Network Pro Most +++++
Which of the following advantages can Single Sign-On (SSO) prove?
"The elimination of multiple user accounts and passwords for an individual and access to all authorized resources with a single instance of authentication."
Your task in this lab is to use File Explorer to remove all quota limits for the Administrators account.
*Select Do not limit disk usage* From Hyper-V Manager, click CORPSERVER R click CorpFiles12 and select connect On the taskbar, click file explorer > R click and select properties > On the Quota tab, click quota entries > Select a quota entry in the list > Select quota > properties > modify the limit and warning levels > click ok
Consider the 850 nm multimode fiber optic cable shown below. How much loss can you expect between the transmitter and the receiver?
-1.2 dB
Which of the following are characteristics of coaxial network cable? (Choose three)
-It uses two concentric metallic conductors. -The ends of the cable must be terminated. -It has a conductor made from copper in the center of the cable.
Which of the following connectors are used with fiber optic cables and include both cables in a single connector? (*Select two.)
-LC -MT-RJ
F-Type connectors are typically used with cables using which of the following standards? (Select two)
-RG-6 -RG-59
Which data transmutation rate is defined by the IEEE 802.11b wireless standard.
11Mbps
You have recently installed a new windows server 2003 system. To ensure the accuracy of the system time, you have loaded a application that synchronizes the hardware clock on the server with an external time source on Internet. Now, you must configure the firewall on your network to allow time synchronization traffic through. Which of the following ports must you likely to open on the firewall?
123
What is the maximum data rate of an ISDN BRI line?
128 Kbps
Which port dose Telnet use?
23
Which is the recommended humidity level for server rooms? 10% or lower 30% 50% 70%
70%
You are designing an update to your clients wireless network. The existing network uses 802.11b. Due to budget, which 802.11 standard will work best.
802.11g
Which of the following are typical components of a NAS device? select two
A minimal network OS. One or more NICs.
Which of the following dose a router acting as a firewall use to control which packets are forwarded or dropped?
ACL
IPSec is implemented through two separate protocols. What are these protocols called?
AH ESP
Which of the following attacks tries to associate an incorrect MAC address with a know IP address?
ARP poisoning
Which of the following attacks tries to associate an incorrect MAC address with a known IP address?
ARP poisoning ARP spoofing/poisoning associates the attacker's MAC address with the IP address of victim devices. When computers send an ARP request to get the MAC address of a known IP address, the attacker's system responds with its MAC address.
What is the most important aspect of a biometric device?
Accuracy
Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do?
Add a separate A/C unit in the server room
Content Engine
Appliances dedicated to content cashing
You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat6e cable to connect the wiring closet to the shipping building. Which of the following are you most likely to experience?
Attenuation.
bit-error rate tester
BERT
Which of the following routing protocols is used by routers on the Internet for learning and sharing routes?
BGP
All of the 802.11 standards for the wireless networking support which type of communication path sharing technology?
CSMA/CA
Switch
Can dynamically learn the MAC addresses attached to various ports by looking at the source MAC address on frames coming into a port
Consider the following IP addresses .
Class A, B, B, C
Which of the following fire extinguisher types is best used for electrical fires that might result when working with computer components? Class A Class B Class C Class D
Class C
Cell Phones with cameras and data transfer capabilities pose a risk to which security goal?
Confidentiality
Match the Cisco device password type on the left with its function on the right.
Controls the ability to log on through a LAN or WAN interface configured on the device. VTY Controls the ability to switch configuration modes EXEC Controls the ability to connect to the device using a direct connection Console
How can a criminal investigator ensure the integrity of a removable media device found while collecting evidence?
Create a checksum using a hashing algorithm
You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall? Select all that apply.
Destination address of a packet Port number Source address of a packet
Which of the following are examples of social engineering?
Dumpster diving //Shoulder surfing
electrostatic discharge
ESD
Configuration management
Focuses on maintaining up-to-date documentation of a network's configuration.
Presentation (layer 6)
Formats or "presents data into compatible form for receipt by the Application layer.
Bit errors / Bits transmitted
Formula for BER
You have installed Hyper-V on the CorpServer server. You are experimenting with virtual hard disks. Your task in this lab it to create two virtual hard disks named Test1 and Test2 in the D:\HYPERV\Virtual Hard Disks directory. Use the following settings: For Test1: Select a format that will allow for maximum backwards compatibility. Configure the disk for best performance. Configure a size of 500 GB. For Test2: Configure the disk to use the smallest possible amount of disk space. Configure a size of 4 TB (4096 GB).
From Server Manager, select Tools > Hyper V Manager R click the server and select New > Hard Disk > click next Select the disk format, and then click next Select the disk type, and then click next Type the name and path for the hard disk file, click next Type the size for the new virtual disk, click next Click Finish
110 Block
High-Speed LAN connections. Can terminate a cable being used for high speed LAN
You need to implement a wireless network between two buildings on a college campus. A wired network has already been implemented within each building. the buildings are 100 meters apart. select two
High-gain Parabolic
Which of the following is a common form of social engineering attack?
Hoax virus information e-mails
Which of the following protocols are classified as link state routing protocols?
IS-IS OSPF
Which of the following CCTV types would you use in areas with little or no lights?
Infrared
Twisted-Pair Cable
Insulated copper strands that are intertwined Two Categories: 1. STP 2. UTP
Which of the following is not a primary characteristic of a worm?
It infects the MBR of a hard drive
The chain of custody is used for what purposes?
Listing people coming into contact with evidence
Which of the following do switches and wireless access points use to control access through the device?
MAC filtering
Which of the following do switches and wireless access points use to control access through the device?
MAC filtering Both switches and wireless access points are layer 2 devices, meaning they use the MAC address for making forwarding decisions. Both devices typically include some form of security that restricts access based on the MAC address.
which of the following attacks, if successful, causes a switch to function like a hub?
MAC flooding
Which protocol doies VoIP use to interface with the PSTN?
MGCP
Router
Makes forwarding decisions based on logical network address information (IP addresses)
Which of the following is the most common form of authentication?
Password
Which of the ff. is most vulnerable to a brute force attack?
Password authentication
Which switch features are typically used with VoIP
PoE VLAN
Which of the following is undetectable software that allows administrator-level access?
Rootkit
Which of the following is a WAN technology that allows for interoperability of vendor hardware for fiber optic networking?
SONET
Which protocol does HTTPS use to offer greater security for Web transactions?
SSL.
A health care organization provides mobile clinics throughout the world. Which network technology connectivity for any clinic located anywhere in the world, ever remote areas?
Satellite
Of the following cables, which offer the best protection against EMI?
Single mode fiber optic
A VPN is used primarily for what purpose?
Support secured communications over an untrusted
You are implementing Internet connectivity for a new start-up company. Your client will provide on-line storefronts for retailers. To do this, the have calculated their Internet connection must provide a data rate of at lest 20 -30 Mbps. Which type of service should you implement?
T3
Which encryption method is used by WPA for wireless networks?
TKIP
Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)
TLS// SSL
Which address would you use for the default gateway address? http://i.imgur.com/rFLX29Z.png
The IP address assigned to Fa0/0 on Router1.
Wiring Closet
The room/place where wires run back to
What purpose does a wireless site survey serve? select two
To Identify existing or potential sources of interference To identify the coverage area and preferred placement of access points.
Which of the following is not a form of biometric?
Token device
When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch?
Trunk Ports
Personal Area Network (PAN)
Very small network used between personal devices (i.e. wireless headset)
Which of the following social engineering attacks use Voice over IP (VoIP) to gain sensitive information?
Vishing
Which of the following wireless security methods uses common shared key configured on the wireless access point and all wireless clients?
WEP, WPA Personal, and WPA2 Personal
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24.The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed.You need to make the change with the least amount of effort possible.What should you do?
Wait for convergence to take place.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24.The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed.You need to make the change with the least amount of effort possible.What should you do?
Wait for convergence to take place.
You manage a website for your company. The website uses three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component represents a single point of failure?
Website storage A single point of failure means that failure in one component will cause the entire website to be unavailable. If the storage unit fails, then the website content will be unavailable.
A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind production. The email is sent from someone she doesn't know and he is asking for immediate clarification on several of the project's details so the project can get back on schedule. Which type of an attack best describes the scenario?
Whaling
When would you typically use and RJ-11 connector?
When connecting a phone to a phone line
Which type of documentation would you consult to find the location of RJ-45 wall jacks and their endpoints in the intermediate distribution closet? Wiring schematic Policy Baseline Procedure
Wiring Schematic
In which of the following situations might you use an RJ-11 connector?
You want to connect your computer to the Internet wit a dial-up connection
In a SAN implementation, the servers that connect to shared storage devices are called___________________.
initiators
The network board in a workstation is currently configured as follows:
show running-config interface show interface
Which of the following solutions would you implement to eliminate switching loops?
spanning tree
You manage a network that uses multiple switches. You want to provide multiple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support?
spanning tree
Which feature prevents switching loops and ensures there is only a single active path between any two switches?
spanning trees
While troubleshooting a problem on a linux sstem, you run a utility that generates the following output: Which of the following utilties were you using?
traceroute
Examine the following output: Which of these commands produced this output?
tracert
Which TCP/IP utility gives you the following output?
tracert
You are the network administrator of a branch office of your company..... What TCP/IP utility can you use to see if a router is not working properly?
tracert
You have been recently hired to manage a network for a small company...... which strategy could you employ to help prevent these issues from occuring?
use a /127 prefix on the backbone segment
You have installed anti-virus software on computes at your business. Within a few days. however, you notice one computer has a virus, When you question the user, she says she did install some software a few days ago, but it was supposed to be a file compression utility. she admits she did not scan the file before running it. What should you add to your security measures to help prevent this from happening again? Account lockout proxy server close unused firewall ports user awareness training
user awareness training
Manchester
uses different encoding scheme. uses the transition from one voltage level to another to represent binary data.
You manage a website for your company. The website uses three servers configured in a cluster. Incoming requested are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component a single point of failure? web server power supply website storage network adapter
website storage
Which access control model manages rights and permissions based on job descriptions and responsibilities?
"Role based access control (RBAC) is the access control model that managers rights and permissions based on job description. RBAC focuses on job description or work task, instead of employing user accounts to define access RBAC are best suited for environments that have a high rate of employees turnover. By defining access base on role that those individuals, it simplifies administration when granting a new person access to common activities. "
You have implemented an access control method that allows only users who are managers to access specific data. Which type of access control model is used?
"Role-based access control (RBAC) allows access based on a role in an organization, not individual users. Roles are defined based on job description or a security access level. Users are made members of a role, and receive the permissions assigned to the role. "
A router access control list uses information in a packet such as the destination IP address and port number to make allow or deny forwarding decisions.
"Rule based access control (RBAC) uses characteristics of objects or subjects, along with rules, to restrict access,. Access control entries identify a set of characteristics that will be examined for a match. If all characteristics match, access is either allowed or denied based on the rule. An example of a rule-based access control implantation is a router access control list that allows or denies traffic based on characteristics within the packet (such as IP address or port number)."
You maintain a network with four servers. Currently, users must provide authentication credential whenever they access a different server. Which solution allows users to supply authentication credentials once for all severs.
"Singe Sing-on(SSO) is a distributed access method that allows a subject to log in (sing on) once a network and access all authorized resources on the network. The SSO system authenticates the subject against a master system and automatically logs the subject on to all servers the subject is authorized to access. Once authenticated, the subject can request access to additional resources without additional loging credentials or passwords."
Which of the following are examples of Type II authentication credentials?
"Smart Card and Photo ID (Type II authentication uses something you have in your possession, such as a smart card, photo ID, token device, or swipe card."
Which of the following is an example of three-factor authentication?
"Token device, keystroke analysis, cognitive question (type III something you are, such as fingerprints, retina scans, voice recognition, or keybo9ard dynamics)"
Which of the following are disadvantages of biometric.
"When used alone or solely, they are no more secure than a strong password, They have potential for numerous false negatives."
Consider the following log message, generated on a router. *Aug 8 11:18:12.081: %LINEPPROTO-5-UPDOWN: Line protocol on interface fastethernet0/0, changed state to down. What facility generated this message?
%LINEPPROTO
You work as the IT Administrator for a small corporate network. You are creating a share for the H:\Components folder on the CorpFiles12 file server. Research and Development department employees need to store programming components in the shared folder. You want to secure the data in the folder as follows: -Members of the Research Resources group should have full control over the folder. -All other users should be able to view the contents of the folder. -Permissions should apply to both network access through the share and local access.
**Share a Folder using file explorer** 1. CORPSERVER > CorpFiles12 > Connect > Go to file explorer and navigate to the folder you want to share > R click and choose properties > On the sharing tab click advanced settings > Select share this folder > In the share name field type the name to be used > Click ok **Configure Shared Folder Permissions** From the sharing tab click advanced sharing > Click permissions > Select the security principal and check or uncheck the desired permissions > Click ok **Configure NTFS permissions** From the security tab click edit > click add > If necessary click locations > Enter the name of each security principal that will receive permission to the folder or click advanced then find now > click ok
The CorpFiles12 Server has a new printer installed with the following settings: -Printer name: KonicaColor -Port: 192.168.0.22 (Standard TCP/IP Port) -Driver: KONICA MINOLTA PS Color Laser Class Driver -Share name: ColorPrinter
**Use the 192.168.0.22 Standard TCP\IP Port on the MrktgPrinter** **On MgrPrinter use the 192.168.0.22 Standard TCP\IP Port and Prevent Everyone from using the printer** **Create an Additional Printer Object** Click CorpServer - go to CorpFiles12 - Connect - Tools - Print Management - Expand Printer Servers, R click Printers and select Add Printer - Select the existing port for the print device click next - To use an existing driver, select it from the list, then click next - Type the printer name, share name and other info, click next - click next, finish. **Modify Printer Availability Times** R click the printer and select properties - Click advanced tab - Select available from option then modify - click ok **Deploy a Printer using Group Policy** R click the printer and select Deploy with Group Policy - Click Browse - The main box in the dialog box shows OU's and GPO's link to the domain, To find a GPO linked to an OU, double click the OU name to expand it, select the GPO and then click ok - Select how to deploy the printer, click add - click ok **Modify Printer Priority** R click the printer and select properties - click advanced tab - change the # in the priority box - click ok **Modify Printer Permissions** R click the printer and select properties - click security tab - To prevent a user or group from using the printer, select the user or group and click remove - To assign permissions to a user or group click add - Type user or group name - click ok
You are the IT Administrator for the CorpNet Domain. You are in the process of implementing a group strategy for your network. The CorpNet domain has a Support OU. All support employees in the domain have user accounts within the Support OU itself or the Support sub-OUs. All Support employees need access to the Support departments shared folders and printers. Your group strategy must minimize administration when granting resource access to new Support employees or removing resource access from old Support employees. Your group strategy must also minimize administration when groups of other employees request access Support resources, or when Support resources are added or removed and permissions to the resources need to be granted or removed. Your task in this lab is to implement a group strategy that meets the above requirements on CorpDC.
