N10-006 with explain

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Q12 Which of the following protocols uses label-switching routers and label-edge routers to forward traffic? "Multilayer switch Access point Analog modem DOCSIS modem"

C Explanation:

Q11 Which of the following protocols uses label-switching routers and label-edge routers to forward traffic? "BGP OSPF IS-IS MPLS"

D Explanation:

Q69 A network technician must create a wireless link between two buildings in an office park utilizing the 802.11ac standard. The antenna chosen must have a small physical footprint and minimal weight as it will be mounted on the outside of the building. Which of the following antenna types is BEST suited for this solution? "Yagi Omni-directional Parabolic Patch"

D A patch antenna is a type of radio antenna with a low profile, which can be mounted on a flat surface. A patch antenna is typically mounted to a wall or a mast and provides coverage in a limited angle pattern.

Q110 A network technician is performing a wireless survey in the office and discovers a device that was not installed by the networking team. This is an example of which of following threats? "Bluesnarfing DDoS Brute force Rogue AP"

D A rogue access point is when a wireless access point is located on a network without the administrator being aware of it. Therefore, if the device was not installed by the networking team, the administrator would not know about it being there.

Q15 An F-connector is used on which of the following types of cabling? "CAT3 Single mode fiber CAT5 RG6"

D An F connector is a coaxial RF connector commonly used for terrestrial television, cable television and universally for satellite television and cable modems, usually with RG-6/U cable or, in older installations, with RG-59/U cable.

Q71 An organization notices a large amount of malware and virus incidents at one satellite office, but hardly any at another. All users at both sites are running the same company image and receive the same group policies. Which of the following has MOST likely been implemented at the site with the fewest security issues? "Consent to monitoring Business continuity measures Vulnerability scanning End-user awareness training"

D Users should have security awareness training and should have all accepted and signed acceptable use policy (AUP) agreements. User awareness training is one of the most significant countermeasures the company can implement.

Q76 An attacker has connected to an unused VoIP phone port to gain unauthorized access to a network. This is an example of which of the following attacks? "Smurf attack VLAN hopping Bluesnarfing Spear phishing"

B "The VoIP phone port can be used to attack a VLAN on the local network. VLAN hopping is a computer security exploit, a method of attacking networked resources on a Virtual LAN (VLAN). The basic concept behind all VLAN hopping attacks is for an attacking host on a VLAN to gain access to traffic on other VLANs that would normally not be accessible."

Q113 A network technician has received a help desk ticket indicating that after the new wireless access point was installed, all of the media department’s devices are experiencing sporadic wireless connectivity. All other departments are connecting just fine and the settings on the new access point were copied from the baseline. Which of the following is a reason why the media department is not connecting? "Wrong SSID Rogue access point Placement Channel mismatch"

C The sporadic wireless connectivity is being caused by interference. Moving the access point to a different location would solve the problem.

Q29 A company wants to create highly available datacenters. Which of the following will allow the company to continue to maintain an Internet presence at all sites in the event that a WAN circuit at one site goes down? "Load balancer VRRP OSPF BGP"

D "A collection of networks that fall within the same administrative domain is called an autonomous system (AS). In this question, each datacenter will be an autonomous system. The routers within an AS use an interior gateway protocol, such as the Routing Information Protocol (RIP) or the Open Shortest Path First (OSPF) protocol, to exchange routing information among themselves. At the edges of an AS are routers that communicate with the other AS’s on the Internet, using an exterior gateway protocol such as the Border Gateway Protocol (BGP). If a WAN link goes down, BGP will route data through another WAN link if redundant WAN links are available."

Q152 Which of the following PDUs is used by a connectionless protocol? "Frames Segments Streams Datagram"

D UDP is a connectionless transport protocol that operates in the transport layer of the OSI model. UDP stands for User Datagram Protocol. PDUs (Protocol Data Units) used by UDP are known as Datagrams.

Q19 A network topology that utilizes a central device with point-to-point connections to all other devices is which of the following? "Star Ring Mesh Bus"

A "A Star network is the most common network in use today. Ethernet networks with computers connected to a switch (or a less commonly a hub) form a star network. The switch forms the central component of the star. All network devices connect to the switch. A network switch has a MAC address table which it populates with the MAC address of every device connected to the switch. When the switch receives data on one of its ports from a computer, it looks in the MAC address table to discover which port the destination computer is connected to. The switch then unicasts the data out through the port that the destination computer is connected to."

Q40 A VLAN with a gateway offers no security without the addition of: "An ACL. 802.1w. A RADIUS server. 802.1d."

A "A gateway in a VLAN connects to another network. The other network can be the Internet, another subnet on the network or another VLAN. The gateway will be a router and for security, it should also be a firewall. A firewall is a system designed to prevent unauthorized access to or from a private network. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. Firewalls use ACLs (access control lists) to determine which traffic is allowed through the firewall. All traffic entering or leaving the intranet passes through the firewall, which examines each message and blocks or allows the message depending on rules specified in the ACL. The rules in the ACL specify which combinations of source IP address, destination address in IP port numbers are allowed."

Q118 A network technician has been assigned to install an additional router on a wireless network. The router has a different SSID and frequency. All users on the new access point and the main network can ping each other and utilize the network printer, but all users on the new router cannot get to the Internet. Which of the following is the MOST likely cause of this issue? "The gateway is misconfigured on the new router. The subnet mask is incorrect on the new router. The gateway is misconfigured on the edge router. The SSID is incorrect on the new router."

A "A missing or incorrect default gateway parameter limits communication to the local segment. The question states: “All users on the new access point and the main network can ping each other and utilize the network printer, but all users on the new router cannot get to the Internetâ€."

Q92 "A firewall ACL is configured as follows: 10. Deny Any Trust to Any DMZ eq to TCP port 22 11. Allow 10.200.0.0/16 to Any DMZ eq to Any 12. Allow 10.0.0.0/8 to Any DMZ eq to TCP ports 80, 443 13. Deny Any Trust to Any DMZ eq to Any A technician notices that users in the 10.200.0.0/16 network are unable to SSH into servers in the DMZ. The company wants 10.200.0.0/16 to be able to use any protocol, but restrict the rest of the 10.0.0.0/8 subnet to web browsing only. Reordering the ACL in which of the following manners would meet the company’s objectives?" "11, 10, 12, 13 12, 10, 11, 13 13, 10, 12, 11 13, 12, 11, 10"

A "ACL are processed in TOP DOWN process in routers or switches. This means that when a condition in the ACL is met, all processing is stopped. We start by allowing any protocol on the 10.200.0.0/16 subnet:11. Allow 10.200.0.0/16 to Any DMZ eq to Any We then deny any traffic on TCP port 22:10. Deny Any Trust to Any DMZ eq to TCP port 22 We allow browsing (port 80 and 443) on the 10.0.0.0/8 subnet:Allow 10.0.0.0/8 to Any DMZ eq to TCP ports 80, 443 Finally we deny all other traffic:13. Deny Any Trust to Any DMZ eq to Any"

Q28 A host has been assigned the address 169.254.0.1. This is an example of which of the following address types? "APIPA MAC Static Public"

A "APIPA stands for Automatic Private IP Addressing and is a feature of Windows operating systems. When a client computer is configured to use automatic addressing (DHCP), APIPA assigns a class B IP address from 169.254.0.0 to 169.254.255.255 to the client when a DHCP server is unavailable. When a client computer configured to use DHCP boots up, it first looks for a DHCP server to provide the client with IP address and subnet mask. If the client is unable to contact a DHCP server, it uses APIPA to automatically configure itself with an IP address from a range that has been reserved especially for Microsoft. The client also configures itself with a default class B subnet mask of 255.255.0.0. The client will use the self-configured IP address until a DHCP server becomes available."

Q77 Packet analysis reveals multiple GET and POST requests from an internal host to a URL without any response from the server. Which of the following is the BEST explanation that describes this scenario? "Compromised system Smurf attack SQL injection attack Man-in-the-middle"

A "As the extra unexplainable traffic comes from an internal host on your network we can assume that this host has been compromised. If your system has been compromised, somebody is probably using your machineâ€"possibly to scan and find other machines to compromise"

Q57 An outside organization has completed a penetration test for a company. One of the items on the report is reflecting the ability to read SSL traffic from the web server. Which of the following is the MOST likely mitigation for this reported item? "Ensure patches are deployed Install an IDS on the network Configure the firewall to block traffic on port 443 Implement a VPN for employees"

A "As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by releasing a patch. A patch is designed to correct a known bug or fix a known vulnerability, such as in this case to be able to read SSL traffic, in a piece of software. A patch differs from an update, which, in addition to fixing a known bug or vulnerability, adds one or more features to the software being updated."

Q134 Which of the following will negotiate standoff timers to allow multiple devices to communicate on congested network segments? "CSMA/CD OSPF DOCSIS BGP"

A "Carrier Sense Multiple Access/Collision Detect (CSMA/CD) is used by devices in an Ethernet network for transmitting data on the network. Any device on an Ethernet network can send data at any time. The network devices sense when the line is idle and therefore available for the transmission of data. The network device then transmits a data frame onto the network. If another device sends a frame at exactly the same time, a collision occurs and the frames are discarded. The network devices will then wait for a random period of time before attempting to send the frame again."

Q4 Which of the following is used to define how much bandwidth can be used by various protocols on the network? "Traffic shaping High availability Load balancing Fault tolerance"

A "If a network connection becomes saturated to the point where there is a significant level of contention, network latency can rise substantially. Traffic shaping is used to control the bandwidth used by network traffic. In a corporate environment, business-related traffic may be given priority over other traffic. Traffic can be prioritized based on the ports used by the application sending the traffic. Delayed traffic is stored in a buffer until the higher priority traffic has been sent."

Q133 "A network administrator is using a packet analyzer to determine an issue on the local LAN. Two separate computers are showing an error message on the screen and are unable to communicate with other computers in the same lab. The network administrator looks at the following output: SRC MACSRC IPDST MACDST IP 00:1D:1F:AB:10:7D192.168.1.10:200015:BE:9F:AB:10:1D192.168.1.14:1200 05:DD:1F:AB:10:27192.168.1.10:100022:C7:2F:AB:10:A2192.168.1.15:1300 Given that all the computers in the lab are directly connected to the same switch, and are not using any virtualization technology, at which of the following layers of the OSI model is the problem occurring?" "Network Application Data link Transport"

A "If we look at the Source Mac column, we can see two different MAC addresses. Every network interface card has a unique MAC address. These are the network cards in the two separate computers. If we look in the Source IP column, we can see that the two network cards have been assigned the same IP address (192.168.1.10). This is the problem in this question. The error message on the screens will be saying that “An IP conflict existsâ€. Every network card connected to the network needs to be configured with a different IP address. As the problem is with the IP address configuration of the two computers, we know that the problem is occurring at the Network layer (layer 3) of the OSI model. The network layer is responsible for Internet Protocol (IP) addressing and routing."

