.