-Create Support Group -Create the Support Resources Group -Add Tom Plask, Shelly Emery, and Janice Rons as a member of the Support Group, Add the Support group as a member of the Support Resources group. Click CORPSERVER > R click CorpDC , select connect > From Server Manager, Select Tools > Active Directory Users and Computers > Browse the Active Directory structure to the parent domain or OU. > R click the domain, OU, or other container in which the new group must be created > From the pop up menu select New Group > Type the name for the group > Select a group scope > Click ok> To modify membership R click and select properties > click members tab > To add group member Click Add > Type the name of the object you want to add > Click ok > To remove a group member, select the member and select remove. click ok to apply changes.
Which of the following cable classifications are typically used for cable and satellite networking with coaxial cables?
-RG-6 -RG-59
Which of the following connectors usually require polishing as part of the assembly process? (Select two.)
-ST -SC
You've connected a cable certifier to an RJ45 wall jack, and the output shown below is displayed on the device. What does this output indicate? (Select two.)
-The cable is functioning correctly -This is a crossover cable
Which of the following are characteristics of an LC fiber optic connector? (Choose two.)
-They are half the size of standard connectors. -They use a housing and latch system similar to an RJ-45 UTP connector
At what percent is packet loss noticeable in voice traffic?
1%
You are the IT Administrator for the CorpNet domain. You are in the process of implementing a group strategy for your network. The CorpNet domain has a Support OU. All Support employees in the domain have user accounts within the Support OU itself or the Support sub-OUs. All Support employees need access to the Support department's shared folders and printers. Your group strategy must minimize administration when granting resource access to new Support employees or removing resource access from old Support employees. Your group strategy must also minimize administration when groups of other employees (such as managers) request access to Support resources, or when Support resources are added or removed and permissions to the resources need to be granted or removed. Your task in this lab is to implement a group strategy that meets the above requirements on CorpDC. Create two groups named as follows in the Support OU: Support Support Resources For each group, configure an appropriate scope, type, and membership based on the information in the scenario and the purpose suggested by the group name.
1. From the Hyper-V Manager, click CORPSERVER 2. R click the CorpDC server and select Connect 3. From Server Manager, select Tools > Active Directory Users and Computers 4. Browse the Active Directory structure to the parent domain or OU. 5. R click the domain, OU, or other container in which the new group must be created. From the pop up menu, select New > Group. 6. Type a name for the group. 7. Select a group scope and a group type, then click ok. 8. To modify the group membership, R click the newly created group and select Properties. 9. Click the members tab. 10. To add a group member, use the following steps Click Add, type the name of the object that you want to add. Click ok to add the new group member. To remove a group member, select the member and click remove. Click ok to apply the changes.
Which of the following is included in an operations penetration test? (select three)
1. Looking through discarded papers or media for sensitive information 2.Eavesdropping or obtaining sensitive information from items that are not properly stored 3.Acting as an imposter with the intent to gain access or information
You have a computer that is connected to the Internet through a NAT router. You want to use a private addressing scheme for your computer. Which of the following IP addresses could you assign to the computer?
10.0.12.15 172.18.188.67 192.168.12.253
You have a computer that is connected to the Internet through a NAT router.You want to use a private addressing scheme for your computer.Which of the following IP addresses could you assign to the computer? (Select all that apply.)
10.0.12.15 172.18.188.67 192.168.12.253
With an Ethernet 10BaseT network, the maximum cable length between a computer and the hub is:
100 meters
Your network follows the 100BaseTx specifications for Fast Ethernet. What is the maximum cable segment length allowed?
100 meters
A host has the address 100.55.177.99/16. Which of the following is the broadcast address for the subnet?
100.55.255.255
What is the binary format for the following decimal IP address 131.9.202.11
10000011.00001001.11001010.01101111
You have been tasked with designing a high-speed Ethernet network. Your client's building already has 150 ohm shielded twisted pair wiring installed. Due to budget constraints, they have asked you to reuse the existing wiring instead of installing new fiber optic cabling. Which Ethernet standard could you implement in this situation?
1000BaseCX
You want to implement an Ethernet network at very long distances using fiber optic cables. Which standard and cable type would you choose?(2 answers)
1000BaseLX Single Mode Fiber
Which Gigabit Ethernet standard uses multimode fiber-optic cabling and supports network segments up to a maximum of 550 m long?
1000BaseSX
You have been tasked with designing an Ethernet network. Your client needs to implement a very high-speed network backbone between campus buildings; some of which are around 300 m apart. Fiber-optic cabling has already been installed between buildings. Your client has asked that you use the existing cabling that operates at full-duplex. Which Ethernet standard meets these guidelines?(2 answers)
1000BaseSX, 10GBaseSR
Which of the following use the CSMA/CD access method?(2 answers)
1000BaseT, 10BaseT
Which of the following Ethernet standards uses fiber optic cabling?(2 answers)
100BaseFX 1000BaseLX
Which of the following use the CSMA/CD access method?(2 answers)
10BaseT 1000BaseT
You would like to implement 10 Gbps Ethernet over a distance of 1 km or greater. Which of the following would be the minimum requirement for the implementation?(2 answers)
10GBaseLR standards 10GbaseEr Standards Single mode fiber
Which of the following standards is used by SONET?
10GBaseLW
How many total channels are available for 802.11g wireless networks?
11
Which three of the following IP addresses belong to the Class A network 114.0.0.0? ( Assume the network is indicated by the default portion of the IP address.)
114.0.0.15 114.122.66.12 114.58.12.0
Which three of the following are Class B addresses?
129.0.0.0 190.65.2.0 132.12.0.0
Which of the following IP addresses have a default subnet mask of 255.255.0.0?
129.0.0.1 191.168.2.15 168.16.5.1
Which of the following IP addresses have a default subnet mask of 255.255.0.0? (Select all that apply.)
129.0.0.1 191.168.2.15 168.16.5.1
Which of the following IP addresses have a default subnet mask of 255.255.0.0?
129.0.0.1 191.168.2.15 168.16.5.1
A host on the network has an IP address of 129.11.99.78 using the default subnet mask. How would you identify the address and mask using CIDR notation?
129.11.99.78/16
How would you identify the address and mask using CIDR notation?
129.11.99.78/16
Your network has been assigned the Class B address of 130.15.0.0. Which of the following is not an address you can assign to a node on your network?
130.16.61.3
Which three of the following IP addresses are Class B addresses?
132.12.0.0 190.65.2.0 129.0.0.0
In an IP addressing scheme using default subnet masks, which of the following IP addresses can you assign to a host?
132.70.254.15
Which of the following IP addresses is a valid IP address for a host on a public network?
142.15.6.1
Which three of the following are not valid IP address?
145.8.260.7 257.0.122.55 45.22.156.256
What is the speed of the OC-3 connection?
155 Mbps
Which of the following is the first IP address that can be assigned to hosts on the 166.70.0.0 network using the default subnet mask?
166.70.0.1
Which of the following is the last IP address that can be assigned to hosts on the 1676.70.0.0 using the default subnet mask?
166.70.255.254
Which of the following IP addresses ranges is reserved for Automatic Private IP Addressing?
169.254.0.1 - 169.254.255.254
Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server?
169.254.0.1 - 169.254.255.254
Which of the following is not one of the ranges of IP addresses defined in the RFC 1918 that are commonly used behind a NAT server?
169.254.0.1 - 169.254.255.254
Which network IDs will be assigned to these subnets in this configuration? (Select two.)
172.17.0.0 172.17.128.0
Your network has been assigned the Class B network address of 179.113.0.0 Which three of the following can be assigned to hosts on your network?
179.113.89.0 179.113.65.12 179.113.0.118
Which three of the following IP addresses are Class B addresses? (
190.65.2.0 129.0.0.0 132.12.0.0
Which three of the following IP addresses are Class C addresses?
192.15.5.55 223.16.5.0 225.55.0.0
http://i.imgur.com/8aj359P.png IP Address Subnet Mask Default Gateway DNS Server
192.168.12.46 255.255.255.240 192.168.12.34 198.162.1.22
you have two switches connected together as shown in the following diagram. How many broadcast domains are there in the network?
2
Which of the following is a vaild IP (version 4) address? (Select 2)
2.2.2.2 172.16.1.26
Which of the following is a valid IP address?
2.2.2.2 172.16.1.26
Which of the following is a valid IPv4 address?
2.2.2.2 172.16.1.26
Which of the following are frequencies defined by 802.11 committees for wireless networking. select two
2.4GHz 5.57GHz
Your network has been assigned the Class C address of 200.78.151.0. Which three of the following addresses can be assigned to hosts on your network?
200.78.151.252 200.78.151.12 200.78.151.111
You are planning a network for an educational campus. Due to the size of the buildings and the distance between them, you have elected to use 10BaseFL hubs, cabling, and network interface cards. What is the maximum length for the network cable between a workstation and a hub?
2000 meters
What is the decimal format for the following binary IP address?
206.58.170.67
Which of the following is the last IP address that can be assigned to hosts on the 211.70.0.0 network using the default subnet mask?
211.70.0.254
How many total channels are available for 802.11a wireless networks?
23
You are configuring a network firewall to allow SMTP outbound email traffic, and POP3 inbound email traffic. Which of the following TCP/IP ports should you open on the firewall?
25 110
You have been told to assign the IP address 21.155.67.188 to a host on the network using the default subnet mask. Which mask should you use?
255.0.0.0
You are configuring the IP address for a host and have been asked to use the address 192.160.99.110/16. What subnet mask value would you use?
255.255.0.0
What is the network address and subnet mask used by APIPA?
255.255.0.0 169.254.0.0
What is the network address and subnet mask used by APIPA?
255.255.0.0 169.254.0.0
What is the default subnet mask for the IP address 203.111.3.3?
255.255.255.0
You've just installed a new 16U wall-mounted rack in your data center. You need to install the following equipment in this rack: A 4U redundant power supply A 4U server A 4U switch A 2U router Which of the following equipment will also fit in this rack along with the above equipment?
2U UPS
Your network follows the 100BaseFX specifications for Fast Ethernet, and uses half-duplex, multimode cable. What is the maximum cable segment length allowed?
412 meters
To increase security on your company's internal network, the administrator has disabled as many ports as possible, Now, however, though you can browse the internet, you are unable to perform secure credit card transactions. Which port need to be enabled to allow secure trans actions?
443
You are configuring PuTTY to be used to access the CLi of a Cisco switch Which of the following configuration values would prevent PuTTY from connecting? (Select two)
4600 baud Flow control = RTS/CTS
What is the frequency of 802.11a networking?
5.75GHz
You want to use CCTV to increase the physical security of your building. Which of the following camera types would offer the sharpest image at the greatest distance under the lowest lighting conditions?
500 resolution, 50mm, .05 LUX
You want to maintain tight security on your internal network, so you restrict access to the network though certain port numbers. If you want to allow user to continue to use DNS, which port should you enable?
53
If SONET (OC-1) base data rate is 51.84 Mbps, how much data can the Optical Carrier level 12 (OC-12) transfer in one second?
622.08 Mb
Which of the following are valid IPv6 IP addresses? Select all that apply.
6384:1319:7700:7631:446A:5511:8940:2552 141:0:0:0:15:0:0:1
Which of the following are valid IPv6 IP addresses?
6384:1319:7700:7631:446A:5511:8940:2552 141:0:0:0:15:0:0:1
Which of the following are valid IPv6 IP addresses? Select all that apply.
6384:1319:7700:7631:446A:5511:8940:2552 141:0:0:0:15:0:0:1
Haley configures a web site using windows 2000 default values. What are the http prot and SSL prort settings?
80 for HTTP 443 for SSL
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4GHz. Which 802.11 stand will work best in this situation?
802.11a
Which IEEE wireless standard specify transmission speeds up to 54Mbps? select two
802.11a 802.11g
Which IEEE standard describes wireless communications?
802.11b
After installing a new 2.4GHz cordless phone system in your office, you notice that wireless network performance is adversely affected. Which of the following wireless networking standards are you most likely to be using? (Select two.)
802.11b 802.11g
Which of the following specifications identify security that can be added to wireless networks? (Select two.)
802.11i 802.1x Standards described in 802.11i have been implemented in Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2). 802.1x is an authentication protocol that can be used on wireless networks.
You are designing a wireless network for a client. Your client needs the network to support data rate of at least 150Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4GHz. Which 802.11 standard will work best in this situation?
802.11n
You are designing an update to your clients wireless network. The existing wireless network uses 802.11g equipment, which your client complains runs to slowly. She wants to upgrade the network to run 150Mbps or faster. Which 802.11 standard will work best in this situation.
802.11n
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54Mbps. Which 802.11 standard will work best in this situation? select two
802.11n 802.11a
You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solutions? select two
802.1a authentications Remediation servers
You want to increase security of your network by allowing only authenticated users to be able to access network devices through a switch. Which of the following should you implement?
802.1x
You want to increase the security of your network by allowing only authenticated users to be able to access network devices though a switch.
802.1x
select the statement that best describes a broadcast storm.
A Broadcast storm occurs when there are so many broadcast messages on the network that they approach or exceed the network bandwidth..
In what form of access control environment is access controlled by rules rather than by identity?
A MAC environment controls access based on rules rather then by identify.
Which of the following is the strongest form of mulch-factor authentication.
A Password, a biometric scan, and a token device
syslog
A ________-logging solution consists of two primary components: servers, which receive and store log messages sent from clients; and clients, which can be a variety of network devices that send logging information to a server.
baseline
A collection of data portraying the characteristics of a network under normal operating conditions. Data collected while troubleshooting can then be contrasted against this data.
Which of following describes a man in the middle attack?
A false server intercepts communications form a client by impersonating the intended server.
Which of the following describes a man-in-the-middle attack?
A false server intercepts communications from a client by impersonating the intended server.
In virtualization, what is the role of a hypervisor?
A hypervisor allows virtual machines to interact with the hardware without going through the host operating system.
In virtualization,what is the role of the hypervisor?
A hypervisor allows virtual machines to interact with the hardware without going through the host operating system.
Which of the ff. describes a configuration baseline?
A list of common security settings that a group or all devices share
Metropolitan Area Network (MAN)
A network that can cover an area as small as a few blocks to an entire metropolitan city,
Internetwork
A network with geographically disperse (WAN) connections that connect multiple LANs.
Which of the following is the strongest form of multi-factor authentications?
A password, a biometric scan, and a token device
butt set
A piece of test equipment typically used by telephone technicians. The clips can connect to the tip and ring wires on a punch-down block (for example, a 66 block or a 110 block) connecting to a telephone. This allows the technician to check the line (for example, to determine whether a dial tone is present on the line and determine whether a call can be placed from the line).
What is mutual authentication?
A process by which each party in an online communication verifies the identity of the other party.
Which of the following describes a logic bomblogic bomb?
A program that performs a malicious activity at a specific time or after a triggering event
How dose a proxy server differ from a packet filtering firewall.