Q136 The management team wants to set up a wireless network in their office but all of their phones operate at the 2.4 GHz frequency. They need a wireless network that would be able to operate at a higher frequency than their phones. Which of following standards should be used? "802.11a 802.11b 802.11g 802.1x"

A "In this question, we need a wireless network that operates at a frequency higher than the 2.4GHz frequency. 802.11 is a set of IEEE standards that govern wireless networking transmission methods. The 802.11 standards commonly used today to provide wireless connectivity in home or office wireless networks are 802.11a, 802.11b, 802.11g, 802.11n and 802.11ac. The 802.11a standard supports speeds up to 54Mbps and uses the 5-GHz band."

Q53 Network segmentation provides which of the following benefits? "Security through isolation Link aggregation Packet flooding through all ports High availability through redundancy"

A "Network segmentation in computer networking is the act or profession of splitting a computer network into subnetworks, each being a network segment. Advantages of such splitting are primarily for boosting performance and improving security through isolation. Advantages of network segmentation: Improved security: Broadcasts will be contained to local network. Internal network structure will not be visible from outside Reduced congestion: Improved performance is achieved because on a segmented network there are fewer hosts per subnetwork, thus minimizing local traffic Containing network problems: Limiting the effect of local failures on other parts of network."

Q65 A technician is configuring a managed switch and needs to enable 802.3af. Which of the following should the technician enable? "PoE Port bonding VLAN Trunking"

A "Power over Ethernet (PoE) is defined by the IEEE 802.3af and 802.3at standards. PoE allows an Ethernet switch to provide power to an attached device (for example, a wireless access point, security camera, or IP phone) by applying power to the same wires in a UTP cable that are used to transmit and receive data."

Q139 A company is deploying a new wireless network and requires 800Mbps network throughput. Which of the following is the MINIMUM configuration that would meet this need? "802.11ac with 2 spatial streams and an 80MHz bandwidth 802.11ac with 3 spatial streams and a 20MHz bandwidth 802.11ac with 3 spatial streams and a 40MHz bandwidth 802.11ac with 4 spatial streams and a 160MHz bandwidth"

A "Spatial streaming is used in wireless communications where multiple-input-multiple-output (MIMO) is being used. With MIMO, multiple antennas are used for transmission and reception. MIMO was available in 802.11n but its capabilities have been extended in 802.11ac. 802.11ac supports a mandatory 80 MHz channel bandwidth for stations (vs. 40 MHz maximum in 802.11n), 160 MHz available optionally and more (up to 8) special streams. A single antenna and 80 MHz channel bandwidth provides a bandwidth of 433Mbps. In this question, we need a minimum bandwidth of 800Mbps. Two antennas and 80 MHz channel bandwidth provides a bandwidth of 867Mbps and therefore meets the requirement."

Q74 Which of the following describes a smurf attack? "Attack on a target using spoofed ICMP packets to flood it Intercepting traffic intended for a target and redirecting it to another Spoofed VLAN tags used to bypass authentication Forging tags to bypass QoS policies in order to steal bandwidth"

A "The Smurf Attack is a distributed denial-of-service attack in which large numbers of Internet Control Message Protocol (ICMP) packets with the intended victim’s spoofed source IP are broadcast to a computer network using an IP Broadcast address. Most devices on a network will, by default, respond to this by sending a reply to the source IP address. If the number of machines on the network that receive and respond to these packets is very large, the victim’s computer will be flooded with traffic. This can slow down the victim’s computer to the point where it becomes impossible to work on."

Q131 A network engineer is dispatched to an employee office to troubleshoot an issue with the employee’s laptop. The employee is unable to connect to local and remote resources. The network engineer flips the laptop’s wireless switch on to resolve the issue. At which of the following layers of the OSI model was the issue resolved? "Layer 1 Layer 2 Layer 3 Layer 4 Layer 7"

A "The bottom layer of the OSI reference model is Layer 1, the physical layer. The physical layer is the layer that defines the hardware elements of a network. These elements include: Network Interface Cards Network topology Network cabling The type of signals used for data transmittions In this question, the network engineer flipped the laptop’s wireless switch on to resolve the issue. The laptop was unable to connect to the wireless network because the wireless network interface card was switched off. Switching the wireless network interface card on enabled the laptop to connect to the wireless network. The wireless network interface card is a physical layer device."

Q73 A network technician is assisting the company with developing a new business continuity plan. Which of the following would be an appropriate suggestion to add to the plan? "Build redundant links between core devices Physically secure all network equipment Maintain up-to-date configuration backups Perform reoccurring vulnerability scans"

A "The business continuity plan focuses on the tasks carried out by an organization to ensure that critical business functions continue to operate during and after a disaster. By keeping redundant links between core devices critical business services can be kept running if one link is unavailable during a disaster."

Q79 A company has decided to update their usage policy to allow employees to surf the web unrestricted from their work computers. Which of the following actions should the IT security team implement to help protect the network from attack as a result of this new policy? "Install host-based anti-malware software Implement MAC filtering on all wireless access points Add an implicit deny to the core router ACL Block port 80 outbound on the company firewall Require users to utilize two-factor authentication"

A "To protect the computers from employees installing malicious software they download on the internet, antimalware should be run on all systems. After a single machine in a company is compromised and is running malicious software (malware), the attacker can then use that single computer to proceed further into the internal network using the compromised host as a pivot point. The malware may have been implemented by an outside attacker or by an inside disgruntled employee."

Q13 An administrator notices an unused cable behind a cabinet that is terminated with a DB-9 connector. Which of the following protocols was MOST likely used on this cable? "RS-232 802.3 ATM Token ring"

A A DB-9 connector is used on serial cables. Serial cables use the RS-232 protocol which defines the functions of the 9 pins in a DB-9 connector. The RS-232 standard was around long before computers. It’s rare to see a new computer nowadays with a serial port but they were commonly used for connecting external analog modems, keyboards and mice to computers.

Q116 A technician is tasked with connecting a router to a DWDM. The technician connects the router to the multiplexer and confirms that there is a good signal level. However, the interface on the router will not come up. Which of the following is the MOST likely cause? "The wrong wavelength was demuxed from the multiplexer. The SFP in the multiplexer is malfunctioning. There is a dirty connector on the fiber optic cable. The fiber optic cable is bent in the management tray."

A A multiplexer (or mux) is a device that selects one of several analog or digital input signals and forwards the selected input into a single line. A demultiplexer (or demux) is a device taking a single input signal and selecting one of many data-output-lines, which is connected to the single input. Since the signal going in is good, the problem must be with the signal output. If the correct wavelength was demultiplexed, the interface will be displayed on the router.

Q41 A company is experiencing accessibility issues reaching services on a cloud-based system. Which of the following monitoring tools should be used to locate possible outages? "Network analyzer Packet analyzer Protocol analyzer Network sniffer"

A A network analyzer is a useful tool, helping you do things like track traffic and malicious usage on the network.

Q62 A desktop computer is connected to the network and receives an APIPA address but is unable to reach the VLAN gateway of 10.10.100.254. Other PCs in the VLAN subnet are able to reach the Internet. Which of the following is MOST likely the source of the problem? "802.1q is not configured on the switch port APIPA has been misconfigured on the VLAN Bad SFP in the PC’s 10/100 NIC OS updates have not been installed"

A APIPA addresses are self-configured and are used when the client is unable to get proper IP configuration from a DHCP server. One possible source of this problem is that switch port, to which the computer is connected, is misconfigured. The 802.1q protocol is used to configure VLAN trunking on switch ports.

Q21 Which of the following refers to a network that spans several buildings that are within walking distance of each other? "CAN WAN PAN MAN"

A CAN stands for Campus Area Network or Corporate Area Network. Universities or colleges often implement CANs to link the buildings in a network. The range of CAN is 1KM to 5KM. If multiple buildings have the same domain and they are connected with a network, then it will be considered as a CAN.

Q63 Which of the following communication technologies would MOST likely be used to increase bandwidth over an existing fiber optic network by combining multiple signals at different wavelengths? "DWDM SONET ADSL LACP"

A Dense wavelength-division multiplexing (DWDM) is a high-speed optical network type commonly used in MANs (metropolitan area networks). DWDM uses as many as 32 light wavelengths on a single fiber, where each wavelength can support as many as 160 simultaneous transmissions using more than eight active wavelengths per fiber.

Q51 A system administrator has been tasked to ensure that the software team is not affecting the production software when developing enhancements. The software that is being updated is on a very short SDLC and enhancements must be developed rapidly. These enhancements must be approved before being deployed. Which of the following will mitigate production outages before the enhancements are deployed? "Implement an environment to test the enhancements. Implement ACLs that only allow management access to the enhancements. Deploy an IPS on the production network. Move the software team’s workstations to the DMZ."

A Environments are controlled areas where systems developers can build, distribute, install, configure, test, and execute systems that move through the Software Development Life Cycle (SDLC). The enhancements can be deployed and tested in a test environment before they are installed in the production environment.

Q145 An organization is moving to a new datacenter. During the move, several technicians raise concerns about a system that could potentially remove oxygen from the server room and result in suffocation. Which of the following systems are they MOST likely discussing? "Fire suppression Mantraps at the entry HVAC UPS and battery backups"

A Fire suppression systems are often deployed in server rooms to prevent a fire destroying all the I.T. equipment. Different fire suppression systems work in different ways. Obviously a fire suppression system that sprays water onto the fire is no good for a server room as the water would do as much damage as the fire. A common fire suppression system used in server rooms is one that suppresses the fire by starving it of oxygen. One way the oxygen can be removed from the server room is to fill the server room with an inert gas such as carbon dioxide.

Q85 A company wants to make sure that users are required to authenticate prior to being allowed on the network. Which of the following is the BEST way to accomplish this? "802.1x 802.1p Single sign-on Kerberos"

A For security purposes, some switches require users to authenticate themselves (that is, provide credentials, such as a username and password, to prove who they are) before gaining access to the rest of the network. A standards-based method of enforcing user authentication is IEEE 802.1X.

Q72 Which of the following technologies is designed to keep systems uptime running in the event of a disaster? "High availability Load balancing Quality of service Caching engines"

A If a network switch or router stops operating correctly (meaning that a network fault occurs), communication through the network could be disrupted, resulting in a network becoming unavailable to its users. Therefore, network availability, called uptime, is a major design consideration.

Q22 Which of the following refers to a network that spans several buildings that are within walking distance of each other? "PAN LAN WLAN MAN"

A PAN stands for Personal Area Network. It is a network of devices in the area of a person typically within a range of 10 meters and commonly using a wireless technology such as Bluetooth or IR (Infra-Red).

Q124 A network administrator recently installed a web proxy server at a customer’s site. The following week, a system administrator replaced the DNS server overnight. The next day, customers began having issues accessing public websites. Which of the following will resolve the issue? "Update the DNS server with the proxy server information. Implement a split horizon DNS server. Reboot the web proxy and then reboot the DNS server. Put the proxy server on the other side of the demarc."

A Proxy servers act as an intermediary for requests from clients seeking resources from other servers. If the DNS server is not communicating with the proxy server, these requests are not forwarded. Therefore, updating the DNS server with the proxy server information will solve the problem.

Q83 A technician needs to secure web traffic for a new e-commerce website. Which of the following will secure traffic between a web browser and a website? "SSL DNSSEC WPA2 MTU"

A Secure Sockets Layer (SSL) provides cryptography and reliability for upper layers (Layers 5â€"7) of the OSI model. SSL (and TLS) provide secure web browsing (web traffic) via Hypertext Transfer Protocol Secure (HTTPS).

Q59 Which of the following protocols must be implemented in order for two switches to share VLAN information? "VTP MPLS STP PPTP"

A The VLAN Trunking Protocol (VTP) allows a VLAN created on one switch to be propagated to other switches in a group of switches (that is, a VTP domain).

Q153 A network technician is utilizing a network protocol analyzer to troubleshoot issues that a user has been experiencing when uploading work to the internal FTP server. Which of the following default port numbers should the technician set the analyzer to highlight when creating a report? (Select TWO). "20 21 22 23 67 68 69"

A,B FTP (File Transfer Protocol) is used for transferring files between an FTP client and an FTP server. FTP uses TCP Ports 20 and 21.

Q8 Joe, a network technician, is setting up a DHCP server on a LAN segment. Which of the following options should Joe configure in the DHCP scope, in order to allow hosts on that LAN segment using dynamic IP addresses, to be able to access the Internet and internal company servers? (Select THREE). "Default gateway Subnet mask Reservations TFTP server Lease expiration time of 1 day DNS servers Bootp"

A,B,F Explanation:

Q70 Which of the following concepts are MOST important for a company’s long term health in the event of a disaster? (Select TWO). "Redundancy Implementing acceptable use policy Offsite backups Uninterruptable power supplies Vulnerability scanning"

A,C "In case of disaster you must protect your data. Some of the most common strategies for data protection include: backups made to tape and sent off-site at regular intervals backups made to disk on-site and automatically copied to off-site disk, or made directly to off-site disk the use of high availability systems which keep both the data and system replicated off-site (making the main site redundant), enabling continuous access to systems and data, even after a disaster."

Q132 When troubleshooting a network problem, browsing through the log of a switch, it is discovered that multiple frames contain errors. In which of the following layers does the problem reside? (Select TWO). "Layer 2 Layer 3 Layer 5 Transport layer Data link Physical layer"

A,E "Layer 2 of the OSI reference model is the data-link layer. Components of the data-link layer include frame-format, Media Access Control (MAC) addressing, protocol identification and error detection. When data is being sent, it is split into protocol data units (PDUs) as it passes through the layers of the OSI model. The PDUs have different names as they are passed through the layers of the OSI model. In layer 2, the PDU is called a ‘Frame’. The most common protocol specified in the data-link layer is Ethernet and the most common network component in the data-link layer is a network switch. In this question, problems are discovered with Ethernet frames by examining the logs in a network switch. Therefore, for this question, we are working in Layer 2, the data-link layer."

Q20 Which of the following network topologies has a central, single point of failure? "Ring Star Hybrid Mesh"

B "A Star network is the most common network in use today. Ethernet networks with computers connected to a switch (or a less commonly a hub) form a star network. The switch forms the central component of the star. All network devices connect to the switch. A network switch has a MAC address table which it populates with the MAC address of every device connected to the switch. When the switch receives data on one of its ports from a computer, it looks in the MAC address table to discover which port the destination computer is connected to. The switch then unicasts the data out through the port that the destination computer is connected to. The switch that forms the central component of a star network is a single point of failure. If the switch fails, no computers will be able to communicate with each other."

Q89 Which of the following physical security controls prevents an attacker from gaining access to a network closet? "CCTVs Proximity readers Motion sensors IP cameras"

B "A proximity card is a physical card which used to get access to a physical area such as a network closet. It is a “contactless†smart card which can be read without inserting it into a reader device, as required by earlier magnetic stripe cards such as credit cards and “contact†type smart cards. The proximity cards are part of the Contactless card technologies. Held near an electronic reader for a moment they enable the identification of an encoded number. Note: Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism."

Q24 Which of the following is an example of an IPv4 address? "192:168:1:55 192.168.1.254 00:AB:FA:B1:07:34 ::1"

B "An IPv4 address is notated as four decimal numbers each between 0 and 255 separated by dots (xxx.xxx.xxx.xxx). Each number is known as an octet as it represents eight binary bits. All four octets make up a 32-bit binary IPv4 address. In this question, 192.168.1.254 is a valid IPv4 address."

Q101 A network technician has detected duplicate IP addresses on the network. After testing the behavior of rogue DHCP servers, the technician believes that the issue is related to an unauthorized home router. Which of the following should the technician do NEXT in the troubleshooting methodology? "Document the findings and action taken. Establish a plan to locate the rogue DHCP server. Remove the rogue DHCP server from the network. Identify the root cause of the problem."

B "By testing the behavior of rogue DHCP servers and determining that the issue is related to an unauthorized home router, the technician has completed the third step in the 7-step troubleshooting process. The next step is to establish a plan of action to resolve the problem and identify potential effects. Establishing a plan to locate the rogue DHCP server meets the requirements of this step. 1. Identify the problem. Information gathering. Identify symptoms. Question users. Determine if anything has changed. 2. Establish a theory of probable cause. Question the obvious. 3. Test the theory to determine cause: When the theory is confirmed, determine the next steps to resolve the problem. If theory is not confirmed, re-establish a new theory or escalate. 4. Establish a plan of action to resolve the problem and identify potential effects. 5. Implement the solution or escalate as necessary. 6. Verify full system functionality and if applicable implement preventive measures. 7. Document findings, actions, and outcomes."

Q97 Ann, a network technician, was asked to remove a virus. Issues were found several levels deep within the directory structure. To ensure the virus has not infected the .mp4 files in the directory, she views one of the files and believes it contains illegal material. Which of the following forensics actions should Ann perform? "Erase the files created by the virus Stop and escalate to the proper authorities Check the remaining directories for more .mp4 files Copy the information to a network drive to preserve the evidence"

B "Computer forensics is about legal evidence found in computers and digital storage. A plan should include first responders securing the area and then escalating to senior management and authorities when required by policy or law."

Q49 An administrator reassigns a laptop to a different user in the company. Upon delivering the laptop to the new user, the administrator documents the new location, the user of the device and when the device was reassigned. Which of the following BEST describes these actions? "Network map Asset management Change management Baselines"

B "Documenting the location, the user of the device and the date of the reassignment would be part of the asset management. The best way to keep track of your computers and their configurations is to document them yourself. Large enterprise networks typically assign their own identification numbers to their computers and other hardware purchases as part of an asset management process that controls the entire life cycle of each device, from recognition of a need to retirement or disposal."

Q55 Which of the following requires the network administrator to schedule a maintenance window? "When a company-wide email notification must be sent. A minor release upgrade of a production router. When the network administrator’s laptop must be rebooted. A major release upgrade of a core switch in a test lab."

B "During an update of a production router the router would not be able to route packages and the network traffic would be affected. It would be necessary to announce a maintenance window. In information technology and systems management, a maintenance window is a period of time designated in advance by the technical staff, during which preventive maintenance that could cause disruption of service may be performed."

Q48 The RAID controller on a server failed and was replaced with a different brand. Which of the following will be needed after the server has been rebuilt and joined to the domain? "Vendor documentation Recent backups Physical IP address Physical network diagram"

B "If the RAID controller fails and is replaced with a RAID controller with a different brand the RAID will break. We would have to rebuild a new RAID disk, access and restore the most recent backup to the new RAID disk. Note: RAID controller is a hardware device or software program used to manage hard disk drives (HDDs) or solid-state drives (SSDs) in a computer or storage array so they work as a logical unit. In hardware-based RAID, a physical controller is used to manage the RAID array."

Q56 A company has implemented the capability to send all log files to a central location by utilizing an encrypted channel. The log files are sent to this location in order to be reviewed. A recent exploit has caused the company’s encryption to become unsecure. Which of the following would be required to resolve the exploit? "Utilize a FTP service Install recommended updates Send all log files through SMTP Configure the firewall to block port 22"

B "If the encryption is unsecure then we must look for encryption software updates or patches. If they are available we must install them. As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by releasing a patch. A patch is designed to correct a known bug or fix a known vulnerability in a piece of software. A patch differs from an update, which, in addition to fixing a known bug or vulnerability, adds one or more features to the software being updated."

Q138 A network technician has been tasked with designing a WLAN for a small office. One of the requirements of this design is that it is capable of supporting HD video streaming to multiple devices. Which of the following would be the appropriate wireless technology for this design? "802.11g 802.11ac 802.11b 802.11a"

B "In this question, we need a wireless network capable of supporting HD video streaming to multiple devices. We therefore need the fastest wireless network speed available. 802.11 is a set of IEEE standards that govern wireless networking transmission methods. The 802.11 standards commonly used today to provide wireless connectivity in home or office wireless networks are 802.11a, 802.11b, 802.11g, 802.11n and 802.11ac. The 802.11ac standard is the fastest wireless network supporting speeds of over 3Gbps and uses the 5-GHz band."

Q144 A technician has prolonged contact with a thermal compound. Which of the following resources should be consulted? "HCL MSDS SLA HVAC"

B "MSDS stands for Material Safety Data Sheet. An MSDS is a health and safety document that contains information on the potential hazards of working with a chemical product and how to work safely with the chemical product. In this question, the thermal compound is a chemical product so the MSDS will provide information about the effects of prolonged contact with the thermal compound."

Q34 Which of the following network elements enables unified communication devices to connect to and traverse traffic onto the PSTN? "Access switch UC gateway UC server Edge router"

B "People use many methods of communication nowadays such as voice, email, video and instant messaging. People also use many different devices to communicate such as smart phones, PDAs, computers etc. Unified Communications (UC) enables people using different modes of communication, different media, and different devices to communicate with anyone, anywhere, at any time. Many communication methods use digital signals. To send a digital signal over the analog PSTN, you need a gateway (in this case a UC Gateway) to convert the digital signals into an analog format that can be sent over the PSTN."

Q142 A service provider is unable to maintain connectivity to several remote sites at predetermined speeds. The service provider could be in violation of the: "MLA. SLA. SOW. MOU."

B "SLA stands for Service Level Agreement. This is a common document in business used to define a minimum standard of service that a customer can expect from a supplier. SLA’s are particularly common in the I.T. sector where a service provider is offering a service to a customer. As a customer, you want your hosted services and Internet or WAN connections to be available all the time. SLAs often guarantee 99.9% uptime for a service. In this question, the service provider is providing WAN links to remote sites with a guaranteed bandwidth on the WAN links. A failure to maintain the connectivity to the remote sites would be a violation of the Service Level Agreement (SLA)."