A proxy server operates at the Application layer, while a packet filtering firewall operates at the network layer.
An all-in-one security appliance is best suited for which type of implementation?
A remote office with no on-site technician.
Which of the following information are you likely to find in a policy document? Steps for completing and validating nightly backups Average performance statistics for router A requirement for using encrypted communications for web transactions The IP address assigned to a router interface
A requirement for using encrypted communications for web transactions
Which of the following correctly describes the T1 carrier system?
A single T1 channel can transfer data at 64 bps. T1 lines use two pairs of copper wire.
While viewing the status of the interfaces on a Cisco switch, you see an abnormally large number of CRC errors on one interface. This interface is connected to a user's workstation located in a cubicle on the 2nd floor. What could be causing this to happen?
A strong emitter near the cable run connected to that interface
In a variation of the brute force attack, an attacker may use a predefined list (dictionary) of commonly used usernames and passwords to gain access to existing user accounts. Which countermeasure best addresses this issue?
A strong password policy
In a variation of the brute force attack, an attacker may use a predefined list...best addresses this issue?
A strong password policy
Subnet
A subnet is a portion of a network with a common network address
Which of the following is an example of two-factor authentication?
A token device and a PIN Two-factor authentication uses two different types of authentication (i.e. a combination of Type I, Type II, and Type III authentication). Of the examples listed here, a token device (Type II) combined with a PIN (Type I) is the only example of two-factor authentication.
Which of the following is an example to two -factor authentication?
A token device and a PIN (type II something you have, such as a smart card, token device, or photo ID
Which of the following is an example of internal threats.
A user accidently deletes the new product design
What is the main difference between a worm and a virus?
A worm can replicate itself and does not need a host for distribution. Both viruses and worms can cause damage to data and systems, and both spread from system to system, although a worm can spread itself while a virus attaches itself to a host for distribution.
What is the difference between a worm and a virus?
A worm can replicate itself and dose not need a host for distribution.
What is the main difference between a worm and a virus?
A worm can replicate itself, while a virus requires a host for distribution.
Using the exhibit to match the connector type on the left with the corresponding letter on the right.
A- DB-25 B- DB-9 C- RJ45 D- RJ11 E- LC F- BNC G- F-Type
You are designing a wireless network implementation for a small business. The business deals with sensitive customer information, so data emanation must be reduced as mush as possible. the floor plan of the office is shown below...
A-Direciton B-Direction C-Omni-Direction D-Direciton E-Direciton F-Direciton G-Direciton
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?
ACL When you configure a router as a firewall, you configure the access control list (ACL) with statements that identify traffic characteristics, such as the direction of traffic (inbound or outbound), the source or destination IP address, and the port number. ACL statements include an action to either allow or deny the traffic specified by the ACL statement.
You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the following components will be part of your design? select two
AES encryption 802.1x
IPsec is implemented through two separate protocols. What are these protocols called? select two
AH ESP
Which exploit seeks to maliciously re-associate the IP address of a legitimate network host with the MAC address of the attacker's computer?
ARP poisoning
A router is configured with the login, no password condition for console access. Which of the following statements is true about access via a Telnet or SSH session?
Access is denied.
"Which of the following terms describes the component that is generated following authentication and which is used to gain access to resources following log on?"
Access token
A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to a wireless network and then uses NMAP to probe various network hosts to see which operating system they are running. Which process did the administrator use in the penetration test in this scenario?
Active fingerprinting
You have a shared folder named Reports. Members of the Managers group have been given Write access to the shared folder. Mark Mangum is a member of the Managers group. He needs access to the files in the Reports folder, but should not have any access to the Confidential.xls file. What should you do?
Add Mark Mangum to the ACL for the Confidential.xls file with Deny permissions.
Which of the following are characteristics of MPLS?
Adds labels to data units Supports variable-length data units
Which of the following are characteristics fo ATM?
Adds labels to data units Uses fixed-length cells of 53- bytes
Your organization provides its sales force with Windows RT 8.1 tablets to use while visiting customers sites. You manage these devices by enrolling them in your cloud-based Microsoft Intune account. One of your sales reps left her tablet at an airport. The devices contains sensitive information and you need to remove it in case that device is compromised. Which Intune portal should you use to perform a remote wipe?
Admin Portal
While browsing the Internet, you notice that the browser displays ads that are targeted towards recent keyword searches you have performed. What is this an example of?
Adware
Which of the following is a characteristic of static routing when compared to dynamic routing?
All routers must be manually updated on the router.
Which of the following is a characteristic of static routing when compared to dynamic routing?
All routes must be manually updated on the router.
Which of the following are characteristics of TACACS+
Allow for the possible of three different servers, one each for authentication, authorization, and accounting Uses TCP
Many popular operating system allow for quick and easy sharing of files and printers with other network members. Which of the ff. is not a means by which file and printer sharing is hardened?
Allowing NetBIOS traffic outside of your secured network.
Virtual Server
Allows a single server to host multiple virtual instances of various operating systems
Community cloud
Allows cloud services to be shared by several organizations
Virtual Desktop
Allows user to store data in a centralized data center, as opposed to the hard drive of the local computer
MDIX
Also a traditional port found in a PC's NIC, but it reverses the transmit and recieves pairs
Which of the following best describes the Ping of Death exploit?
An ICMP packet larger than 65,536 bytes?
Which of the following describes how access lists can be used to improve network security?
An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.
What actions can a typical passive Intrusion Detection System (IDS) take when it detects an attack?
An alert is generated and delivered via Email, the console, or an SNMP trap. The IDS logs all pertinent data about the intrusion.
You are implementing a SOHO network for a local business. The ISP has already installed and connected a cable modem in the business. The business has four computers that need to communicate with each other and the internet. You examine each computer and notice only one of the four has a wireless NIC; they all have ethernet NICs. What should you purchase.
An unmanaged switch and Cat5e cabling
Which type of polish grade uses green-colored connectors to help prevent using the wrong connector type?
Angled Physical Contact
You are concerned about protecting your network from network-based attacks from the internet. Specifically, you are concerned about zero day attacks (attacks that have not yet been identified or that do not have prescribed protections.) Which type of device should you use?
Anomaly based IDS
You are concerned about protecting your network from network-based attacks from the Internet. Specifically, you are concerned about "zero day" attacks (attacks that have not yet been identified or that do not have prescribed protections). Which type of device should you use?
Anomaly based IDS>
What does a tarpit specifically do to detect and prevent intrusion into your network?
Answer connection requests in such a way that the attacking computer is stuck for a period of time
Which of the following statements about the use of anti virus software is correct?
Anti virus software should be configured to download updated virus definition files as soon as they become available.
Which of the ff. measures are you most likely to implement to protect against a worm or Trojan horse?
Anti-virus software
Which of the following measures are you most likely to implement in order to protect against a work or trojan horse?
Anti-virus software
Which of the ff. statements about the use of anti-virus software is correct?
Anti-virus software be configured to download update virus definition files as soon as they become available.
Which of the following statements about the use of anti-virus software is correct?
Anti-virus software should be configured to download updated virus definition files assoon as they become available.soon as they become
What is the most common form of host based IDS that employs signature or pattern matching detection methods?
Anti-virus software.
Which of the following is the correct definition of a threat.
Any potential danger to the confidentiality, integrity, or availability of information or systems
You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?
Application level
You provide internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?
Application level
You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?
Application-level
You have just purchased a new network device and are getting ready to connect it to your network. Which of the following should you do to increase its security? select two
Apply all patches and updates Change default account password
Which of the ff. is the best recommendation for applying hotfixes to your servers?
Apply only the hotfixes that apply to software running on your systems
asset management
As related to networks, this is a formalized system of tracking network components and managing the lifecycle of those components.
What is another name for a logic bomb?
Asynchronous attack
Which of the following activities are typically associated with a penetration test? (Select two.)
Attempting social engineering Running a port scanner
Which of the following activities are typically associated with penetration testing? (select two)
Attempting social engineering Running a port scanner
What are the most common network traffic packets captured and used in a replay attack?
Authentication
Which of the following are improvements to SNMP that are included within SNMP version 3? (Select two)
Authentication for agents and managers Encryption of SNMP messages
Which is the following are improvements to SNMP that are included within SNMP version 3?
Authentication for agents and managers. Encryption of SNMP messages.
What is the primary countermeasure to social engineering?
Awareness
You have just connected four switches as shown in the Exhibit. Assuming the default switch configuration, which switch will become the root bridge?
B
You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the main floor. You need to connect the two wiring closets. Which of the following are typically used to connect the two wiring closets? (Select two.) A. Demarc extension B. Horizontal cross connect C. Smart jack D. 25 pair E. Vertical cross connect
B. Horizontal cross connect D. 25 pair A horizontal cross connect connects IDFs on the same floor. 25 pair or 100 pair wiring punched down into 66 or 110 blocks are often used to connect the wiring closets together. A vertical cross connect connects the IDF to the MDF on a different floor.
Which of the following routing protocols is used by routers on the internet or learning and sharing routes?
BGP
Which of the following routing protocols used paths, rules, and policies instead of a metric for making routing decisions?
BGP
You are working with an older 10Base2 Ethernet network. Which of the following connector types will you most likely encounter?
BNC
After an intrusion has occurred and the intruder has been removed from the system, which of the following is the best next step or action to take?
Back up all logs and audits regarding the incident
Developers in your company have created a Web application that interfaces with a database server. During development, programmers created a special user account that bypasses the normal security. What is this an example of?
Backdoor
While developing a network application, a programmer adds functionally that allows her to access the running program, without authentication, to capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application. What type of security weakness does this represent?
Backdoor
NetBus and Back Orifice are remote control tools. They allow you to connect to a remote system over a network and operate it as if you were sitting at its local keyboard. Unfortunately, these two programs are also examples of what type of security concern?
Backdoor Trojans
Which of the following is an important aspect of evidence gathering?
Backing up all log files and audit trails
Which of the following is an important aspect of evidence gathering?
Backing up all logs files and audit trails
You provide IT support under contract for a dentists office. The office has a limited number of wireless clients, so a simple wireless router is used to profide WIFI access. On your latest visit, you check the manufactures website and discover that a update has been released by the wireless router manufacture. You decide to download and install the update. Click the option you should use in the wireless routers configuration interface to prepare the device for update.
Backup Configuration
You are concerned about the amount of traffic that passed through a router on your network. You want to see how the amount of traffic has changed over time. Which document would help in identifying past average network traffic? Network diagram History log Baseline Event log
Baseline
You are in the habit of regularly monitoring performance statistics for your devices. You find that this month a specific server has averaged a higher number of active connections than last month. Which type of document should you update to reflect the change? Configuration documentation Wiring schematic Baseline Change log Network diagram
Baseline
When duplicating a drive for forensic investigative purposes, which of the following copying methods is most appropriate?
Bit-level cloning
A switch running STP is a backup bridge. What state is it in?
Blocking
You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standard could the network be using. select two
Bluetooth 802.11b
A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computers represent?
Botnet
A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computers represent?
Botnet
Which of the following attacks is a form of software exploitation...input variable is designed to handle?
Buffer overflow
Which of the following physical topologies are used with Ethernet networks?(2 answers)
Bus, Star
In business continuity planning, what is the primary focus of the scope? Human life and safety Business processes Recovery time objective Company assets
Business processes
Which of the following are requirements of the 1000BaseT Ethernet standards?(3 answers)
CAT 5e cabling RJ-45 connectors The cable length must be less than or equal to 100m
Asset management
CM Process: A formalized system of tracking network components and managing the lifecycle of those components.
Change management
CM Process: Commonly a form of software used by network administrators to alert other network administrators about an upcoming network change.
Network documentation
CM Process: Comprised of Contact Information, Policies, Network maps and diagrams, Vendor Documentation and Wiring Schemes
Cable Management
CM Process: Documentation about a network's existing cable (that is, copper and fiber-optic cable) infrastructure.
Baselining
CM Process: The collection of network utilization data when the network is operating properly to be compared to when issues are present
Arrange the computer components listed on the left in order of decreasing volatility on the right.
CPU registers and caches System RAM Paging file Hard Disk File system backup on an external USB drive
Arrange the computer components listed on the left in order of decreasing volatility on the right.
CPU registers and caches System RAMWhich of the following is an important aspect of evidence gathering? Paging file Hard disk File system backup on an external USB drive
The media access control method of all Ethernet networks is
CSMA/CD
What must you install between your network and a T1 line for your networks to use the T1 line?
CSU/DSU
Which of the following devices is used on a WAN to convert synchronous serial signals into digital signals?
CSU/DSU
Which of the following services are available regardless of whether the telephone company network is available?
Cable modem
You are making Ethernet drop cables using Cat5e cable and RJ45 connectors. You need to remove the plastic coating over the cable to expose the individual wires. Which tool should you use?
Cable stripper Use a cable stripper to remove the plastic covering for a cable. Note: When making drop cables or using punchdown blocks, do not remove the plastic covering for individual wires. Use snips to cut cables. Use a punchdown tool to push wires into 66 or 110 blocks and cut wires at the same time. Use a butt set to connect to phone lines to monitor, make, or answer phone calls.
Which of the following functions are performed by proxies?
Cache web pages Block employees from accessing certain web sites
Multilayer Switch
Can make forwarding decisions based on upper-layer information. Could function as a router.
Which of the following fire extinguisher suppressant types is best used for electrical fires that might result when working with computer components? Soda acid Water-based Carbon dioxide (CO2) Dry powder
Carbon dioxide (CO2)
Cat 5
Carry data at a rate of 100Mbps.
Cat 5e
Carry data at a rate of 1Gbps.
What is the minimum cable specification that supports 1000 Mbps Ethernet?
Cat 5
Which of the following cable types often includes a solid plastic core?
Cat 6
MDF
Centralized Distribution Frame that connects out to multiple IDFs
You manage a network that uses 1000BaseT Ethernet. You find that one device communicates on the network at only 100 Mbps. Which tool should you use to test the drop cable and the connection to the network?
Certifier
You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this?
Chain of custody
What is the most important element related to evidence in addition to the evidence itself?
Chain of custody document
You are troubleshooting a workstation connection to the network. During your troubleshooting, you replace the drop cable connecting the computer to the network. Which type of document should you update? Change documentation Configuration documentation Wiring schematic Network diagram
Change Documentation
You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device? Change management Resource allocation Acceptable use SLA
Change management
You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device? Change management resources allocation SLA acceptable use
Change management
Which wireless technology is used to enable 802.11a-ht and 802.11g-ht networks to emulate 802.11n network speeds?
Channel bonding
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
Circuit level
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
Circuit-level
Which type of network establishes a dedicated physical connection between two hosts who need to communicate on the network, not allowing any other host to use the medium until the communication is complete?
Circuit-switched
Consider the following IP address. 1. 124.77.8.5 2. 131.11.0.9 3. 190.66.250.10 4. 196.5.89.44 Which list represents the IP address class of each listed IP address?
Class 1, Class B, Class B, Class C.