Q37 A company has a new offering to provide access to their product from a central location rather than clients internally hosting the product on the client network. The product contains sensitive corporate information that should not be accessible from one client to another. This is an example of which of the following? "Public SaaS Private SaaS Hybrid IaaS Community IaaS"

B "SaaS stands for Software as a Service. This is a cloud model whereby a service provider provides a software service and makes the service available to customers over the Internet. Examples of Saas include Microsoft Office 365, Microsoft Exchange Online, Microsoft Lync Online etc. Advantages of Saas include ease of administration: no need to install and configure local servers, no need to configure backups, no need to keep the software patched, no need to worry about system recovery, lower costs: saving on the purchase of server hardware and software; with SaaS, you lease the service paying either monthly or yearly and compatibility by ensuring that all users are using the same version of software. There are two types of SaaS: public and private. With public Saas, multiple customers (usually companies) share the same servers running the software. With private Saas, the servers running the software are dedicated to a single customer which provides the isolation and extra security required when dealing with sensitive information."

Q130 When a client calls and describes a problem with a computer not being able to reach the Internet, in which of the following places of the OSI model would a technician begin troubleshooting? "Transport layer Physical layer Network layer Session layer"

B "The bottom layer of the OSI reference model is Layer 1, the physical layer. The physical layer is the layer that defines the hardware elements of a network. These elements include: Network Interface Cards Network topology Network cabling The type of signals used for data transmissions When troubleshooting a network connectivity issue, the first thing you would check is the computer’s network cabling, the network card etc. In other words, the computer’s physical connection to the network."

Q25 A technician, Joe, needs to troubleshoot a recently installed NIC. He decides to ping the local loopback address. Which of the following is a valid IPv4 loopback address? "10.0.0.1 127.0.0.1 172.16.1.1 192.168.1.1"

B "The loopback address is a special IP address that is designated for the software loopback interface of a computer. The loopback interface has no hardware associated with it, and it is not physically connected to a network. The loopback address causes any messages sent to it to be returned to the sending system. The loopback address allows client software to communicate with server software on the same computer. Users specify the loopback address which will point back to the computer’s TCP/IP network configuration. In IPv4, the loopback address is 127.0.0.1. In IPv6, the loopback address is 0:0:0:0:0:0:0:1, more commonly notated as follows. ::1"

Q23 Which of the following describes an IPv6 address of ::1? "Broadcast Loopback Classless Multicast"

B "The loopback address is a special IP address that is designated for the software loopback interface of a computer. The loopback interface has no hardware associated with it, and it is not physically connected to a network. The loopback address causes any messages sent to it to be returned to the sending system. The loopback address allows client software to communicate with server software on the same computer. Users specify the loopback address which will point back to the computer’s TCP/IP network configuration. In IPv4, the loopback address is 127.0.0.1. In IPv6, the loopback address is 0:0:0:0:0:0:0:1, which can be shortened to ::1"

Q140 A network technician is attempting to connect a new host to existing manufacturing equipment on an Ethernet network. The technician is having issues trying to establish communication between the old equipment and the new host. The technician checks the cabling for breaks and finds that the CAT3 cable in use is in perfect condition. Which of the following should the technician check to ensure the new host will connect? "Confirm the new host is using 10GBaseSR due to the manufacturing environment Confirm the new host is compatible with 10BaseT Ethernet Confirm the existing 10Base2 equipment is using the proper frame type Confirm that CSMA/CD is disabled on the Ethernet network"

B "The question states that the equipment is old and that CAT3 cabling is being used. 10BaseT Ethernet networks are old and slow by today’s standards. 10BaseT Ethernet networks use CAT3 UTP cabling and offer a maximum bandwidth of just 10Mpbs. A new host computer nowadays will have a network card that supports 1000Mpbs to be used with CAT5, CAT5e or CAT6 network cables in a 1000BaseT network. In this question, we need to check that the network card on the new host computer is backwardcompatible with the old 10BaseT network."

Q151 Which of the following is the main difference between TCP and UDP? "TCP data flows in two directions, while UDP data flows from server to client. The TCP header implements flags, while the UDP header does not. The TCP header implements checksum, while the UDP header does not. TCP connections can be secured by stateful firewalls, while UDP connections cannot."

B "Transmission Control Protocol (TCP) is a connection-oriented transport protocol. Connection-oriented transport protocols provide reliable transport. When a computer wants to send data to another computer, TCP will first establish a connection between the two computers. When a sending computer sends data segments, the receiving computer acknowledges receipt of the segments. If the receiving computer does not receive an expected segment, the sending computer will send it again. User Datagram Protocol (UDP) is a connectionless transport protocol. Connectionless transport protocols provide unreliable transport. With UDP, there is no connection establishment between the sending and receiving computers. If a data segment is lost in transit, the sending computer will not know about it so it will not resend the segment. TCP uses control messages to manage the process of contact and communication. TCP uses a set of control flags in the TCP header to indicate whether a segment is being used for control purposes or just to carry data."

Q14 Which of the following connection types is used to terminate DS3 connections in a telecommunications facility? "66 block BNC F-connector RJ-11"

B A DS3 (Digital Signal 3) is also known as a T3 line with a maximum bandwidth of 44.736 Mbit/s. DS3 uses 75 ohm coaxial cable and BNC connectors.

Q155 A network administrator has created a virtual machine in the cloud. The technician would like to connect to the server remotely using RDP. Which of the following default ports needs to be opened? "445 3389 5004 5060"

B RDP (Remote Desktop Protocol) is used for connecting to a remote Windows computer. When using RDP to connect to a remote Windows computer, you can view and control the desktop of the remote computer. RDP uses TCP port 3389.

Q3 Which of the following network devices use ACLs to prevent unauthorized access into company systems? "IDS Firewall Content filter Load balancer"

B A firewall is a system designed to prevent unauthorized access to or from a private network. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. Firewalls use ACLs (access control lists) to determine which traffic is allowed through the firewall. All traffic entering or leaving the intranet passes through the firewall, which examines each message and blocks or allows the message depending on rules specified in the ACL. The rules in the ACL specify which combinations of source IP address, destination address in IP port numbers are allowed.

Q125 Two weeks after installation, a network technician is now unable to log onto any of the newly installed company switches. The technician suspects that a malicious user may have changed the switches’ settings before they were installed in secure areas. Which of the following is the MOST likely way in which the malicious user gained access to the switches? "Via SSH using the RADIUS shared secret Via HTTP using the default username and password Via console using the administrator’s password Via SNMP using the default RO community"

B A new network switch is accessed via HTTP to perform the initial configuration. The username and password used is a factory default.

Q96 Which of the following is a security benefit gained from setting up a guest wireless network? "Optimized device bandwidth Isolated corporate resources Smaller ACL changes Reduced password resets"

B A wireless guest network could be set up so that it has limited access (no access to local resources) but does provide Internet access for guest users. The corporate resources would be inaccessible (isolated) from the guest network.

Q106 After connecting a workstation directly to a small business firewall, a network administrator is trying to manage it via HTTPS without losing its stored configuration. The only two pieces of information that the network administrator knows about the firewall are the management interface MAC address, which is 01:4a:d1:fa:b1:0e, and the administrator’s password. Which of the following will allow the administrator to log onto the firewall via HTTPS if the management’s IP address is unknown and the administrator’s workstation IP address is 192.168.0.10/23? "Use the reset button on the back of the firewall to restore it to its factory default, and then log onto Run the following command on the administrator’s workstation: arp â€"s 192.168.1.200 01:4a:d1:fa:b1:0e Use an SNMP tool to query the firewall properties and determine the correct management IP address Use a crossover cable to connect to the console port and reconfigure the firewall management IP to 192.168.0.1"

B Address Resolution Protocol (ARP) is used to resolve IP addresses to MAC addresses. The arp â€"s command adds a static permanent address to the ARP cache. This will allow the administrator to access the firewall.

Q75 A malicious user floods a switch with frames hoping to redirect traffic to the user’s server. Which of the following attacks is the user MOST likely using? "DNS poisoning ARP poisoning Reflection SYN attack"

B Address Resolution Protocol poisoning (ARP poisoning) is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks an Ethernet LAN by changing the target computer’s ARP cache with a forged ARP request and reply packets. This modifies the layer -Ethernet MAC address into the hacker’s known MAC address to monitor it. Because the ARP replies are forged, the target computer unintentionally sends the frames to the hacker’s computer first instead of sending it to the original destination. As a result, both the user’s data and privacy are compromised.

Q9 A technician just completed a new external website and setup access rules in the firewall. After some testing, only users outside the internal network can reach the site. The website responds to a ping from the internal network and resolves the proper public address. Which of the following could the technician do to fix this issue while causing internal users to route to the website using an internal address? "Configure NAT on the firewall Implement a split horizon DNS Place the server in the DMZ Adjust the proper internal ACL"

B Explanation:

Q129 Which of the following WAN technologies is associated with high latency? "T1 Satellite Cable OCx"

B Latency in this instance is the time it takes for the signal to and from the satellite. Since signal has to travel to the satellite, then from the satellite to the ground station, and then out to the Internet (or IP WAN). Not forgetting the return trip, and processing delays.

Q86 A wireless network technician for a local retail store is installing encrypted access points within the store for real-time inventory verification, as well as remote price checking capabilities, while employees are away from the registers. The store is in a fully occupied strip mall that has multiple neighbors allowing guest access to the wireless networks. There are a finite known number of approved handheld devices needing to access the store’s wireless network. Which of the following is the BEST security method to implement on the access points? "Port forwarding MAC filtering TLS/TTLS IP ACL"

B MAC filtering allows traffic to be permitted or denied based on a device’s MAC address. We make a MAC filtering which contains the MAC addresses of all approved devices that need to access the wireless network. This ensures that only approved devices are given access to the network.

Q146 Which of the following describes an area containing a rack that is used to connect customer equipment to a service provider? "110 block MDF DSU CSU"

B MDF stands for Main Distribution Frame. A Main Distribution Frame is a commonly a long steel rack accessible from both sides. On one side of the rack is cabling that connects the service provider’s network. The other side of the rack is for the connections to the customer’s equipment.

Q45 It has been determined by network operations that there is a severe bottleneck on the company’s mesh topology network. The field technician has chosen to use log management and found that one router is making routing decisions slower than others on the network. This is an example of which of the following? "Network device power issues Network device CPU issues Storage area network issues Delayed responses from RADIUS"

B Network processors (CPUs) are used in the manufacture of many different types of network equipment such as routers. Such a CPU on a router could become bottleneck for the network traffic. The routing through that device would then slow down.

Q38 A technician is helping a SOHO determine where to install the server. Which of the following should be considered FIRST? "Compatibility requirements Environment limitations Cable length Equipment limitations"

B SOHO stands for Small Office / Home Office. A SOHO network is typically a small network. Being a small network, it is unlikely that it will have a datacenter or even a dedicated server room. Any servers installed in the network will still have the same environmental requirements as servers in a large network. The servers should be in a secure isolated area if required. The servers also need to be kept cool and dry. Therefore, the first consideration in a SOHO office is “Environment limitationsâ€: where the servers and other network hardware will be located.

Q60 A technician is setting up a new network and wants to create redundant paths through the network. Which of the following should be implemented to prevent performance degradation? "Port mirroring Spanning tree ARP inspection VLAN"

B The Spanning Tree Protocol (STP) is a network protocol that ensures a loop-free topology for any bridged Ethernet local area network. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. Spanning tree also allows a network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops, or the need for manual enabling/disabling of these backup links.

Q107 A network technician has detected a personal computer that has been physically connected to the corporate network. Which of the following commands would the network technician use to locate this unauthorized computer and determine the interface it is connected to? "nbtstat â€"a show mac address-table show interface status show ip access-list nslookup hostname"

B The show mac address-table command is used to view the ageing timer, and also the unicast and multicast MAC addresses stored in the MAC address table by the switch. Furthermore, you can view all of the addresses in the table or only the addresses learned or specified on a particular port or VLAN.

Q109 A user connects to a wireless network at the office and is able to access unfamiliar SMB shares and printers. Which of the following has happened to the user? "The user is connected using the wrong channel. The user is connected to the wrong SSID. The user is experiencing an EMI issue. The user is connected to the wrong RADIUS server."

B The user is connecting to an SSID assigned to a different subnet. Therefore, the user has access to SMB shares and printers that are not recognizable.

Q114 A technician recently ran a 20-meter section of CAT6 to relocate a control station to a more central area on the production floor. Since the relocation, the helpdesk has received complaints about intermittent operation. During the troubleshooting process, the technician noticed that collisions are only observed on the switch port during production. Given this information, which of the following is the cause of the problem? "Distance limitation Electromagnetic interference Cross talk Speed and duplex mismatch"

B When cables are installed near electrical devices the signal within the cable might become corrupt. The cable connecting the control station to the switch port is now surrounded by the production machinery. Electromagnetic interference could occur when the machinery is running, causing the intermittent operation.

Q80 Which of the following would be the result of a user physically unplugging a VoIP phone and connecting it into another interface with switch port security enabled as the default setting? "The VoIP phone would request a new phone number from the unified communications server. The VoIP phone would cause the switch interface, that the user plugged into, to shutdown. The VoIP phone would be able to receive incoming calls but will not be able to make outgoing calls. The VoIP phone would request a different configuration from the unified communications server."

B Without configuring any other specific parameters, the switchport security feature will only permit one MAC address to be learned per switchport (dynamically) and use the shutdown violation mode; this means that if a second MAC address is seen on the switchport the port will be shutdown and put into the err-disabled state.

Q16 A network technician must utilize multimode fiber to uplink a new networking device. Which of the following Ethernet standards could the technician utilize? (Select TWO). "1000Base-LR 1000Base-SR 1000Base-T 10GBase-LR 10GBase-SR 10GBase-T"

B,E "1000BASE-SX is a fiber optic Gigabit Ethernet standard for operation over multi-mode fiber with a distance capability between 220 meters and 550 meters. 10Gbase-SR is a 10 Gigabit Ethernet LAN standard for operation over multi-mode fiber optic cable and short wavelength signaling."

Q135 Which of the following devices implements CSMA/CA virtually through the RTS/CTS protocols? "Firewall Router 802.11 AP Switch"

C "802.11 AP is a Wireless Access Point used in a wireless network. If two computers on a network send data frames at the same time, a collision between the frames can occur. The frames are then discarded and the sending computers will attempt to send the data again. Carrier sense multiple access with collision avoidance (CSMA/CA) is a protocol used in wireless networks where computers connected to the wireless network attempt to avoid collisions by transmitting data only when the channel is sensed to be “idleâ€. Carrier Sense Multiple Access/Collision Detect (CSMA/CD) is unreliable in wireless networks because computers connected to the wireless network often cannot see each other so CSMA/CA is a better option for avoiding collisions. Request to Send/Clear to Send (RTS/CTS) can also be used to mediate access to the wireless network. This goes some way to alleviating the problem of computers not being able to see each other because in a wireless network, the Wireless Access Point only issues a “Clear to Send†to one node at a time. With RTS/CTS, a Request to Send (RTS) packet is sent by the sending computer, and a Clear to Send (CTS) packet is sent by the intended receiver. This will alert all computers within range of the sender, receiver or both, to not transmit for the duration of the transmission. This is known as the IEEE 802.11 RTS/CTS exchange."

Q137 A user with an 802.11n WLAN card is connected to a SOHO network and is only able to connect at 11 Mbps with full signal strength. Which of the following standards is implemented on the network? "802.11a 802.11ac 802.11b 802.11g"

C "802.11 is a set of IEEE standards that govern wireless networking transmission methods. The 802.11 standards commonly used today to provide wireless connectivity in home or office wireless networks are 802.11a, 802.11b, 802.11g, 802.11n and 802.11ac. 802.11b supports speeds up to 11Mbps and uses the 2.4GHz frequency. In this question, the user is using an 802.11n WLAN card. Although the 802.11n WLAN card can support speeds up to 300Mbps, the user is only able to connect at 11Mbps because the user is connected to a wireless network configured to use 802.11b."

Q36 A SQL server needs several terabytes of disk space available to do an uncompressed backup of a database. Which of the following devices would be the MOST cost efficient to use for this backup? "iSCSI SAN FCoE SAN NAS USB flash drive"

C "A NAS is a Network Attached Storage device; typically a bunch of cheap hard disks, usually arranged in a Raid and consisting of either SAS (serial attached SCSI) or Sata disks just like the ones in most desktops. A NAS is essentially a file server that connects to an Ethernet network and is configured with a TCP/IP address. A NAS supports Windows networking and works at the file level as opposed to a SAN (Storage Area Network) which works at the block level when dealing with data. You can access file shares on a NAS in the same way that you would access file shares on a file server. A NAS is a much cheaper option than a SAN."

Q35 A technician is connecting a NAS device to an Ethernet network. Which of the following technologies will be used to encapsulate the frames? "HTTPS Fibre channel iSCSI MS-CHAP"

C "A NAS or a SAN will use either iSCSI or Fiber Channel. In this question, the NAS is connected to an Ethernet network. Therefore, iSCSI will most likely be used (Fiber Channel over Ethernet (FCoE) can be used but is less common). ISCSI means Internet SCSI. ISCSI uses TCP (Transmission Control Protocol) which enables it to be used over TCP/IP networks such as Ethernet. For Fiber channel, a separate Fiber Channel network would be required unless FCoE is used."

Q66 A technician has finished configuring AAA on a new network device. However, the technician is unable to log into the device with LDAP credentials but is able to do so with a local user account. Which of the following is the MOST likely reason for the problem? "Username is misspelled is the device configuration file IDS is blocking RADIUS Shared secret key is mismatched Group policy has not propagated to the device"

C "AAA through RADIUS uses a Server Secret Key (a shared secret key). A secret key mismatch could cause login problems. Authentication, authorization, and accounting (AAA) allows a network to have a single repository of user credentials. A network administrator can then, for example, supply the same credentials to log in to various network devices (for example, routers and switches). RADIUS and TACACS+ are protocols commonly used to communicate with an AAA server."

Q119 While troubleshooting a connectivity issue, a network technician determines the IP address of a number of workstations is 169.254.0.0/16 and the workstations cannot access the Internet. Which of the following should the technician check to resolve the problem? "Default gateway address Misconfigured DNS DHCP server NIC failure"

C "If a DHCP server fails, the workstations are assigned an address from the 169.254.0.0 address range by Automatic Private IP Addressing (APIPA). APIPA also configures a suitable subnet mask, but it doesn’t configure the system with a default gateway address. This allows communication on the local network, but not externally."

Q87 A network technician has set up an FTP server for the company to distribute software updates for their products. Each vendor is provided with a unique username and password for security. Several vendors have discovered a virus in one of the security updates. The company tested all files before uploading them but retested the file and found the virus. Which of the following could the technician do for vendors to validate the proper security patch? "Use TFTP for tested and secure downloads Require biometric authentication for patch updates Provide an MD5 hash for each file Implement a RADIUS authentication"

C "If we put an MD5 has for each file we can see if the file has been changed or not. MD5 is an algorithm that is used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that specific data as a fingerprint is to the specific individual."

Q44 A technician would like to track the improvement of the network infrastructure after upgrades. Which of the following should the technician implement to have an accurate comparison? "Regression test Speed test Baseline Statement of work"

C "In networking, baseline can refer to the standard level of performance of a certain device or to the normal operating capacity for your whole network. High-quality documentation should include a baseline for network performance, because you and your client need to know what “normal†looks like in order to detect problems before they develop into disasters. A network baseline delimits the amount of available bandwidth available and when. For networks and networked devices, baselines include information about four key components: Processor Memory Hard-disk (or other storage) subsystem Network adapter or subsystem"

Q94 The ability to make access decisions based on an examination of Windows registry settings, antivirus software, and AD membership status is an example of which of the following NAC features? "Quarantine network Persistent agents Posture assessment Non-persistent agents"

C "Network Admission Control (NAC) can permit or deny access to a network based on characteristics of the device seeking admission, rather than just checking user credentials. For example, a client’s OS, Windows Registry settings, AD membership status, and version of antivirus software could be checked against a set of requirements before allowing the client to access a network. This process of checking a client’s characteristics is called posture assessment."

Q84 A company has seen an increase in ransomware across the enterprise. Which of the following should be implemented to reduce the occurrences? "ARP inspection Intrusion detection system Web content filtering Port filtering"

C "Ransomware is a type of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed. The best way to avoid ransomware include proactive measures like the following: Don’t click on any URL or open an attachment you are not expecting. Implement an email content filtering service Install a web content filtering service Invest in leading end point security software solutions"

Q143 A customer has engaged a company to improve the availability of all of the customer’s services and applications, enabling the customer to minimize downtime to a few hours per quarter. Which of the following will document the scope of the activities the company will provide to the customer, including the intended outcomes? "MLA MOU SOW SLA"

C "SOW stands for Statement of Work. When a company has been hired for a project that involves many tasks, a statement of work is often issued at the start of the project. The SOW will outline the tasks or activities in a project, their costs and the timelines for deliverables within the project. In an IT project, the SOW would define what tasks will be performed (hardware and software upgrades etc.), why the work is being done and how long each stage of the project will take."