Consider the following IP addresses. 1) 124.77.8.5 2) 131.11.0.9 3) 190.66.250.10 4) 196.5.89.44
Class A, Class B, Class B, Class C
You manage a server that uses an IP address of 192.168.255.188 with a mask of 255.255.0.0 Which of the following describes the address type?
Classless
Which of the following are often synonymous with or made possible by CIDR?
Classless VLSM
Which of the following terms are often synonymous with or made possible with CIDR? (Select two.)
Classless VLSM
You manage a server that uses an IP address of 192.168.255.188 with a mask of 255.255.0.0. Which of the following describes the address type?
Classless.
You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this?
Client-side scripts
When designing a firewall, what is the recommended approach for opening and closing ports?
Close all ports; open only ports required by applications inside the DMZ.
Which of the following is NOT true regarding cloud computing?
Cloud computing requires end-user knowledge of the physical location and configuration of the system that delivers the services.
Which of the following network strategies connects multiples servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service? Mirroring Clustering Adapter bonding Storage Area Networks (SANs)
Clustering
Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service?
Clustering Clustering connects multiple servers together using special software.
Which of the following is not a reason to use subnets on a network?
Combine different media type on to the same subnet.
Match each type of switch on the left with its corresponding characteristics on the right. Each switch may be used once, more than once, or not at all.
Commonly sold at retail stores Unmanaged switch Provide port security features Managed switch Support VLANs Managed switch Provide very few configuration options Unmanaged switch Can be configured over a network connection Managed switch Can be configured over a dedicated communication channel Managed switch
RG-6
Commonly used by local cable companies to connect individual homes to the cable company's distribution network.
Match each third-party integration phase on the left with the tasks that need to be complete during that phase on the right. Each phase may be used once, more than once, or not at all Communicate vulnerability assessment findings with the other party. Compare your organization's security policies against the partner's policies. Disable VPN configurations that allow partner access to your network. Communicate vulnerability assessment findings with the other party. Disable the domain trust relationship between networks. Identify how privacy will be protected. Draft an ISA. Conduct regular security audits choices Ongoing operations Off-boarding Onboarding
Communicate vulnerability assessment findings with the other party. - Ongoing operations Compare your organization's security policies against the partner's policies. - Onboarding Disable VPN configurations that allow partner access to your network. - Off- boarding Communicate vulnerability assessment findings with the other party. - Onboarding Disable the domain trust relationship between networks. - Off-boarding Identify how privacy will be protected. - Onboarding Draft an ISA. - Onboarding Conduct regular security audits - Ongoing operations
As a victim of a Smurf attack, what protection measure is the most effective during the attack?
Communication with our upstream provider
You are concerned that the wireless access points may have been deployed within your organization without authorizations. What should you do. select two
Conduct a site survey Check the MAC addresses on devices connected to your wired switch
You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do? (Select two. Each response is a complete solution.)
Conduct a site survey. Check the MAC addresses of devices connected to your wired switch.
"A user copies files from her desktop computer to a USB flash device and puts the device into her pocket. Which of the following security goals is most at risk?"
Confidentiality
You want to make sure that the correct ports on a firewall have been opened or closed. Which document should you check? Wiring schematic Policy Configuration documentary baseline
Configuration Document
Your organizations uses a time-keeping application that only runs on Windows 2000. Because of this, there are several Windows 2000 workstations on your network. Last week you noticed unusual activity.... Which solution should you implement to protect the network....
Configure VLAN membership so that the Windows 2000 workstations are on their own VLAN
Your Company has decided to temporarily partner with a third party organization for an upcoming project....... What should you do to allow routing information to be exchanged?
Configure a border router to use route redistirbution
Which of the following enterprise wireless configurations strategies best keeps public wireless access separate from private wireless access?
Configure a guest access WLAN that uses open authentication and that isolates guest WLAN traffic from other clients on the same access point.
You have just connected four switches as shown in the Exhibit. Assuming the default switch configuration, how can your force Switch C to become a root bridge?
Configure a priority number of 4096 for switch C
You have configured a wireless access point to create a small network. For security, you have disabled SSID broadcast. From a client computer, you try to browse to find the access point. You see some other wireless networks in the area, but cannot see your network to connect to it. What should you do?
Configure a profile on the wireless client.
"You have hired 10 new temporary workers who will be with the company for 3 months. You want to make sure that after that time the user accounts cannot be used for log on. What should you do?"
Configure account expiration in the user accounts
"For users on your network, you want to automatically lock their user accounts if four incorrect passwords are used within 10 minutes. What should you do?"
Configure account lockout policies in Group Policy
You are the wireless network Admin for your organization. As the size of the organization has grown, you've decided to upgrade your wireless network to use 802.11x authentication instead of pre-shared keys. What should you do
Configure all wireless access points with client certs. Configure the RADIUS server with a server cert.
Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them. To increase security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? select two
Configure and apply security policy settings in a mobile device management system Enroll the devices in a mobile device management system
"You have hired 10 new temporary workers who will be with the company for 3 months. You want to make sure that these users can only log on during regular business hours. What should you do?"
Configure day/time restrictions in the user accounts
You are the network administrator for a city library. Thought the library are several groups of computers that provide public access to the internet..... The library computers are in croups of four. each group of four computers is connected to a hub that is connected to the library network... What can you do?
Configure port security on the switch
You have three switches configured as shown in the Exhibit. How can you guarantee that switch C becomes the root bridge?
Configure switch C with a lower priority value
A salesperson in your organization spent most of her time traveling between customers sites. After a customer visit, she must complete various managerial tasks, such as updating your organizations order database. Because she rarely... many of the things... Which key step should you take when implementing this configurations? select two
Configure the VPN connection to us IPsec Configure the browser to sent HTTPS requests through the VPN connection
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the following would be a required part of your configurations?
Configure the remote access server as RADIUS clients
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Witch of the following would be required pare of your configuration?
Configure the remote access servers as RADIUS clients.
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the following would be a required part of your configuration?
Configure the remote access servers as RADIUS clients. When configuring a RADIUS solution, configure a single server as a RADIUS server. Then configure all remote access servers as RADIUS clients.
What does the ip address dhcp command allow you to do?
Configures the switch to obtain an IP address from a DHCP server.
You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this?
Connect one server through a different ISP to the Internet. If the ISP connection goes down, then the website is unavailable. Connecting one server to a different ISP, or both servers to two ISPs, will provide redundancy for the connection.
You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this?
Connect one server through a different ISP to the internet.
You want to create a rollover cable that has an RJ-45 connector on both ends. How should you connect the wires within the connectors?
Connect pin 1 to pin 8, pin 2 to pin 7, pin 3 to pin 6, and pin 4 to pin 5
Ring
Connects neighboring nodes until they form a ring. Signals travel in one direction. Malfunctioning node or cable break can prevent signals from reaching nodes further along the ring.
Bus
Consists of a trunk cable with nodes either inserted directly into the trunk or tapped into the trunk using offshoot cables called drop cables. Messages are sent to all devices connected to the bus
You have recently discovered that a network attack has compromised your database server. In the process, customer credit card numbers might have been taken by an attacker. You have stopped the attack and put measures in place to prevent the same incident from occurring in the future. What else might you be legally required to do?
Contact your customers to let them know of the security breach
You have recently discovered that a network attack has compromised your database server. In the process, customer credit card numbers might have been taken by an attacker. You have stopped the attack and put measures in place to prevent the same incident from occurring in the future. What else might you be legally required to do?
Contact your customers to let them know of the security breach.
You have a website that uses multiple servers for different types of transactions. For example, one server is responsible for static web content, while another is responsible for secure transactions. You would like to implement a devices to speed up access to your web content..... Which type of device should you choose?
Content switch
Which of the following applications typically use 802.1x authentication?
Controlling access though a switch Controlling access though a wireless access point
Which of the following applications typically use 802.1x authentication? (Select two.)
Controlling access through a switch Controlling access through a wireless access point
You have a network configured to use the OSPF routing protocol. Which of the following describes the state when all OSPF routers have learned about all other routes in the network?
Convergence
You have a network configured to use the OSPF routing protocol. Which of the following describes the state when all OSPF routers have learned about all other routes in the network?
Convergence
You have a network configured to use the OSPF routing protocol. Which of the following describes the state when all OSPF routers have learned about all other routes in the network?
Convergence
You have a network configured to use the OSPF routing protocol. Which of the following describes the state when OSPF routers have learned about all other routes in the network?
Convergence.
Which of the following is a text file provided by a website to a client that is stored on a user's hard drive in order to track and record information about the user?
Cookie
Application
Corresponds to the Session, Presentation, and Application layers of the OSI model
You are the IT Security Administrator for a small corporate network. You would like to allow a group of desktop administrators to have administrative rights to all of the workstations in the domain. The workstations are located in the Workstations OU. Your task in this lab is to complete the following actions on the CorpDC server: Create a global security group named Desktop Admins in the Admins OU. Members of the group will be added later. Configure a restricted group policy in the WorkstationGPO object that adds the Desktop Admins group to the local Administrators group on the workstations.
Create a Group 1. From Hyper-V Manager click CorpServer > R click CorpDC server > Connect 2. From Server Manager, select Tools > Active Directory Users and Computers. 3. Browse the Active Directory structure and the parent OU, R click the OU or other container in which the new group must be created. From the pop up menu, click New - Group. 4. Type a name for the group, Select a group scope and group type then click ok. Create a Restricted Group 1. From Server Manager, select Tools > Group Policy Management. 2. Browse to the policy object. R click the policy and select Edit. 3. In the group policy management editor, browse to computer configuration/policies/windows settings/ security settings/ restricted groups. 4. R click and select Add Group 5. Click browse, and then enter the group name , click ok. 6. In the This Group is a member of: click add. 7. Type the name of the local group to the group will be added to ( do not browse) click ok.
You want to store your computer-generated audit logs in case they are needed in the future for examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future?
Create a hash of each log.
You are responsible for maintaining Windows workstation operating systems in your organization. Recently, an update from Microsoft was automatically installed on your workstations that caused an in-house application to stop working. To keep this from happening again, you decide to test all updates on a virtual machine before allowing them to be installed on production workstations. Currently, none of your testing virtual machines have a network connection. However, they need to be able to connect to the update servers at Microsoft to download and install updates.
Create a new virtual switch configured for bridged (external) networking Connect the virtual network interfaces in the virtual machine to the virtual switch
You are an application developer. You use a hypervisor with multiple virtual machines installed to test your applications on various operating system versions and editions. Currently, all of your testing virtual machines are connected to the production network through the hypervisor's network interface. However, you are concerned that the latest application you are working on could adversely impact other network hosts if errors exist in the code. To prevent this, you decide to isolate the virtual machines from the production network. However, they still need to be able to communicate directly with each other. What should you do?
Create a new virtual switch configured for host-only (internal) networking. Connect the virtual network interfaces in the virtual machines to the virtual switch.
"You want to give all managers the ability to view and edit a certain file. To do so, you need to edit the discretionary access control list (DACL) associated with the file. You want to be able to easily add and remove managers as their job positions change. What is the best way to accomplish this?"
Create a security group for the managers. Add all users as members of the group. Add the group to the file's DACL
You want to give all managers the ability to view edit a certain file. To do so, you need to edit the discretionary access control list (DACL) associated with the file. You want to be able to easily add and remove managers as their job positions change. What is the best way to accomplish this?
Create a security group for the managers. Add all users as members of the group. Add the group to the file's DACL.
A user reports that she cant connect to the internet. After some investigation, you find the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point. What should you do next?
Create an action plan.
A security administrator logs on to a Windows server on her organization's network. She then runs a vulnerability scan on that server. What type of scan was conducted in this scenario? Ping scan TCP SYN scan Credentialed scan Non-Credentialed scan
Credentialed scan
Which of the following is an example of privilege escalation? Separation of duties Creeping privileges Principle of least Privilege Mandatory vacations
Creeping privileges
Which of the following is an example of privilege escalation? Separation of duties Creeping privileges Principle of least privilege Mandatory vacations
Creeping privileges
You have two switches that you need to connect using their uplink ports. The switches do not support auto-MDI. Which type of cable should you use?
Crossover
You have two switches that you need to connect using their uplink ports. The switches do not support auto-MDI. Which type of cable should you use?
Crossover
You need to transfer data from one laptop to another and would like to use an Ethernet cable. You do not have a hub or a switch. Which type of cable should you use?
Crossover
You need to transfer data from one laptop to another and would like to use an Ethernet cable. You do not have a hub or a switch. Which type of cable should you use?
Crossover
You want to connect the LAN port on a router to the uplink port on a switch. The switch does not support auto-MDI. Which type of cable should you use?
Crossover
You want to connect the LAN port on a router to the uplink port on a switch. The switch does not support auto-MDI. Which type of cable should you use?
Crossover
You have decided to implement Gigabit Ethernet on your network. Each switch port is connected to a single device. Following the installation, you find one device connected to a switch that is only running at 100 Mbps. Which of the following are likely causes?
Crosstalk.
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This isan example of which kind of attack?an example of which kind of attack
DDoS
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?
DDoS A DDoS attack is when multiple PCs attack a victim simultaneously and generate excessive traffic, thereby overloading communication channels, or exploiting software flaws.
You have a TCP/IP network with 50 hosts. There has been in consistant communication problems between hosts. You run a protocol analyzer and discover that two hosts have the same IP address assigned. Which protocol can you implement on your network to help prevent problems such as this?
DHCP
A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organization's firewall. As a result, the switch drops the DHCP message from that server. Which security feature was enabled on the switch to accomplish this?
DHCP snooping DHCP snooping filters out untrusted DHCP messages. An untrusted DHCP message is received from outside the network or firewall. DHCP snooping acts like a firewall between DHCP clients and your DHCP servers.
Which of the following describes the point where the service provider's responsibility ends and the customer's responsibility begins for installing wiring and maintaining wiring and equipment?
Demarc
You have a network tha occupies the top floor of a three story building. The WAN service provider has installed the line for the WAN service into the buiilding in a wiring closet on the main floor. What would you use to relocate the WAN line into a wiring closet on your floor?
Demarc extension A demarc extension extends the demacation point from its original location to another location within the building.
Which of the following is not a valid response to a risk discovered during a risk analysis? Denial Acceptance Assignment Mitigation
Denial
An Attack that sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?
Denial of Service
Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions form occurring?
Denial of service attack
Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?
Denial of service attack
Which of the following can be used to stop piggybacking that has been occurring at the front entrance where employees should swipe their smart cards to gain entry?
Deploy a man trap
Which of the following can be used to stop piggybacking that has been occurring at the front entrance where employees should swipe their smart cards to gain entry?
Deploy a mantrap
Network (Layer 3)
Describes how data are routed across networks and on to the destination.
Match the Etherchannel protocol on the left with its characteristics on the right.