Q100 A user calls the help desk and states that he was working on a spreadsheet and was unable to print it. However, his colleagues are able to print their documents to the same shared printer. Which of the following should be the FIRST question the helpdesk asks? "Does the printer have toner? Are there any errors on the printer display? Is the user able to access any network resources? Is the printer powered up?"

C "The user has already provided you with the information relevant to the first step in the 7-step troubleshooting process. The next step is to “Question the obvious.†The user has stated: “…his colleagues are able to print their documents to the same shared printer.†The obvious question in this instance is whether the user can access any network resources. 1. Identify the problem. Information gathering. Identify symptoms. Question users. Determine if anything has changed. 2. Establish a theory of probable cause. Question the obvious. 3. Test the theory to determine cause: When the theory is confirmed, determine the next steps to resolve the problem. If theory is not confirmed, re-establish a new theory or escalate. 4. Establish a plan of action to resolve the problem and identify potential effects. 5. Implement the solution or escalate as necessary. 6. Verify full system functionality and if applicable implement preventive measures. 7. Document findings, actions, and outcomes."

Q18 A network engineer needs to set up a topology that will not fail if there is an outage on a single piece of the topology. However, the computers need to wait to talk on the network to avoid congestions. Which of the following topologies would the engineer implement? "Star Bus Ring Mesh"

C "Token Ring networks are quite rare today. Token Ring networks use the ring topology. Despite being called a Ring topology, the ring is logical and the physical network structure often forms a ‘star’ topology with all computers on the network connecting to a central multistation access unit (MAU). The MAU implements the logical ring by transmitting signals to each node in turn and waiting for the node to send them back before it transmits to the next node. Therefore, although the cables are physically connected in a star, the data path takes the form of a ring. If any computer or network cable fails in a token ring network, the remainder of the network remains functional. The MAU has the intelligence to isolate the failed segment. To ensure that the computers need to wait to talk on the network to avoid congestions, a Token Ring network uses a ‘token’. The token continually passes around the network until a computer needs to send data. The computer then takes the token and transmits the data before releasing the token. Only a computer in possession of the token can transmit data onto the network."

Q82 A technician wants to securely manage several remote network devices. Which of the following should be implemented to securely manage the devices? "WPA2 IPv6 SNMPv3 RIPv2"

C To manage the remote network devices we need to use a network management protocol. SNMP has become the de facto standard of network management protocols. The security weaknesses of SNMPv1 and SNMPv2c are addressed in SNMPv3.

Q43 After a recent breach, the security technician decides the company needs to analyze and aggregate its security logs. Which of the following systems should be used? "Event log Syslog SIEM SNMP"

C "Using a Security information and event management (SIEM) product, the security logs can be analyzed and aggregated. SIEM is a term for software products and services combining security information management (SIM) and security event management (SEM). SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. SIEM is sold as software, appliances or managed services, and are also used to log security data and generate reports for compliance purposes. SIEM capabilities include Data aggregation; Log management aggregates data from many sources, including network, security, servers, databases, applications, providing the ability to consolidate monitored data to help avoid missing crucial events."

Q91 A technician is setting up a computer lab. Computers on the same subnet need to communicate with each other using peer to peer communication. Which of the following would the technician MOST likely configure? "Hardware firewall Proxy server Software firewall GRE tunneling"

C A host-based firewall is a computer running firewall software that can protect the computer itself. A software firewall would be the most cost effective in a lab scenario.

Q90 A technician needs to install software onto company laptops to protect local running services, from external threats. Which of the following should the technician install and configure on the laptops if the threat is network based? "A cloud-based antivirus system with a heuristic and signature based engine A network based firewall which blocks all inbound communication A host-based firewall which allows all outbound communication A HIDS to inspect both inbound and outbound network communication"

C A host-based firewall is a computer running firewall software that can protect the computer itself. For example, it can prevent incoming connections to the computer and allow outbound communication only.

Q95 Which of the following types of network would be set up in an office so that customers could access the Internet but not be given access to internal resources such as printers and servers? "Quarantine network Core network Guest network Wireless network"

C A wireless guest network could be set up so that it has limited access (no access to local resources) but does provide Internet access for guest users.

Q141 Before logging into the company network, users are required to sign a document that is to be stored in their personnel file. This standards and policies document is usually called which of the following? "SOP BEP AUP SLA"

C AUP stands for Acceptable Use Policy. An Acceptable Use Policy defines what a user can or cannot do with his or her computer during business hours. For example, using the company’s Internet connection to look at the sports scores on a sports website may be deemed inappropriate or unacceptable during business hours. Other examples include the use of social media websites such as Facebook or using Instant Messaging clients to chat to your friends.

Q6 Which of the following provides accounting, authorization, and authentication via a centralized privileged database, as well as, challenge/response and password encryption? "Multifactor authentication ISAKMP TACACS+ Network access control"

C Explanation:

Q123 A PC technician has installed a new network printer that was preconfigured with the correct static IP address, subnet mask, and default gateway. The printer was installed with a new cable and appears to have link activity, but the printer will not respond to any network communication attempts. Which of the following is MOST likely the cause of the problem? "Damaged cable Duplex mismatch Incorrect VLAN assignment Speed mismatch"

C If a port is accidentally assigned to the wrong VLAN in a switch, it’s as if that client was magically transported to another place in the network. This would explain the inability to communication with the printer, as it is on a different VLAN.

Q31 When convergence on a routed network occurs, which of the following is true? "All routers are using hop count as the metric All routers have the same routing table All routers learn the route to all connected networks All routers use route summarization"

C Routers exchange routing topology information with each other by using a routing protocol. When all routers have exchanged routing information with all other routers within a network, the routers are said to have converged. In other words: In a converged network all routers “agree†on what the network topology looks like.

Q42 Company policies require that all network infrastructure devices send system level information to a centralized server. Which of the following should be implemented to ensure the network administrator can review device error information from one central location? "TACACS+ server Single sign-on SYSLOG server Wi-Fi analyzer"

C Syslog is a protocol designed to send log entries generated by a device or process called a facility across an IP network to a message collector, called a syslog server. A syslog message consists of an error code and the severity of the error. A syslog server would enable the network administrator to view device error information from a central location.

Q78 A technician needs to ensure that new systems are protected from electronic snooping of Radio Frequency emanations. Which of the following standards should be consulted? "DWDM MIMO TEMPEST DOCSIS"

C Tempest was the name of a government project to study the ability to understand the data over a network by listening to the emanations. Tempest rooms are designed to keep emanations contained in that room to increase security of data communications happening there.

Q64 When two or more links need to pass traffic as if they were one physical link, which of the following would be used to satisfy the requirement? "Port mirroring 802.1w LACP VTP"

C The Link Aggregation Control Protocol (LACP) enables you to assign multiple physical links to a logical interface, which appears as a single link to a route processor.

Q128 After repairing a computer infected with malware, a technician determines that the web browser fails to go to the proper address for some sites. Which of the following should be checked? "Server host file Subnet mask Local hosts file Duplex settings"

C The local hosts file is a text file that contains hostname-to-IP address mappings. By default, host to IP address mappings that are configured in the Hosts file supersede the information in DNS. If there is an entry for a domain name in the Hosts file, then the server will not attempt to query DNS servers for that name. Instead, the IP address that is configured in the Hosts file will be used. If the IP address corresponding to a name changes and the Hosts file is not updated, you may be unable to connect to the host.

Q104 "A network technician is performing a tracert command to troubleshoot a website-related issue. The following output is received for each hop in the tracert: 1 * * * Request timed out. 2 * * * Request timed out. 3 * * * Request timed out. The technician would like to see the results of the tracert command. Which of the following will allow the technician to perform tracert on external sites but not allow outsiders to discover information from inside the network?" "Enable split horizon to allow internal tracert commands to pass through the firewall Enable IGMP messages out and block IGMP messages into the network Configure the firewall to allow echo reply in and echo request out of the network Install a backdoor to access the router to allow tracert messages to pass through"

C Tracert makes use of ICMP echo packets to trace the route between two hosts. For the command to be successful, the firewall has to allow incoming echo replies and outgoing echo requests.

Q88 During a check of the security control measures of the company network assets, a network administrator is explaining the difference between the security controls at the company. Which of the following would be identified as physical security controls? (Select THREE). "RSA Passwords Man traps Biometrics Cipher locks VLANs 3DES"

C,D,E "Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism. C: A mantrap is a mechanical physical security devices for catching poachers and trespassers. They have taken many forms, the most usual being like a large foothold trap, the steel springs being armed with teeth which met in the victim’s leg. D: Biometric authentication is a type of system that relies on the unique biological characteristics of individuals to verify identity for secure access to electronic systems. Biometric authentication is a physical security device. E: Cipher locks are used to control access to areas such as airport control towers, computer rooms, corporate offices, embassies, areas within financial institutions, research and development laboratories, and storage areas holding weapons, controlled substances, etc. Cipher locks are physical security devices."

Q102 "A technician is troubleshooting a client’s connection to a wireless network. The client is asked to run a “getinfo†command to list information about the existing condition. myClient$ wificard â€"getinfo agrCtlRSSI:-72 agrExtRSSI:0 state:running op mode: station lastTxRate:178 MaxRate:300 802.11 auth:open link auth:wpa2-psk BSSID:0F:33:AE:F1:02:0A SSID:CafeWireless Channel:149,1 Given this output, which of the following has the technician learned about the wireless network? (Select TWO)." "The WAP is using RC4 encryption The WAP is using 802.11a The WAP is using AES encryption The WAP is using the 2.4GHz channel The WAP is using the 5GHz channel The WAP is using 802.11g"

C,E "WPA2 makes use of the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) encryption protocol, which is an AES based protocol. The output shows that the wireless network operates on channel 149, which is a channel in the 5GHz band."

Q147 In an engineering office, all plotters are configured via static IP. Which of the following best practices will alleviate many issues if equipment moves are required? (Select TWO). "Rack monitoring Device placement Wall plate labeling Room numbering Patch panel labeling"

CE By labeling each wall plate (where the plotters’ network cables plug in to) and the patch panel ports (where the cables connecting to each wall plate terminate), we’ll be able to see which device is connected to which port. If equipment moves are required, we will be able to easily see which patch cables need to be moved in the patch panel.

Q108 A technician has verified that a recent loss of network connectivity to multiple workstations is due to a bad CAT5 cable in the server room wall. Which of the following tools can be used to locate its physical location within the wall? "Cable certifier Multimeter Cable tester Toner probe"

D Toner probes are specifically used to trace cables hidden in floors, ceilings, or walls. They can also be used to track cables from the patch panels to their destinations.

Q149 Which of the following does a network technician need to implement if a change is unsuccessful within the approved maintenance window? "Configuration procedures Stakeholder notification Impact analysis Rollback procedure"

D "A rollback procedure is something that should be documented in a change management document. In this question, the network technician has made a change during a maintenance window. The change has not worked so the technician needs to ‘undo’ the change he made to revert the system back to its previous state. The network technician can then investigate why the change has not worked as expected. The rollback procedure is the list of steps required to undo the changes made to the system."