Desirable mode places the port in a negotiating state. Port Aggregation Protocol (PAgP) Based on the 802.3ad standard link Aggregation control protocol(LACP) Passive mode places the port into a passive negotiation state. link aggregation control protocol (LACP) Auto mode places the port into a passive negotiating state. Port Aggregation Protocol (PAgP) Active more places the port in a negotiating state. link Aggregation control protocol(LACP)
A service Level Agreement (SLA) defines the relationship between, and the contractual responsibilities of, providers and recipients of service. Which of the following characteristics are most important when designing an SLA? select two
Detailed provider responsibilities for all continuity and disaster recovery mechanisms. Clear and detailed descriptions of penalties if the level of service is not provided
Which of the following information are you likely to find in a procedure document An inventory of the hardware components in a specific device a record of the repairs made to the specific device The relationship of routers to other routers on the network Details on how to test and deploy patches
Details on how to test and deploy patches
TDR
Detects the location of a fault in a copper cable by sending an electric signal down the copper cable and measuring the time required for the signal to bounce back from the cable fault. Can then mathematically calculate the location of the fault.
OTDR
Detects the location of a fault in a fiber cable by sending light down the fiber-optic cable and measuring the time required for the light to bounce back from the cable fault. The OTDM can then mathematically calculate the location of the fault.
Users report that the network is down. After some investigation, you determine that a specific router is configured such that a routing loop exists. What should you do next?
Determine if escalation is needed.
When securing a newly deployed server, which of the ff. rules of thumb should be followed?
Determine the unneeded services and their dependencies before altering the system.
A user reports that she cant connect to a server on your network. You check the problem and find out that all users are having the same problem. What should you do next?
Determine what has changed.
Which of the following functions can a port scanner provide?
Determine which ports are open on a firewall. Discover unadvertised servers.
Which of the following functions can a port scanner provide? select two
Determining which ports are open on a firewall Discovering unadvertised servers
Which of the following statements describe how VLANs effect broadcast traffic within an internetwork?
Devices on the same VLAN have the same subnet address Broadcast traffic is transmitted only within a VLAN
Which of the following best describes the concept of VLAN?
Devices on the same network logically grouped as if they were on separate networks
Which of the following best describes the concept of virtual LAN?
Devices on the same network logically grouped as if they were on separate networks.
On your way into the back entrance of the building at work one morning, a man dressed as a plumber asks you to let him in so he can "fix the restroom." What should you do?
Direct him to the front entrance and instruct him to check in with the receptionist.
Which of the following measures will make your wireless network inviable to the casual attacker performing war driving?
Disable the SSID broadcast
What should be done to a user account if the user goes on an extended vacation?
Disable the account
Which of the ff. actions should you take to reduce the attack surface of a server?
Disable unused services
Which of the following actions should you take to reduce the attack surface of a server?
Disable unused services
Which of the following actions should you take to reduce the attack surface of a server?
Disable unused services.
During a recent site survey, you find a rogue wireless access point on your network. Which of the following actions should you take first to protect your network, while still preserving evidence?
Disconnect the access point from the network
If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?
Disconnect the intruder
If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?
Disconnect the intruder.
You manage the website for your company. The web1 server hosts the website. This server has the following configuration: Duel core processor Dual power supplies RAID 5 volume One RAID controller two 1000 Mbps network adapters Which component is a single point of failure for the website? power supply Disk storage Disk controller Network adapter
Disk controller
Which of the following enterprise wireless deployment models uses access points with enough intelligence to allow for the creation of quest WLANs for keeping public wireless traffic separated from private traffic?
Distributed wireless mesh infrastructure
When conducting a forensic investigation, and assuming that the attack has been stopped, which of the following actions should you perform first?
Document what's on the screen
When conducting a forensic investigation, and assuming that the attack has been stopped, which of the following actions should you perform first?
Document whats on the screen
Your wireless network consist of multiple wireless 802.11n access points that are configured as follows.....This network is required to support an ever-increasing number of devices. what should you do?
Double the bandwidth assigned per channel to 40MHz
You have just started a new job as a network team leader for a small company. You are responsible for overseeing the work of help Desk technicians, as well as doing your own share of the administrative work. To improve the safety of your organization, you decide to assemble material safety data sheets (MSDS) for all chemicals used in your organization. How should you get them? Ask you manager for them Download them from the chemical manufacturers' websites. Request them from you local workforce safety & insurance office write them yourself after researching the chemicals
Download them from the chemical manufacturers' websites.
Using the Netstat command, you notice that a remote system has made a connection to your Windows Server 2003 system using TCP/IP port 21. Which of the following actions is the remote system most likely to be performing?
Downloading a file
When you browse to a website, a pop-up window tells you that your computer has been infected with a virus...spyware on your system.
Drive-by download
When you browse to a website, a pop-up window tells you that your computer has been infected with a virus. You click on the window to see what the problem is. Later, you find out that the window has installed spyware on your system. What type of attack has occurred?
Drive-by download Drive-by downloads can occur in a few different ways: • Through social engineering, the user is tricked into downloading the software. • By exploiting a browser or operating system bug, a site is able to install software without the user's knowledge or consent.
You manage the two-location network shown in the exhibit. Workstations and servers at each location connect to a patch panel using behind-the-wall wiring. The patch panel.... Drag the cable type on the left to the most appropriate network location on the right.
Drop Cables Cat6 straight-through UTP Patch Cables Cat6 straight-through UTP Uplink Cables Cat6 crossover UTP WAN Cable Single-mode fiber optic
A router is connected to a network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. There is no default route on router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
Drop the packet.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. There is no default route configured on the router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
Drop the packet.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24.The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24.There is no default route configured on the router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
Drop the packet.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24.The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24.There is no default route configured on the router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
Drop the packet.
Which of the following are characteristics of SONET?
Dual counter-rotating fiber optic rings Transport protocol used for other traffic types (such as ATM
A user reports that network access from her workstation is very slow. The problem does not seem to be affecting any other users. Which of the following conditions is the most likely cause?
Duplex mismatch
You want to connect your small company network to the Internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connection to internal hosts. What type of NAT should you implement?
Dynamic
A network switch is configured to perform the following validation checks on its ports: • All ARP requests and responses are intercepted. • Each intercepted request is verified to ensure that it has a valid IP-to-MAC address binding. • If the packet has a valid binding, the switch forwards the packet to the appropriate destination. • If the packet has an invalid binding, the switch drops the ARP packet. What security feature was enabled on the switch to accomplish this?
Dynamic ARP Inspection
You have been contracted by a firm to implement a new remote access solution based on a Windows Server 2003 system. The customer wants to purchase and install a smartcard system to provide a high level of security to the implementation. Which of the following authentication protocols are you most likely to recommend to the client?
EAP
You have been contracted by a firm to implement a new remote access solution based on a Windows Server 2003 system. The customer wants to purchase and install a smartcard system to provide a high level of security to the implementation. Which of the following authentication protocols are you most likely to recommend to the client?
EAP
You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use?
EAP
You want to implement an authentication method that uses public and private key pairs. Which authentication methods should you use?
EAP
Which remote access authentication protocol allows for the use of smart cards for authentication?
EAP Extensible Authentication Protocol (EAP) is a set of interface standards that allows you to use various authentication methods including smartcards, biometrics, and digital certificates.
You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use?
EAP Public and private key pairs are used by certificates for authentication and encryption. Extensible Authentication Protocol (EAP) allows the client and server to negotiate the characteristics of authentication. EAP is used to allow authentication using smart cards, biometrics (user physical characteristics), and certificate-based authentication.
Which of the following routing protocols is classified as a balanced hybrid of routing protocol.
EIGRP
Which of the following routing protocols is classified as a balanced hybrid routing protocol?
EIGRP
You are troubleshooting a client connectivity problem on an Ethernet network. The client system has intermittent connectivity to the network. You discover that the UTP patch cable is run 75 feet from the wall outlet, passes through the ceiling and over several florescent light fixtures before reaching the client system. Which of the following may be a cause of the connectivity problem?
EMI interfaace.
Which of the following statements about ESD is not correct? ESD damage is more likely to occur in low humidity Measuring the moisture content in the air can be helpful in avoiding ESD One of the greatest threats to computer equipment is ESD ESD is much more likely to occure when the relative humidity is above 50%
ESD is much more likely to occure when the relative humidity is above 50%
You have a cable Internet connection at home. The installer had connected the router near the outside wall of your house with RG-6 cable. You move the cable router a distance of 50 meters using RG-8 cables and special connector adapters. Which condition are you most likely to experience?
Echo
How can an organization help prevent social engineering attacks?
Educate employees on the risks and countermeasures Publish and enforce clearly written security policies
Which technologies are used by the 802.11ac standard to increase network bandwidth? select two
Eight MIMO radio streams 80MHz donned channels
RJ-45
Eight-Pin Connector found in most Ethernet Networks. Ethernet usually only uses four of these eight
EMI
Electro Magnetic Interference
You have configured a remote access server to accept dial-up connections for remote access clients... which action would likely correct the problem?
Enable proxy arp on the LAN connection for the remote access server
You have a remote access server to accept dial-up connections for remote access clients. Remote clients are able to connect successfully and access resources on the remote access server. However, the remote clients are not able to connect to other devices located on the same subnet where the remote access server is located. Which action would likely correct the problem?
Enable proxy arp on the LAN connection for the remote access server.
You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. Which of the following will help reduce the effects of a broadcast storm?
Enable spanning tree on the switches
Your organization recently purchased 18 IPad tablets for use by the organizations management team. The devices have iOS pre-installed on them. To increase security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? select two
Enroll the devices in a mobile device management system Configure and apply security policy settings in a mobile device management system
Many of the end users in your organization are bringing their own personal mobile devices to work and are storing sensitive date on them. To precent the data from being compromised, you create a cloud-based Microsoft Intune account and configure mobile device security policies. You now need to apply those security policies to the end users mobile devices. What should you do? select two
Enroll the devices with the Intune service Create a user account for each user who has a managed mobile device
You need to disable the FastEthernet 0/0 interface on a switch Drag the command on the left to the approbate configuration step on the right to accomplish this. Not all of the commands may be required
Enter global configuration mode conf t Enter interface configuration mode int fa0/0 Disable the interface shutdown Verify the interface is disabled show ip interface brief
The FastEthernet 0/0 interface on a s witch is currently disable. You need to enable it so a workstation can be connected to it. Drag the command on the left to the approbate configuration step on the right to accomplish this. Not all of the commands may be required
Enter global configuration mode conf t Enter interface configuration mode int fa0/0 Enable the interface no shut Verify the interface is disabled show interface status
On-Site
Equipment residing in a corporate location
Off-Site
Equipment residing in an unknown or non-populated location
Which of the following are solutions that address physical security?
Escort visitors at all times Require identification and name badges for all employees
Dumpster diving is a low-tech means of gathering information that may be useful in gaining unauthorized access, or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving?
Establish and enforce a document destruction policy
You have a network server with two network interface cards. You want both network adapters to be used at the same time to connect to the same network to double the amount of data the server can send. Which feature would you use?
Ethernet bonding
You manage a firewall that connects your private network to the Internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use?
Event log.
You have just signed up for a broadband home Internet service that uses coaxial cable. Which connector type will you most likely use?
F-type
Which of the following is a valid IPv6 address?
FEC0::AB:9007
You are the IT Administrator for a small corporate network. Until now, the network has consisted only of workstations accessing the Internet through a consumer grade switch. You have convinced management that adding a server would ease your administrative burden. As a result, you are testing various configurations of the Windows Server 2012 operating system. You have installed Windows Server 2012 on a server named CorpServer. During installation, you created a single volume for the operating system using 200 GB on the first disk. Two additional unused disks are installed in the server. Complete the following tasks: Extend the System (C:) volume to use the remaining space on Disk 0. Create a new volume using Disk 1 and Disk 2 with the following settings: Use all of the disk space on Disk 1 and 600 GB (614400 MB) on Disk 2. Drive letter = M File System = NTFS Volume label = Data
Extend a Volume: 1. in the lower left-hand corner, R click the start page thumbnail and select disk management 2. if needed, click ok to initialize any new disks. 3. R click the volume and select extend volume. 4. click next. 5. for the system volume, you can only extend the volume onto the existing disk. type the amount of disk space to add to the volume and click next. click finish. Convert a Disk to Dynamic 1. In Disk management, R click the disk and select convert to Dynamic Disk 2. Select the disk to convert, click ok. 3. Click convert 4. If the disk contains a volume, you will be shown a warning message. Click Yes to continue. Create a Spanned Volume 1. In disk management, R click a disk or free space on a disk and select New Spanned Volume. 2. Click Next 3. Select the disks that will be part of the spanned volume and click Add. You must select at least 2 disks to create a spanned volume. 4. To modify the amount of space used on a disk for the new volume, select the disk in the right box, and then edit the number in the select the amount of space in MB: field. 5. Click next 6. Select the drive letter and click Next 7. Type the volume label, then click next 8. Click finish 9. If the new volume includes a space from a disk that is currently a basic disk, you will be prompted to convert the disk to a dynamic disk. Click Yes to create the volume.
Which of the following terms is used to describe an event in which a person is denied access to a system when they should be allowed to enter?
False negative (Type I error) occurs when a person who should be allowed access is denied access.
Which component of a Change and Configuration Management policy identifies technical and budgetary considerations associated with a proposed change and also identifies any potential impacts to the network? Authorized downtime Rollback Feasibility analysis Change request
Feasibility analysis
Ethernet 100BaseFX networks use what type of cabling?
Fiber-optic
Which of the following are characteristics of a packet filtering firewall? (Select two.)
Filters IP address and port Stateless
Which of the following are characteristics of a circuit-level gateway? (Select two.)
Filters based on sessions Stateful
Which of the following is a reason to use a protocol analyzer?
Find devices that might be using legacy protocols, such as IPX/SPX or NetBIOS
Which of the following identifies an operating system or network service based upon it response to ICMP messages?
Fingerprinting
Plenum
Fire Retardant and minimizes toxic fumes released by the cable if it would catch on fire
You are the administrator of your company's network. You want to prevent unauthorized access to your intranet from the Internet. Which of the following should you implement?
Firewall
A router is connected to a network 192.169.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The router is also configured with a static route of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to the network 10.1.0.0/16. What will the router do with the packet.
Forward the packet to the next hop router specified by the route network 0.0.0.0
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The router is also configured with a static route of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
Forward the packet to the next hop router specified by the route to network 0.0.0.0
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24.The router is also configured with a static router of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to network 10.1.0.0/16.What will the router do with the packet?
Forward the packet to the next hop router specified by the route to network 0.0.0.0.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24.The router is also configured with a static router of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to network 10.1.0.0/16.What will the router do with the packet?
Forward the packet to the next hop router specified by the route to network 0.0.0.0.
The CorpWeb server is running Windows Server 2008 R2. You previously configured the server with a static IP address. You now need to configure a DNS server address. You also want the Server to use sales.private, mrktg.private, and private as search suffixes when simple names are submitted for DNS name resolution. Your task in this lab is to: -Configure 192.168.0.11 as the DNS server address -Configure search suffixes so that the server searches the domains as described above.
From Hyper-V Manager, click CORPSERVER > R click CorpWeb server and select connect > R click the Network icon and select open network and connection sharing > Click change adapter settings > R Local Area Connection and select properties > Select IPv4 and select properties > Advanced > DNS tab > To add a DNS server address click Add > Type IP > Click ok > Verify that the server addresses are in the desired order > Select append these DNS suffixes in order > Click Add > Type the DNS suffix you want to use > Click ok > Verify they are in correct order > Click ok to close.
You work as the IT administrator for a small corporate network. The marketing department wants to create an intranet site that is only accessible from the private network. You have selected mrktg.private as the domain name that will hold all records for the zone. You want all client computers in the domain to update their records automatically with DNS. Because security is important, you want to make sure only computer that created the DNS record can update it in the future. Your task in this lab is to: -Create the mrktg.private zone on the CorpDC DNS server. -Configure the new zone to be stored in Active Directory -Replicate data with all DNS servers in the domain. -Allow only secure dynamic updates
From Hyper-V Manager, click CorpServer R click CorpDC server and select Connect From Server Manager, select Tools > DNS Expand the server node that will host the new zone. R click forward lookup zones and choose new zone, click next Select primary zone as the zone type and verify the store the zone in active directory option, click next select how you want the DNS data replicated through your network, click next select the dynamic update option, click next click finish
What type of virtualization completely simulates a real physical host?
Full Virtualization
What type of virtualization completely simulates a real physical host?
Full virtualization
Which of the following can route layer 3 protocols across an IP network?
GRE
Match the network Access Protection (NAP) component on the left with is description on the right.
Generates a stament of Health (SoH) that reports the client configuration for health requirements. NAP Client Runs the System Health Validator (SHV) NAP Server Is the connection point for clients to the network Enforcement Server (ES) Contain resources accessible to non-compliant computers on the limited-access network. Remediation Server
"You have multiple users who are computer administrators. You want each administrator to be able to shut down systems and install drivers."
Grant the group the necessary user rights. Create a security group for the administrators: add all user accounts to the group.
"For users who are members of the Sales team, you want to force thier computers to use a specific desktop background and remove access to administrative tools from the Start menu."
Group Policy
For users who are member of the Sales Team, you want to force their computers to use a specific desktop background and remove access to administrative tools from the Start menu. Which solution should you use?
Group Policy
Which method can be used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence?
Hashing Hashing is the method used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence.
"Marcus White has just been promoted to a manager. To give him access to the files that he needs, you make his user account a member of the Managers group which has access to a special shared folder. Later that afternoon, Marcus tells you that he is still unable to access the files reserved for the Managers group. What should you do?"
Have Marcus log off and log back on
Which of the following are characteristics of a rootkitrootkit? (Select two.)
Hides itself from detection Requires administrator-level privileges for installation
You are adding a new rack to your data center, which will house two new blade servers and a new switch., The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through plenum UTP cable that will be run through the suspended tile ceiling of the data center. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server, The only power available in the data center is located on the wall opposite the new server rack, so you must run extension cords across the floor to plug in the UPS unit. There are problems with this plan. What should you do? User standard (non-plenum) UTP cabling for runs that go through suspended tile ceilings. Use a cross-over cable to connect the two switches together Hire an electrician to install a wall outlet near the new rack Use 4u server for virtualization. Implement the UPS and power supplies externally to the rack
Hire an electrician to install a wall outlet near the new rack
Which of the following is a common form of social engineering attack?
Hoax virus information e-mails.
As a security precaution, you have implemented IPsec that is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?
Host based IDS
As a security precaution, you have implemented IPsec that is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?
Host based IDS.
You have been given a laptop to use for work. You connect the laptop to you company network, use it from home, and use it while traveling. You want to protect the laptop form internet based attacks. Which solution should you use?
Host based firewall
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use?
Host-based firewall
Client-Server
Hosts have specific roles.
Which of the following terms describes a Windows operating system patch that corrects a specific problem and is release on a short-term, periodic basis (typically monthly)?
Hotfix
You have been hired to design a wireless network for a SOHO environment. Which of the following questions should you ask? select three
How many devices will need to be supported Is the business expected to grow in size in the future What type of data will be transmitted on the network
An access point that conforms to the IEEE 802.11b standard acts most closely to what other networking device?
Hub
Passive Hub
Hub that doesn't amplify received bins
Active Hub
Hub that regenerates incoming bits as they are sent out all the ports on a hub, other than the port on which the bits were recieves
Which organization is responsible for allocating public IP addresses?
IANA
Which organization is responsible for allocation public IP addresses?
IANA
You have a network that occupies both floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the second floor directly above the wiring closet that directly above the wiring closet that holds the demarc. Which of the following terms describes the closet on the second floor?
IDF An intermedaite distribution frame (IDF) is a smaller wiring distribution point within a building. IDFs are typically located on each floor directly above the MDF, although additional IDFs can be added on each floor as necessary.
What security mechanism can be used to detect attacks originating on the Internet or from within an internal trusted subnet?
IDS
Match the default administrative distance with the route type
IGRP - 100 RIP - 120 Static Route - 1 EIGRP Internal Route - 90 OSPF - 110 EIGRP Summary Route - 5 Connected Interface - 0 EIGRP External Route - 170
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following dose the router use for identifying allowed or denied packets?
IP Address
You have a small network with a single subnet connected to the Internet as shown in the Exhibit. The router has been assigned the two addresses shown. You need to manually configure the workstation to connect to the network. The workstation should use RouterA as the default gateway, and DNS1 as the DNS server address. From the drop-down lists, select the appropriate paramteres to configure the workstation's TCP/IP settings.
IP Address: 192.168.12.46 Subnet Mask: 255.255.255.240 Default Gateway: 192.168.12.34 DNS Server: 192.162.1.22
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
IP address A router acting as a firewall at layer 3 is capable of making forwarding decisions based on the IP address.
Which of the following devices is capable of detecting and responding to security threats?
IPS
You are concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action when possible to stop or prevent the attack Which tool should you use?
IPS
You are connected about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action when poosible to stop or prevent the attacks. Which tool should you use?
IPS
Which of the following are security devices that perform stageful inspections of packet data, looking for patterns that indicate malicious code? select two
IPS IDS
Which of the following network layer protocols authentication and encryption services for IP based network traffic?
IPSec
Which of the following is the best countermeasure against man-in-the middle attacks?
IPsec
Which of the following is the best countermeasure against man-in-the middle attacks?
IPsec Use IPsec to encrypt data in a VPN tunnel as it passes between two communication partners
You were hired by a small start-up company. the company is in a small office and has several remote employees. You ave been asked to find a business service that would accommodate the curren size of the company but would also be able to scale as the company grows. The service needs to provide adequate storage, as well as additional computing power. Which cloud serve model should you use?
IaaS
Listed below are several DNS record types. Match the record type on the left with its function on the right.
Identify a domain controller- SRV identify a mail server- MX Map a host name to an IPv4 address- A Map an IPv4 address to a host name- PTR
A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the router back online. After doing some research you find that the most likely cause of the problem is a bug in the router's software. A new patch is available from the manufacturer that is supposed to eliminate the problem. What should you do next?
Identify possible effects of the solution.
A user reports that he cant connect to a specific Web site. You go to the user's computer and reproduce the problem. What should you do next?
Identify the affected areas of the network.
Arrange the steps in the Change and Configuration Management process on the left in the correct order in which they should be completed on the right. Identify the need for a change. Conduct a feasibility analysis. Define the procedure for implementing the change. Notify affected parties of the pending change. Implement the change. Test the implementation. Document the change.
Identify the need for a change. Conduct a feasibility analysis. Define the procedure for implementing the change. Notify affected parties of the pending change. Implement the change. Test the implementation. Document the change.
A user is unable to connect to the network. You investigate the problem and determine that the network adapter is defective. You replace the network adapter and verity that it works. What should you do next?
Identify the results and effects of the solution
Match each network enumeration technique on the left with its corresponding description on the fish.
Identifying phone number with modems War dialing Scanning for wireless access points Wardriving Identifying operating system type and version number Banner grabbing Identifying services that can pass through a firewall Firewalking
Under which of the following circumstances might you implement BGP on your company network and share routes with Internet routers?
If the network is connected to the Internet using multiple ISPs.
Under which of the following circumstances might you implement GBP on your company network and share routes with Internet routers?
If the network is connected to the Internet using multiple ISPs.
cable certifier
If you are working with existing cable and want to determine its category, or if you simply want to test the supported frequency range (and therefore data throughput) of the cable, you can use this.
Which of the following is not a form of social engineering?
Impersonating a user by logging on with stolen credentials
The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for patrons. The owner has asked..... Under no circumstances should..... What should you do?
Implement a guest network
The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for patrons. The owner has asked that you implement security controls such that only paying patrons are allowed to use the wireless network. She wants them to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at check-in, they should then be allowed full access to the Internet. If a patron does not provide the correct code, they should not be allowed to access the Internet. Under no circumstances should patrons be able to access the internal hotel network where sensitive data is stored. What should you do?
Implement a guest network
You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around the facility you note the following: When you enter thefacility a receptionist greets you and escorts you through a locked door to the work area where the office manager sits. The office manager informs you that the orgnaizations servers are kept in a locked closet. An access card is required to enter the server closet She infroms you that the server backups are configured to run each night. A rotation of tapes are used as the backup media You notice the orgnaiation's network switch is kept in the server closet You notice that the router/firewall/content filter all in one device has been implemented in the server closet to protect the internal network from external attacks. The office manager information you that her desktop system will no longer boot and asks you to repair or replace it, recovering as much data as possible in the rpocess. You carry the workstation to our car and bring it back to your office to work on it. What securityrelated recommendations should you make to the client?
Implement a hardware checkout policy
• The office manager informs you that her desktop system will no longer boot and asks you to repair or replace it, recovering as much data as possible in the process. You carry the workstation out to your car and bring it back to your office to work on it. What securityrelated recommendations should you make to this client?
Implement a hardware checkout policy
You want to be able to monitor and filter VM-to-VM traffic within a virtual network. What should you do?
Implement a virtual firewall within the hypervisor.
Which of the following would be the best action to take in order to fix the problem?
Implement an IP Helper address on the router.
As you are helping a user with a computer problem you notice that she has written her password on a note stuck to her computer monitor. You check the password policy of your company and find that the following settings are currently required: • Minimum password length = 10 • Minimum password age = 4 • Maximum password age = 30 • Password history = 6 • Require complex passwords that include numbers and symbols • Account lockout clipping level = 3 Which of the following is the best action to take to make remembering passwords easier so that she no longer has to write the password down?
Implement end-user training. Instruct users on the importance of security and teach them how to create and remember complex passwords. Making any other changes would violate the security policy and reduce the overall security of the passwords. References
Your organization has recently purchases 20 tablets devices for the Human Resources department to use for training sessions. You are concerned that these devices could represent a security risk to your network and want to strengthen their security profile as much as possible. Which actions should you take? (select 2)
Implement storage implementation. Enable device encryption.
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
Implement version 3 of SNMP
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
Implement version 3 of SNMP
Over the last month you have noticed a significant increase in the occurrence of inappropriate activities performed by employees. What is the best first response step to take in order to improve or maintain the security level of the environment?
Improve and hold new awareness sessions
You manage a local area network with several switches. A new employee has started today so you connect her workstation to a switch port. Which of the following is the most likely cause of the problem?
Incorrect VLAN assignment
Which of the following are reasons to configure VLAN's on a switch as opposed to using switches without VLANs?
Increased Security Increased Number of broadcast domains
What is the purpose of using Ethernet bonding? (Select two.)
Increases network performance. Provides a failover solution for network adapters
You have decided to perform a double blind penetration test. Which of the following actions would you perform first?
Inform senior management
Which of the following strategies are used to prevent duplicate IP addresses being used on a network?
Install a DHCP server on the network. Use Automatic Private IP Addressing.
You have worked as a network Admin for a company for seven months. One day all picture files on the server become corrupted. You discover that a user downloaded a virus from the internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss adam at that this situation does not occur. What should you do?
Install a network virus detection software solution.
You have worked as the network administrator for a company for seven months. One day all picture files on the server become corrupted. You discover that a user downloaded a virus from the Internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss is adamant that this situation does not reoccur. What should you do?
Install a network virus detection software solution.
You have worked as the network administrator for a company for seven months. One day all the picture files on the server become corrupted. You discover that a user downloaded a virus form the internet onto his workstation, and it propagated to the server. You successfully all files from backup, but your bass is adamant that this situation dose not reoccur. What should you do?
Install a network virus detection software.
Your company leases a very fast Internet connection and pays for it based on usage. You have been asked by the company president to reduce Internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection, without decreasing performance. What is the best way to do this?
Install a proxy server
Your company leases a very fast internet connection and pays for it based on usage. You have been asked by the company president to reduce internet line lease costs. You want to reduce the account of web pages that are downloaded over the leased connection, without decreasing performance. What is the best way to do this?
Install a proxy server
You have been hired by a startup company to install a new data center. The company is small, so they will elect to use an unused employee break room as the data center. You are concerned about truth physical security of the servers that will be installed in the data center. what should you do? select two
Install racks with locking doors Install a biometric lock on the data center door
You manage the information systems for a large manufacturing firm. Supervisory control and data acquistion (SCADA) devices are used on the manfucaturing floor to manager your organization's automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?
Install the latest firmware updates from the device manufacturer Verify that your network's existing security infrastrucutre is working properly.
While using a web-based order form, an attacker enters an unusually large value in the Quantity field. The value entered is large enough to exceed the maximum value supported by the variable type used to store the quantity in the web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number. As a result, the web application processes the order as a return instead of a purchase, and the attacker's account is refunded a large sum of money. What type of attack has occurred in this scenario?
Integer overflow
While using a web-based order form...The value entered is large enough to exceed the maximum value...A large sum of money. What type of attack has occurred in this scenario?
Integer overflow
Hybrid Cloud
Integrates one cloud service with other cloud services
Patricipation
Internet, Intranet, Extranet
You have purchased a solar backup power device to provide temporary electrical power to critical systems in your data center should the power provided by the electrical utility company go out The solar panel array captures sunlight, converts it into DC, and stores it in large batteries. However... Which electrical devices should you implement to convert the DC power stored in the batteries into AC power that can be used in the data center?
Inverter
Which of the following is true for a system image backup?
Is saved as a .vhd file
Which two of the following statements about the Dynamic Host Configuration Protocol (DHCP) are true?
It can deliver other configuration information in addition to IP addresses. A DHCP server assigns addresses to requesting hosts.
Which two of the following statementsabout the Dynamic Host Configuration Protocol (DHCP) are true?
It can deliver other configuration information in addition to IP addresses. A DHCP server assigns addresses to requesting hosts.
A switch running STP is in the listening state. A message destined for a different network segment arrives at the switch. Which of the following best describes what the switch will do?
It does not record the address or segment information. It does not forward the message
Which of the following is not a primary characteristic of a worm?