Q58 A company has had several virus infections over the past few months. The infections were caused by vulnerabilities in the application versions that are being used. Which of the following should an administrator implement to prevent future outbreaks? "Host-based intrusion detection systems Acceptable use policies Incident response team Patch management"

D "As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by releasing a patch. A patch is designed to correct a known bug or fix a known vulnerability, such as in this case to be vulnerable to virus infections, in a piece of software. A patch differs from an update, which, in addition to fixing a known bug or vulnerability, adds one or more features to the software being updated."

Q30 An organization requires a second technician to verify changes before applying them to network devices. When checking the configuration of a network device, a technician determines that a coworker has improperly configured the AS number on the device. This would result in which of the following? "The OSPF not-so-stubby area is misconfigured Reduced wireless network coverage Spanning tree ports in flooding mode BGP routing issues"

D "BGP (Border Gateway Protocol) is used to route data between autonomous systems (AS’s) A collection of networks that fall within the same administrative domain is called an autonomous system (AS). The routers within an AS use an interior gateway protocol, such as the Routing Information Protocol (RIP) or the Open Shortest Path First (OSPF) protocol, to exchange routing information among themselves. At the edges of an AS are routers that communicate with the other AS’s on the Internet, using an exterior gateway protocol such as the Border Gateway Protocol (BGP)."

Q93 A technician is installing a surveillance system for a home network. The technician is unsure which ports need to be opened to allow remote access to the system. Which of the following should the technician perform? "Disable the network based firewall Implicit deny all traffic on network Configure a VLAN on Layer 2 switch Add the system to the DMZ"

D "By putting the system in the DMZ (demilitarized zone) we increase the security, as the system should be opened for remote access. A DMZ is a computer host or small network inserted as a “neutral zone†between a company’s private network and the outside public network. It prevents outside users from getting direct access to a server that has company data. A DMZ often contains servers that should be accessible from the public Internet."

Q47 "The administrator’s network has OSPF for the internal routing protocol. One port going out to the Internet is congested. The data is going out to the Internet, but queues up before sending. Which of the following would resolve this issue? Output: Fast Ethernet 0 is up, line protocol is up Int ip address is 10.20.130.5/25 MTU 1500 bytes, BW10000 kbit, DLY 100 usec Reliability 255/255, Tx load 1/255, Rx load 1/255 Encapsulation ospf, loopback not set Keep alive 10 Half duplex, 100Mb/s, 100 Base Tx/Fx Received 1052993 broadcasts 0 input errors 983881 packets output, 768588 bytes 0 output errors, 0 collisions, 0 resets" "Set the loopback address Change the IP address Change the slash notation Change duplex to full"

D "From the output we see that the half-duplex is configured. This would not use the full capacity of ports on the network. By changing to full duplex the throughput would be doubled. Note: All communications are either half-duplex or full-duplex. During half-duplex communication, a device can either send communication or receive communication, but not both at the same time. In full-duplex communication, both devices can send and receive communication at the same time. This means that the effective throughput is doubled and communication is much more efficient."

Q150 Which of the following is true about the main difference between a web session that uses port 80 and one that uses port 443? "Port 80 web sessions often use application-level encryption, while port 443 sessions often use transport-level encryption. Port 80 web session cannot use encryption, while port 443 sessions are encrypted using web certificates. Port 80 web sessions can use web application proxies, while port 443 sessions cannot traverse web application proxies. Port 80 web sessions are prone to man-in-the-middle attacks, while port 443 sessions are immune from man-in-the-middle attacks."

D "HTTPS stands for HTTP over SSL or HTTP Secure. It is used for secure access to websites. Port 80 web sessions are HTTP (HyperText Transfer Protocol) sessions which offers no security. Port 443 web sessions use HTTPS. HTTPS uses SSL or TLS to encrypt the HTTP traffic. HTTPS provides authentication of the website and associated web server that you are communicating with, which protects against man-in-the-middle attacks. Additionally, it provides bidirectional encryption of communications between a client and server, which protects against eavesdropping and tampering with and/or forging the contents of the communication."

Q39 A technician has been given a list of requirements for a LAN in an older building using CAT6 cabling. Which of the following environmental conditions should be considered when deciding whether or not to use plenum-rated cables? "Workstation models Window placement Floor composition Ceiling airflow condition"

D "In a large building, the ‘plenum’ is the space between floors used to circulate air through the building. This space is also an ideal place to run computer network cabling. However, in the event of fire in the building, the network cables can be very hazardous because when they burn, the cable insulation gives off a poisonous smoke that gets circulated around the building. Furthermore, the burning cables help to spread the fire. Plenum-rated cables are designed to be cabled through the plenum in a building. Plenum-rated cables are covered in fire-retardant plastic jacket to avoid the risk of toxic smoke being circulated around the building."

Q148 A network technician is attempting to locate a switch connected to the fourth floor west side of the building. Which of the following will allow quick identification of the switch, when looking at a logical diagram? "Building layout Patch panel labeling Packet sniffing Naming conventions"

D "The building in this question has several floors and the floors are large enough to be identified by area such as ‘west side’ etc. It is likely that a logical diagram of the network in such a building would be quite complicated and the network is likely to have several switches. A naming convention is a standard for naming items, in this case, networking components. When it comes to naming switches, using names like Switch1, Switch2 etc. for example won’t help when you need to know where the switches are located. In a building with multiple floors with each floor large enough to be defined by area names, you could a naming convention like SW1-FL4-WS where SW1 identifies the item as a Switch with the number 1, FL4 identifies the location as Floor 4 and WS further identifies the location as West Side. Using this convention, switch number 2 on the third floor east side would be named SW2-FL3-ES."

Q154 A network technician has just installed a TFTP server on the administrative segment of the network to store router and switch configurations. After a transfer attempt to the server is made, the process errors out. Which of the following is a cause of the error? "Only FTP can be used to copy configurations from switches Anonymous users were not used to log into the TFTP server An incorrect password was used and the account is now locked Port 69 is blocked on a router between the network segments"

D "The question states that the TFTP server is installed on the “administrative segment of the networkâ€. This implies that the network has multiple segments (subnets) and TFTP server is on a different network segment to other computers. For a computer on one subnet to connect to a computer on a different subnet, a router is required to route traffic between the two subnets. Routers often include firewalls so they can be configured to allow specific traffic to be routed between the subnets and block unwanted traffic. TFTP uses UDP port 69. The most likely cause of the connection timeout error in the question is that the firewall has not been configured to allow traffic using UDP port 69."

Q99 A network technician is using a network monitoring system and notices that every device on a particular segment has lost connectivity. Which of the following should the network technician do NEXT? "Establish a theory of probable cause. Document actions and findings. Determine next steps to solve the problem. Determine if anything has changed."

D "The technician has already identified the symptom: Loss of connectivity on a specific network segment. The next step in identifying the problem is to “Determine if anything has changedâ€. Common troubleshooting steps and procedures: 1. Identify the problem. Information gathering. Identify symptoms. Question users. Determine if anything has changed. 2. Establish a theory of probable cause. Question the obvious. 3. Test the theory to determine cause: When the theory is confirmed, determine the next steps to resolve the problem. If theory is not confirmed, re-establish a new theory or escalate. 4. Establish a plan of action to resolve the problem and identify potential effects. 5. Implement the solution or escalate as necessary. 6. Verify full system functionality and if applicable implement preventive measures. 7. Document findings, actions, and outcomes."

Q98 A network technician was tasked to respond to a compromised workstation. The technician documented the scene, took the machine offline, and left the PC under a cubicle overnight. Which of the following steps of incident handling has been incorrectly performed? "Document the scene Forensics report Evidence collection Chain of custody"

D "To verify the integrity of data since a security incident occurred, you need to be able to show a chain of custody. A chain of custody documents who has been in possession of the data (evidence) since a security breach occurred. A well-prepared organization will have process and procedures that are used when an incident occurs. A plan should include first responders securing the area and then escalating to senior management and authorities when required by policy or law. The chain of custody also includes documentation of the scene, collection of evidence, and maintenance, ediscovery (which is the electronic aspect of identifying, collecting, and producing electronically stored information), transportation of data, forensics reporting, and a process to preserve all forms of evidence and data when litigation is expected. The preservation of the evidence, data, and details is referred to as legal hold."

Q52 A system administrator wants to update a web-based application to the latest version. Which of the following procedures should the system administrator perform FIRST? "Remove all user accounts on the server Isolate the server logically on the network Block all HTTP traffic to the server Install the software in a test environment"

D "We should test the new version of the application in a test/lab environment first. This way any potential issues with the new software would not affect the production environment. Set up a test lab on an isolated network in your organization. Do not set up your test lab in your production environment."

Q61 A training class is being held in an auditorium. Hard-wired connections are required for all laptops that will be used. The network technician must add a switch to the room through which the laptops will connect for full network access. Which of the following must the technician configure on a switch port, for both switches, in order to create this setup? "DHCP Split horizon CIDR TRUNK"

D "We should use trunk ports to set up a VLAN for the laptops that will be used in the auditorium. A trunk port is a port that is assigned to carry traffic for all the VLANs that are accessible by a specific switch, a process known as trunking. Trunk ports mark frames with unique identifying tags â€" either 802.1Q tags or Interswitch Link (ISL) tags â€" as they move between switches. Therefore, every single frame can be directed to its designated VLAN."

Q67 Multiple students within a networking lab are required to simultaneously access a single switch remotely. The administrator checks and confirms that the switch can be accessed using the console, but currently only one student can log in at a time. Which of the following should be done to correct this issue? "Increase installed memory and install a larger flash module. Increase the number of VLANs configured on the switch. Decrease the number of VLANs configured on the switch. Increase the number of virtual terminals available."

D "You can set a limit of how many virtual terminals that can simultaneously be connected to a switch. Here the limit is set to one, and we should increase it. For a Cisco network device: You can use virtual terminal lines to connect to your Cisco NX-OS device, for example a switch. Secure Shell (SSH) and Telnet create virtual terminal sessions. You can configure an inactive session timeout and a maximum sessions limit for virtual terminals. session-limit sessions Example: switch(config-line)# session-limit 10 Configures the maximum number of virtual sessions for the Cisco NX-OS device. The range is from 1 to 64."

Q10 When configuring a new server, a technician requests that an MX record be created in DNS for the new server, but the record was not entered properly. Which of the following was MOST likely installed that required an MX record to function properly? "Load balancer FTP server Firewall DMZ Mail server"

D A mail exchanger record (MX record) is a DNS record used by email servers to determine the name of the email server responsible for accepting email for the recipient’s domain. For example a user sends an email to [email protected]. The sending user’s email server will query the somedomain.com DNS zone for an MX record for the domain. The MX record will specify the hostname of the email server responsible for accepting email for the somedomain.com domain, for example, mailserver.somedomain.com. The sending email server will then perform a second DNS query to resolve mailserver.somedomain.com to an IP address. The sending mail server will then forward the email to the destination mail server.