It infects the MBR of a hard drive A worm does not infect an MBR like a virus, a worm does not require a host file or drive element. A worm is a self-contained, executable software package. It is able to self-replicate and actively seeks to spread itself to other networked systems.
Which three of the following are characteristics of ISDN?
It lest you transmit voice, video, and data over the same lines. It provides enough bandwidth to transmit data at much higher speeds than standard modems and analog lines. It is a dial-up service that uses existing copper wires for the local loop.
Which of the ff. best describes spyware?
It monitors the actions you take on your machine and sends the information back to its originating source.
A switch running STP is in a learning state. A message destined for a different network segment arrives at the switch. Which of the following best describes what the switch will do?
It uses the source MAC address and network segment information to build its bridge database, but does not forward the message
Your company uses VoIP for phone calls. Recently, employees have been complaining about phone calls with unusual sound effects. Which type of problem is occurring on the VoIP system?
Jitter
Bridges
Joins two or more LAN segments. Because they have separate collision domain, Ethernet can be used to scale into large numbers
Which of the following is the most important thing to do to prevent console access to a network switch?
Keep the switch in a room that uses a cipher lock.
Which of the following is the most important thing to do to prevent console access to a network switch?
Keep the switch in a room that uses a cipher lock.
Which of the following authentication methods uses tickets to provide single sign-on?
Kerberos
Which of the following protocols can your portable computer use to connect to your company's network via a virtual tunnel through the internet? select two
L2TP PPTP
Internet
Large, world-wide, public network.
RTP
Layer 4 protocol that carries voice and interactive video
OSI Model layers
Layer 7-Application Layer 6-Presentation Layer 5-Session Layer 4-Transport Layer 3-Network Layer 2-Data Link Layer 1-Physical (All People Seem To Need Data Processing)
You manage a server that runs your company Web site. The Web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that a second server can respond to requests for Web site content. Which solution should you implement?
Load balancing
You have a website that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before the performance is negatively impacted. Which tool should you use?
Load tester
IDF
Locations where cables from nearby offices terminate
Which of the following controls is an example of a physical access control method?
Locks on doors
Data Link (Layer 2)
Logical link control (LLC), Media access control (MAC). Defines the rules and procedures for hosts
Which of the following is the single best rule to enforce when designing complex passwords.
Longer passwords
Match the port security MAC address type on the left with its description on the right
MAC address manually identified as an allowed address SecureConfigured MAC address that has been learned and allowed by the switch SecureDynamic MAC address that is manually configured or dynamically learned that is saved in the config file SecureSticky
Which of the following attacks, if successful, causes a switch to function like a hub?
MAC flooding MAC flooding overloads the switch's MAC forwarding table to make the switch function like a hub. The attacker floods the switch with packets, each containing different source MAC addresses. The flood of packets fills up the forwarding table and consumes so much of the memory in the switch that it causes the switch to enter a state called failopen mode, in which all incoming packets are broadcast out all ports (as with a hub), instead of just to the correct ports as per normal operation.
Management Information Base
MIB
Which of the following technologies uses variable-length packets and adds labels to packets as they enter the WAN cloud, with the labels being used to switch packets and prioritize traffic?
MPLS
Which of the following authentication protocols uses a three-way handshake to authenticate users to the network?
MS-CHAP CHAP
Which of the following authentication protocols uses a three-way handshake to authenticate users to the network? (Choose two.)
MS-CHAP CHAP
Which two of the following tasks do routers perform?
Maintain information about paths through an internetwork. Route data based on logical network addresses.
"You have two folders that contain documents used by various departments: The Development group has been given the Write permission to the Design folder. The Sales group has been given the write permission to the Products folder. User Mark Tilman needs to have the Read permission to the Design folder and the Write permission to the Products folder. You want to use groups as much as possible. What should you do?"
Make mark a member of the Sales group; add Mark's user account directly to the ACL for the Design folder.
You walk by the server room and notice a fire started. What should you do first? Make sure everyone has cleared the area Turn on the overhead sprinklers. Grab a fire extinguisher and try to put out the fire. call the fire department
Make sure everyone has cleared the area
Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which security concern?
Man in the middle attack
Session (Layer 5)
Manages the session in which date are transferred.
You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks. The next hop router for the default route has changed. You need to make changes with the least amount of effort possible. What should you do?
Manually configure the default route to point to the next hop router.
You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks?
Manually reconfigure the default route to point to the new next hop router.
You have a router configured to share routing information using RIP.In addition,you have a single static router that identifies a default route for all other networks. The next hop router for the default route has changed.You need to make the change with the least amount of effort possible.What should you do?
Manually reconfigure the default route to point to the new next hop router.
You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks. The next hop router for the default route has changed. You need to make the change with the least amount of effort possible. What should you do?
Manually reconfigure the default route to point to the next hop router.
Which business document is a contract that defines a set of terms that will govern future agreements between two parties? Master service agreement statement of work memorandum of understanding interconnection security agreement
Master service agreement
Which of the following tests can be performed by a TDR?
Measure the length of a cable. Identify the location of a fault on a cable.
When multiple routes to a destination exist, what is used to select the best possible route?
Metric
"You ware configuring the local security policy of a Windows 7 sytem. You want prevent users from reusing old passwords. You also want to force them to use a new password for at least 5 days before changing it again."
Minimum password age and Enforce password history
You connect a packet sniffer to a switch to monitor frames on your local area network. However, the packet sniffer is only able to see broadcast frames and frames addressed specifically to the host device. Which feature should you enable on the switch so you can see frames from all devices connected to the switch?
Mirroring.
Which of the following is an example of a vulnerability?
Misconfigured Server
You manage a network of multiple subnets connected to the Internet. A user reports that she can't access the Internet. You investigate the problem and find that she can access all hosts on the private network, but no hosts on the Internet. Which of the following is likely the cause of the problem?
Missing default route on a router.
You manage a network with multiple subnets connected to the Internet... which of the following is most likely the cause of the problem?
Missing route on the default gateway router
You manage a network with multiple subnets connected to the Internet. A user reports that she can't access the new server used in the accounting department. You check the problem and find out that her computer cannot access any server on the subnet, however the computer does access other computers on other subnets as well as the Internet. Which of the following is most likely the cause of the problem?
Missing route on the default gateway router.
To access the internet through the PSTN, what kind of connectivity device must you use?
Modem
Which of the following activities are considered passive in regards to the functioning of anintrusion detection system? (Select two.)
Monitoring the audit trails on a server Listening to network traffic
Most, mobile device management (MDM) systems can be configured to track the physical location of enrolled mobile devices. Arrange the location technology on the left in order of accuracy on the right, from most accurate to least accurate
Most accurate GPS More accurate Wi-Fi triangulation Less accurate Cell phone tower triangulation least accurate IP address resolution
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with a user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?
Move the router to a secure server room
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with a user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?
Move the router to a secure server room.
Which of the following address types is shared by multiple hosts, and is used to form groups of computers that should receive the same data stream?
Multicast
Which of the following address types is shared by multiple hosts,and used to form groups of computers that should receive the same data stream?
Multicast
Which type of address is the IP address 232.111.255.250?
Multicast
Which type of switch optimizes network performance by using ASIC to perform switching at wire speed?
Multilayer switch
You want to measure the voltage, amps, and ohms of various devices. Which tool should you use?
Multimeter.
MMF
Multiple Paths of Light Progression for a Fiber-Optic Cable
Which of the following best describes one-factor authentication?
Multiple authentication credentials may be required, but they are all of the same type One-factor authentication uses credentials of only one type, but may require multiple methods within the same type. For example, you might log on with just a password, or with a password along with answering a cognitive question (such as your mother's maiden name). One-factor authentication that uses multiple credentials of the same type is also sometimes called strong authentication.
Which of the following features of MS-CHAP v2 that is not included in CHAP?
Mutual authentications
Members off the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use?
NAC
The outside sales reps from your company use notebooks computers, tablets, and phones to connect to the internal company network. While traveling, they connect thier devices to the internet using airport and hotel networks. What should you do?
NAC
Members of the Sales team use laptops to connect to the company network. While traveling, they connect their laptops to the Internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use?
NAC Network Access Control (NAC) controls access to the network by not allowing computers to access network resources unless they meet certain predefined security requirements
The outside sales reps from your company use notebook computers, tablets, and phones to connect to the internal company network. While traveling, they connect their devices to the Internet using airport and hotel networks. You are concerned that these devices will pick up viruses that could spread to your private network. You would like to implement a solution that prevents devices from connecting to your network unless antivirus software and the latest operating system patches have been installed. When a host tries to connect to the network, the host should be scanned to verify its health. If the host is not healthy, then it should be placed on a quarantine network where it can be remediated. Once healthy, the host can then connect to the production network. Which solution should you use?
NAC Network Access Control (NAC) prevents devices from accessing network resources unless they meet certain predefined security requirements.
You manage a network with three dedicated storage devices, as shown in the diagram. Users on the network see only a single file server. Which network-based storage technology is being used?
NAS with Clustering.
Which of the following network devices or services prevents the use of IPsec in most cases?
NAT
Which of the following networking devices or services prevents the use of IPsec in most cases?
NAT IPsec cannot typically be used when static IP addresses are not used by both communication partners. NAT proxy performs network address translation on all communications. For this reason, the IP address seen for a system outside of the proxied network is not the real IP address of that system. This prevents the use of IPsec.
You have a file server named Srv3 that holds files used by the Development department. You want to allow users to access the files over the network, and control access to files when files are accessed through the network or through a local logon. Which solution should you implement?
NTFS and share permissions
What is the LEAST secure place to locate an access point with an omni-directional antenna when creating a wireless cell?
Near a window
Which of the following principles is impleneted in a mandatory access control model to detrmine access to an object using classification level?
Need to know
If an organization shows sufficient due care, which burden is eliminated in the event of a security breach? Investigation Negligence Liability Asset loss
Negligence
Which media types can backup files be saved to? select two
Network Attached Storage (NAS) External hard drives
Firewall
Network Security Appliance that protects networks from malicious Internet traffic
You manage a small network at work. Users use workstations connected to your network, No portable computers are allowed. As part of your security plan, you would like to implement scanning of e-mails for all users. You want to scan the e-mails and prevent any emails with malicious attachments for being received by users. Your solution should minimize administration, allowing you to centrally manage to scan settings. Which solution should you use?
Network based firewall
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?
Network based firewall
You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part of your security plan, you would like to implement scanning of e-mails for all users. You want to scan the e-mails and prevent any e-mails with malicious attachments from being received by users. Your solution should minimize administration, allowing you to centrally manage the scan settings. Which solution should you use?
Network based firewall A network-based firewall inspects traffic as it flows between networks. For example, you can install a network-based firewall on the edge of your private network that connects to the Internet and scans all incoming e-mail. Scanning e-mail as it arrives at your e-mail server allows you to centralize management and stop malicious e-mails before they arrive at client computers.
In troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet address of each connected subnet. Which type of document would most likely have this information? Procedure Policy Wiring schematic Baseline Network diagram
Network diagram
NaaS
Network features can be provided by a service provider
Local Area Network (LAN)
Network in a small geographic area (i.e. office)
You are in the process of implementing a Network Access Protection (NAP) infrastructure to increase your networks security. You are currently configuring the remediation network that non-compliant clients will connect to in order to become compliant. the remediation network needs to be isolated from the secure network. Which should you implement to do this?
Network segmentation
You have a network connected using a physical bus topology. One of the cables connecting a workstation to the bus breaks. Which of the following best describes what happens to network communications?
No device is able to communicate.
You are installing network wiring for a new Ethernet network at our company's main office building. The project specs call for Category 5 UTP network cabling and RJ-45 wall jacks. near the end of the project, you run out of wire before the last few runs are complete. You have a spool of Category 3 network cable in storage. Upon investigation, it appears very similar to Category 5 wiring. Should you substitute Category 3 cabling for Category 5 cabling to finish the project?
No, Category 5 cabling has more twists per inch that Category 3 cabling to reduce cross-talk and support higher data rates.
66 Block
Obsolete
You have a web server that will be used for secure transactions for customers who access the website over the internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?
Obtain a certificate from a public PKI
You have a web server that will be used for secure transactions for customers who access the web site of the internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?
Obtain a certificate from a public PKI.
You have a web server that will be used for secure transactions for customers who access the website over the Internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?
Obtain a certificate from a public PKI.
You are setting up a wireless hotspot in a local coffee shop. For best results, you want todisperse the radio signals evenly throughout the coffee shop.Which of the following types of antennas would you use on the AP to provide a 360degree dispersed wave pattern?
Omni-Directional
You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?
On a RADIUS server 802.1x authentication uses usernames and passwords, certificates, or devices such as smart cards to authenticate wireless clients. Authentication requests received by the wireless access point are passed to a RADIUS server which validates the logon credentials (such as the username and password).
Which two of the following describe the channels and data transfer rates used for ISDN BRI?
One D channel operating at 16 kbps Twp B channel operating at 64 kbps each
What is the primary difference between impersonation and masquerading?
One is more active, the other is more passive
Mesh
Only exists when there are multiple paths between any two nodes on a network. Point to point connections.
You are the administrator for a secure network that uses firewall filtering. Several network users have requested to access Internet Usenet groups but are unable. What needs to be done to allow users to access the newsgroups?
Open port 119 to allow NNTP service
You have placed an FTP server in your DMZ behind your firewall. The FTP server will be used to distribute software updates and demonstration versions of your products. Users report that they are unable to access the FTP server. What should you do to enable access?
Open ports 20 and 21 for inbound and outbound connections.
You want to use a protocol that can encapsulate other LAN protocols and carry the data securely over an IP network. Which of the following protocols is suitable for this task?
PPTP
You have a group of salesmen who would like to access your private network through the Internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?
PPTP L2TP
Which of the following terms identifies the network of the dial-up telephone and the long-distances lines?
PSTN
You are traveling throughout North America to many metropolitan and rural areas. Which single form of Internet connectivity provides the greatest potential connectivity wherever you travel?
PSTN
You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose?
PTZ
You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which type of camera should you choose?
PTZ
You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose?
PTZ A Pan Tilt Zoom (PTZ) camera lets you dynamically move the camera and zoom in on specific areas to monitor (cameras without PTZ capabilities are manually set looking a specific direction). Automatic PTZ mode automatically moves the camera between several preset locations; manual PTZ lets an operator remotely control the position of the camera.
Which of the following best describes the Platform as a Service (PaaS) cloud computing service model?
PaaS delivers everything a developer needs to build an application onto the cloud infrastructure
Which of the following is a firewall function?
Packet filtering
You are concerned about attacks directed against the firewall on your network. You would like to examine the content of individual frames sent to the network. Which tool should you use?
Packet sniffer.
Which type of network divides data to be transmitted into small units and then routes these units from the originating system to the destination system, allowing multiple, concurrent communications on the network medium?
Packet-swithced
Which of the following is used to terminate individual wires from a 25 pair or 100 pair cable using female RJ-45 ports.