Q126 A network technician is troubleshooting a problem at a remote site. It has been determined that the connection from router A to router B is down. The technician at the remote site re-terminates the CAT5 cable that connects the two routers as a straight through cable. The cable is then tested and is plugged into the correct interface. Which of the following would be the result of this action? "The normal amount of errors and the connection problem has been resolved. The interface status will indicate that the port is administratively down. The traffic will flow, but with excessive errors. The interface status will show line protocol down."

D Devices of different types are connected with a straight through cable (patch cable). In this case, it is used to connect two devices of the same type. It is for this reason that the interface will display the line protocol down status.

Q7 A technician needs to set aside addresses in a DHCP pool so that certain servers always receive the same address. Which of the following should be configured? "Leases Helper addresses Scopes Reservations"

D Explanation:

Q68 A company is experiencing very slow network speeds of 54Mbps. A technician has been hired to perform an assessment on the existing wireless network. The technician has recommended an 802.11n network infrastructure. Which of the following allows 802.11n to reach higher speeds? "MU-MIMO LWAPP PoE MIMO"

D One way 802.11n achieves superior throughput is through the use of a technology called multiple input, multiple output (MIMO). MIMO uses multiple antennas for transmission and reception.

Q127 Which of the following helps prevent routing loops? "Routing table Default gateway Route summarization Split horizon"

D Routing loops occur when the routing tables on the routers are slow to update and a redundant communication cycle is created between routers. Split horizon, which prevents the router from advertising a route back to the other router from which it was learned, can be used to resist routing loops. Poison reverse, also known as split horizon with poison reverse, is also used to resist routing loops.

Q117 While troubleshooting a network outage, a technician finds a 100-meter fiber cable with a small service loop and suspects it might be the cause of the outage. Which of the following is MOST likely the issue? "Maximum cable length exceeded Dirty connectors RF interference caused by impedance mismatch Bend radius exceeded"

D The excessive bending of fiber-optic cables can increase microbending and macrobending losses. Microbending causes light attenuation induced by deformation of the fiber, while macrobending causes the leakage of light through the fiber cladding and this is more likely to happen where the fiber is excessively bent.

Q103 An administrator only has telnet access to a remote workstation. Which of the following utilities will identify if the workstation uses DHCP? "tracert ping dig ipconfig netstat"

D The ipconfig command displays the TCP/IP configuration of a Windows system. The ipconfig /all command displays the system’s TCP/IP configuration in detail. This output includes whether DHCP is enabled or not.

Q81 A network technician has been tasked to configure a new network monitoring tool that will examine interface settings throughout various network devices. Which of the following would need to be configured on each network device to provide that information in a secure manner? "S/MIME SYSLOG PGP SNMPv3 RSH"

D The network monitoring need to use a network management protocol. SNMP has become the de facto standard of network management protocols. The security weaknesses of SNMPv1 and SNMPv2c are addressed in SNMPv3.

Q120 "A network engineer is troubleshooting an issue with a computer that is unable to connect to the Internet. The network engineer analyzes the following output from a command line utility: Network DestinationNetmaskGatewayInterface 192.168.1.0 255.255.255.0192.168.1.254eth0 192.168.1.10255.255.255.255192.168.1.10eth0 127.0.0.1255.0.0.0On-Linlo 127.0.0.0255.0.0.0On-Linklo 255.255.255.255255.255.255.255102.168.1.10eth0 Which of the following is the reason for the computer issue, given the above output?" "Wrong default gateway netmask Incorrect default gateway address Default gateway on the wrong interface Missing default gateway"

D The output appears to be a result of running the netstat â€"r command. If the default gateway was present, the first line would show the Network Destination as 0.0.0.0 and the Netmask as 0.0.0.0.

Q115 A technician is troubleshooting a wired device on the network. The technician notices that the link light on the NIC does not illuminate. After testing the device on a different RJ-45 port, the device connects successfully. Which of the following is causing this issue? "EMI RFI Cross-talk Bad wiring"

D The question states that the device worked on a different port. This indicates that the wiring is faulty.

Q111 Ann, a user, is experiencing an issue with her wireless device. While in the conference area, the wireless signal is steady and strong. However, at her desk the signal is consistently dropping, yet the device indicates a strong signal. Which of the following is the MOST likely cause of the issue? "Signal-to-noise ratio AP configuration Incorrect SSID Bounce"

D The signal between the access point and Ann’s wireless device is being bounced off walls, windows, glass mirrors, carpeted floors, and many other objects. This results in the slow connection. The radio waves are travelling at the same rate, but as a result of signal bounce, it’s taking longer to reach its destination.

Q105 A network technician has received comments from several users that cannot reach a particular website. Which of the following commands would provide the BEST information about the path taken across the network to this website? "ping netstat telnet tracert"

D The tracert command is used to determine the amount of hops a packet takes to reach a destination. It makes use of ICMP echo packets to report information at every step in the journey. This is how the path taken across the network is obtained.

Q50 A network technician is diligent about maintaining all system servers’ at the most current service pack level available. After performing upgrades, users experience issues with server-based applications. Which of the following should be used to prevent issues in the future? "Configure an automated patching server Virtualize the servers and take daily snapshots Configure a honeypot for application testing Configure a test lab for updates"

D To prevent the service pack issues make sure, before going ahead and applying a new Service Pack in your production environment, to validate them in a test/lab environment first.

Q32 An administrator has a virtualization environment that includes a vSAN and iSCSI switching. Which of the following actions could the administrator take to improve the performance of data transfers over iSCSI switches? "The administrator should configure the switch ports to auto-negotiate the proper Ethernet settings. The administrator should configure each vSAN participant to have its own VLAN. The administrator should connect the iSCSI switches to each other over inter-switch links (ISL). The administrator should set the MTU to 9000 on the each of the participants in the vSAN."

D When using an iSCSI SAN (with iSCSI switching), we can improve network performance by enabling ‘jumbo frames’. A jumbo frame is a frame with an MTU of more than 1500. By setting the MTU to 9000, there will be fewer but larger frames going over the network. Enabling jumbo frames can improve network performance by making data transmissions more efficient. The CPUs on switches and routers can only process one frame at a time. By putting a larger payload into each frame, the CPUs have fewer frames to process.

Q5 Which of the following is used to authenticate remote workers who connect from offsite? (Select TWO). "OSPF VTP trunking Virtual PBX RADIUS 802.1x"

D,E D: A RADIUS (Remote Authentication Dial-in User Service) server is a server with a database of user accounts and passwords used as a central authentication database for users requiring network access. RADIUS servers are commonly used by ISP’s to authenticate their customer’s Internet connections. Remote users connect to one or more Remote Access Servers. The remote access servers then forward the authentication requests to the central RADIUS server.

Q33 Which of the following would be used in an IP-based video conferencing deployment? (Select TWO). "RS-232 56k modem Bluetooth Codec SIP"

DE "The term “codec†is a concatenation of “encoder†and “decoderâ€. In video conferencing, a codec is software (or can be hardware) that compresses (encodes) raw video data before it is transmitted over the network. A codec on the receiving video conferencing device will then decompress (decode) the video signal for display on the conferencing display. The Session Initiation Protocol (SIP) is a protocol for initiating an interactive user session that involves multimedia elements such as voice, chat, gaming, or in this case video."

Q26 A technician, Joe, has been tasked with assigning two IP addresses to WAN interfaces on connected routers. In order to conserve address space, which of the following subnet masks should Joe use for this subnet? "/24 /32 /28 /29 /30"

E "An IPv4 address consists of 32 bits. The first x number of bits in the address is the network address and the remaining bits are used for the host addresses. The subnet mask defines how many bits form the network address and from that, we can calculate how many bits are used for the host addresses. In this question, the /30 subnet mask dictates that the first 30 bits of the IP address are used for network addressing and the remaining 2 bits are used for host addressing. The formula to calculate the number of hosts in a subnet is 2n â€" 2. The “n†in the host’s formula represents the number of bits used for host addressing. If we apply the formula (22 â€" 2), a /30 subnet mask will provide 2 IP addresses."

Q46 A network technician receives the following alert from a network device: “High utilizations threshold exceeded on gi1/0/24 : current value 9413587.54†Which of the following is being monitored to trigger the alarm? "Speed and duplex mismatch Wireless channel utilization Network device CPU Network device memory Interface link status"

E "This is an error message that indicates that threshold of high utilization of network interface, in this case interface gi1/0/24, has been exceeded. The message has been triggered on the interface link status. Note: gi1/0 would be a gigabyte interface."

Q54 After a company rolls out software updates, Ann, a lab researcher, is no longer able to use lab equipment connected to her PC. The technician contacts the vendor and determines there is an incompatibility with the latest IO drivers. Which of the following should the technician perform so that Ann can get back to work as quickly as possible? "Reformat and install the compatible drivers. Reset Ann’s equipment configuration from a backup. Downgrade the PC to a working patch level. Restore Ann’s PC to the last known good configuration. Roll back the drivers to the previous version."

E By rolling back the drivers Ann would be able to use her lab equipment again. To roll back a driver in Windows means to return the driver to the version that was last installed for the device. Rolling back a driver is an easy way to return a driver to a working version when a driver update fails to fix a problem or maybe even causes a new problem. Think of rolling back a driver as a quick and easy way to uninstall the latest driver and then reinstall the previous one, all automatically.

Q121 "A company has changed ISPs for their office and ordered a new 250 Mbps symmetrical Internet connection. As a result, they have been given a new IP range. The ISP has assigned the company 10.10.150.16 /28. The company gateway router has the following interface configuration facing the ISP: Interface A: IP address: 10.10.150.16 Subnet mask: 255.255.255.240 Default gateway: 10.10.150.32 Speed: 1000 Mbps Duplex: Auto State: No Shutdown None of the workstations at the company are able to access the Internet. Which of the following are the reasons? (Select TWO)." "There is a duplex mismatch between the router and ISP. The router interface is turned off. The interface is set to the incorrect speed. The router is configured with the incorrect subnet mask. The router interface is configured with the incorrect IP address. The default gateway is configured incorrectly."

E,F According to the IP Address Range Calculator, for the given subnet mask and the IP range address range assigned by the ISP, the first host address should be 10.10.150.17 and the broadcast address should be 10.10.150.31. Therefore, the router interface is configured with the incorrect IP address and the default gateway is configured incorrectly.


Kaugnay na mga set ng pag-aaral

Chapter 9 Extension - Law of Sines and Law of Cosines

View Set

BIOL 220 Exam 2 Homework - Connect

View Set

"What is a Nonprofit Organization?"

View Set

NCIV - Comprehensive Exam Questions

View Set

Duties of the Principal and Agent

View Set