Patch panel A patch panel is a device that typically connects individual stranded wires into female RJ-45 conncetors. For example, you might connect 4 pairs of wires from a punchdown block to a port on the patch panel. On the patch panel, you then drop cables (cables with RJ-45 connectors) to the patch panel on one end and a computer on the other end. Use 66 and 110 blocks to connect individual wires within a wiring closet. These punchdown blocks connect the individual wires together, but not terminate in RJ-45 connectors. A horizontal cross connect connects IDFs on the same floor.
Which of the following uses hacking techniques to proactively discover internal vulnerabilities?
Penetration testing
You have discovered a computer that is connected to you r network that was used for an attack. You have disconnected the computer from the network to isolate it from the network and stop the attack. Which should you do next?
Perform a memory dump
You have discovered a computer that is connected to your network that was used for an attack. You have disconnected the computer from the network to isolate it from the network and stop the attack. Which should you do next?
Perform a memory dump
You suspect that your web server has been the target of a denial-of-service attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?
Performance
Virtual Switch
Performs layer 2 functions between various server instances running on a single server
DHCP
Performs the task of auto-assigning IP addresses and assigning parameters to those addresses Does 4 Functions (DORA): 1. Discover 2. Offer 3. Request 4. Pack
DNS
Performs the task of taking a Domain Name and resolving that name into a corresponding IP address
Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. What step must be taken to ensure that the information is useful in maintaining a secure environment?
Periodic reviews must be conducted to detect malicious activity or policy violations.
Geography
Personal Area Network (Pan), Local Area Network (LAN), Wireless Local Area Network (WLAN), Metropolitan Area Network (MAN), Wide Area Network (WAN
An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information. What kind of exploit has been used in this scenario? (Choose two. Both responses are different names for the same exploit.)
Pharming DNS poisoning
An attacker uses an exploit to push a modified hosts file to client systems. This hosts fileredirects traffic from legitimate tax preparation sites to malicious sites to gather personal andredirects traffic from legitimate tax preparation sites to malicious sites to gather personal andfinancial information.financial information. What kind of exploit has been used in this scenario?
Pharming DNS poisining
An attacker is trying to compromise a wireless network that has been secured using WPA2-PSK and AES. She first tried using airsnort to capture packets, but found that she couldn't break the encryption. What attack techniques did the attack us? select two
Pharming Evil twin
You need to terminate a Cat6 UTP cable with an RJ45 connector. Your organization's IT policy states that all cable connectors must be wired according to ITA568A standards.
Pin 1 White with green stipe Pin 2 Solid green Pin 3 White with orange stripe Pin 4 Solid blue Pin 5 White with blue stripe Pin 6 Solid orange Pin 7 White with brown stripe Pin 8 Solid brown
which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building>
Place access points above where most clients are
Which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building?
Place accès points above where most clients are
You are adding new wires in your building for some new offices. The building has a false ceiling that holds the lights. You would like to run your Ethernet cables in this area. Which type of cable must you use?
Plenum
Which of the following features is used with digital IP phones to supply power through a switch port?
PoE
Which of the following features us used with digital IP phones to supply power through a switch port?
PoE
Which switch features are typically used with VoIP?
PoE VLAN
You have a series of WAN links that connects your site to multiple other sites. Each remote site is connected to you site using a dedicated link.
Point-to-Point
You have a site in your network that is connected to multiple other sites. A single virtual circuit is used to connect to all other sites. What type of connection is being used?
Point-to-multipoint
A new law was recently passed that states that all businesses must keep a history of all e-mails sent between members of the board of directors. You need to ensure that your organization complies with this law. Which document type would you update first in response to this new law? Change documentation Configuration documentation Procedure Policy
Policy
Which port number is used by SNMP?
Port 161
You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug their computers to the free network and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
Port authentication
You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug their computers to the free network jacks and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
Port authentication
You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug their computers to the free network and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
Port authentication.
Which of the following techniques allows incoming traffic addressed to a specific port to move through a NAT router and be forwarded to a specific host?
Port forwarding
You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use?
Port scanner
Which type of security uses MAC addresses to identify devices that are allowed or denied a connection to a switch?
Port security
Which statements accurately describes port states of both bridges and switches?
Ports in a blocked state still receive BPDUs In the learning state the MAC address table can be populated, but frames not forwarded.
You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into the server components and affecting the ability of the network. Which of the following should you implement?
Positive pressure system
A network utilizes a Network Access Control (NAC) solution to protect against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called? Quarantine Port security Posture assessment Remediation
Posture assessment
A network utilizes a Network Access Control (NAC) solution to protect against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called?
Posture assessment When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. This is called a posture assessment. The agent then submits the results of the assessment as a Statement of Health (SoH) to the System Health Validator (SHV).
Your company recently installed a unified communication system. Employees are now able to inform each other of their availability.
Presence information
In which stage of the evidence lifecycle is the forensic report created?
Preservation and analysis
CorpServ is a small company with 14 client systems and a network printer. Because there are only a limited number of networked systems, you decide to use APIPA addressing for the network. With APIPA configured, all systems are able to communicate with each other but you are having trouble configuring Internet access. What is the likely cause of the problem?
Private addresses cannot directly communicate to hosts outside the local subnet.
Extranet
Private network that used internet technologies but its resources are made available to external users.
Intranet
Private network the uses internet technologies. Intranet only available to hosts.
A relatively new employee in the data entry cubical farm was assigned a user account similar to that of all of the other data entry employees. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred?
Privilege escalation
A relatively new employee in the data entry cubical farm was assigned a user account similar tothat of all of the other data entry employees. However, audit logs have shown that this useraccount has been used to change ACLs on several confidential files and has accessed data inaccount has been used to change This situation indicates which of the following has occurred?
Privilege escalation
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffer software on a device which is connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation and not other devices. Which feature should you configure?
Promiscuous mode.
What does hashing of log files provide?
Proof that the files have not been altered
You are the IT Security Administrator for a small corporate network. You are planning to use the CorpServer server for your production server and need to have the most throughput possible. As a result, you would like to configure NIC teaming. Your task in this lab is to configure a NIC Team on CorpServer as follows: -Make a note of the current IP configuration for the primary adapter. -Configure all adapters as members of a NIC Team: -Team name: NetTeam -Configure all adapters as members of the team. -Teaming Mode: Switch Independent -Load Balancing Mode: Address Hash -Standby Adapter: Ethernet 3 -Configure the new NIC Team with the static IP address previously used by the primary adapter. Verify the status of the team and your network connection in Network and Sharing Center.
R click the Network icon and select Open Network and Sharing Center. Click on Primary Adapter and write down IPv4 configuration In Server Manager, select Local Server from the menu on the left. Next to NIC Teaming click the disabled link to configure NIC Team. In the Teams Panel, select Task > New Team Type the name of the team and select the adapters to be included in the team. Click additional properties and configure as required. Click ok. In network and sharing center, click change adapter settings. R click the NIC Team adapter and select properties, select IPv4 and click properties. Enter the configuration information used previously and click ok.
Which of the following is a platform independent authentication system that maintains a database of user accounts and passwords that centralizes the maintenance of the accounts?
RADIUS
You want to implement 802.1x authentication on your wireless network. Which of the following will be required>
RADIUS
You want to implement 802.1x authentication on your wireless network. Which of the following will be required?
RADIUS
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access? (Select two.)
RADIUS TACACS+
Which of the following are differences between RADIUS and TACACS+?
RADIUS combines authentication and authorization into a single function: TACACS+ allows these services to be split between different servers.
Which type of device is required to implement port authentication through a switch?
RADIUS server Port authentication is provided by the 802.1x protocol, and allows only authenticated devices to connect to the LAN through the switch. 802.1x requires a RADIUS server (also called an AAA server) to validate the authentication credentials.
You want to set up a service to allow multiple users to dial in to the office server form modems on their home computers. Which service should you implement?
RAS or Remote Access Service
Which of the following protocols or services would you associate with Windows Remote Desktop Services network traffic?
RDP
You are in the middle of a big project at work. All of you work files are on a sever at the office. You want to be able to access the sever desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer a t home. Which protocol should you use?
RDP
You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer at home. Which protocol should you use?
RDP
You have a small home network connected to the Internet using an RG-6 cable. You need to move the router connecting the network to the Internet, but can't find any RG-6 cable. Which cable types could you use instead?
RG-59
Of the following cables, which offer the best protection against EMI?
RG-6
Which of the following protocols has a limit of 15 hops between any two networks?
RIP
Which of the following statements about RIP is true?
RIP uses hop counts as the cost metric.
Which of the following standards is typically used in a rollover cable?
RJ-232
Which standard is typically used in a rollover cable?
RJ-232
Which of the following connectors is used with Ethernet 10BaseT networks?
RJ-45
Which of the following are requirements of the 1000BaseT Ethernet standards?(3 answers)
RJ-45 connectors The cable length must be less than or equal to 100m CAT 5e cabling
Which of the following connector types would you most likely use to connect a T1 WAN service?
RJ48c
Which of the ff. password attacks uses preconfigured matrices of hashed dictionary words?
Rainbow table
You need to configure spanning tree on a Cisco switch. You'd like to use a protocol that confirms to the 802.1w standards. Which protocol should you use?
Rapid PVST+
Match the definition on the left with the SCADA technology term on the right
Remote Terminal Unit- Connects equipment to the network via a wireless signal and converts digital data from the network into signals that the equipment can process. DCS- A network of components that work together in order to remotely manage industrial equipment. Network Link- Connects the supervisory computer to the RTUs or PLCs. Supervisory Computer-Communicates with and send control commands to connected SCADA devices. Programmable logic Controller- Connects equipment to the network via a physical medium and converts digital data into signals that the equipment can process
A smart phone was lost at the airport. There is no way to recover the device. Which of the following will ensure data confidentiality on the device?
Remote Wipe
SCADA systems are typically implemented using which of the following components?
Remote terminal units (RTUs), and programmable Logic Controllers (PLCs)
A new assistant network Admin was recently hired by your organization to relieve some of your workload. You assigned the assistant network Admin to replace a defective patch cable that connected port 1 on your patch panel to one of your network switches.... What should you do. choose two
Remove the patch cable connecting the first switch to the third switch Enable STP on each switch
You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat 6e cable to connect the wiring closet to the shipping building. Which of the following should you include in your plan?
Repeater
You are implementing a wireless network inside a local office. You require a wireless link to connect a laptop in the administrator's office directly to a system in the sales department. In the default configuration, the wireless AP uses a 360dispersed RF wave design. After installed, the signal between the two systems is weak as many obstacles interfere with the signal.
Replace the Omni-directional antenna with a directional antenna
A user from the Sales department calls to report that he is experiencing problems connecting to the Sales file server. All users in the Sales department connect to the Sales server through a single Ethernet switch. No other users have reported problems connecting to the Sales server. Which of the following troubleshooting actions are you most likely to perform first?
Replace the network card in the user's computer.
Which of the following are solutions that address physical security?(Select two)
Require identification and name badges for all employees //Escort visitors at all times
A user named Bob smith has been assigned a new desktop workstation to complete his day-to-day work. the computer runs Windows 7. When provisioning Bob's user account in your organization's Romain, you assigned an account name of BSmith with an initial password of bw2Fs3D. On first logon, Bob is prompted to change his password, so he change it to Fido, the name of his dog. What should you do to increase the security of Bob's account?(select two) Require users to set a stronger password upon initial logon. Configure user account names that are easy to guess. Upgrading the workstation to windows 8 Do not allow users to change their own passwords. Train user not to use password that are easy to guess
Require users to set a stronger password upon initial logon. Train user not to use password that are easy to guess
Which of the following is a characteristic of a virus?
Requires an activation mechanism to run
Which of the following does NOT accurately describe an iSCSI SAN?
Requires special hardware and knowledge to implement.
Your company has developed and implemented counter measures for the greatest risks to their assets. How ever, there is still some risk left. What is the remaining risk called? residual risk Exposure loss risk
Residual risk
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. What type of security risk is this?
Rogue access point
You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the same switch which is in VLAN 2. What should you configure so that the two devices can communicate?
Routing
You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAn 2 on each switch. A device on the first switch in VLAN 1 needs to be communicate with a device on the same switch is VLAN 2. What should you configure so that the two devices can communicate?
Routing
You are troubleshooting access to a server in a remote network. You use the tracert command and see the following: Trace route to 192.168.2.250 over a maximum of 30 hops: 1 2 ms 2 ms 2 ms 192.168.12.11 2 2 ms 2 ms 2ms 192.168.11.1 3 5 ms 5 ms 3 ms 192.168.10.15 4 2 ms 2 ms 2 ms 192.168.9.1 5 5 ms 5 ms 3 ms 192.168.11.1 6 2 ms 2 ms 2 ms 192.168.10.15 7 5 ms 5 ms 3 ms 192.168.9.1 ...additional output omitted What is the problem?
Routing loop.
You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do?
Run the packet sniffer application on Host B.
Which of the following is an example of smart technology embedded within networked devices associated with automated factory equipment?
SCADA systems
Which of the following internet services provides equal upload and download bandwidth?
SDSL
Which of the following protocols are used by VoIP to set up, maintain, and terminate a phone call?
SIP
Which of the following protocols is used by VoIP to set up, maintain, and terminate a phone call?
SIP
Which of the following protocols is used by VoIP to set up,maintain,and terminate a phone call?
SIP
Which of the following protocols are used with VoIP?
SIP RTP
Which of the following protocols are used with VoIP? (Select two.)
SIP RTP
Because of an unexplained network slowdown on your network, you decide to install monitoring software on several key network hosts to locate the problem. You will then collect and analyze data from a central network host. What protocol will the software use to detect the problem?
SNMP
Simple Network Management Protocol
SNMP
Which protocol uses traps to send notifications from network devices?
SNMP
Get
SNMP Message Type: Retrieves information from a managed device.
Set
SNMP Message Type: Sets a variable in a managed device or triggers an action on a managed device.
Trap
SNMP Message Type: an unsolicited message sent from a managed device to an SNMP manager, which can notify the SNMP manager about a significant event that occurred on the managed device.
authPriv
SNMP Security Level: Offers HMAC MD5 or SHA authentication and provides privacy through encryption. Specifically, the encryption uses the Cipher Block Chaining (CBC) Data Encryption Standard (DES) (DES-56) algorithm.
authNoPriv
SNMP Security Level: Provides authorization using hashed message authentication code (HMAC) with message digest 5 (MD5) or Secure Hash Algorithm (SHA). However, no encryption is used.
noAuthNoPriv
SNMP Security Level: Uses community strings for authorization and does not use encryption to provide privacy.
Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet?
SSH
Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable to Telnet?
SSH
Which of the following network services or protocols uses TCP/IP port 22?
SSH
Which of the following protocols can be used to securely manage Authentication for agents and managers?
SSH
Which of the following protocols can be used to securely manage a network device from a remote connection?
SSH.
you have physically added a wireless access point to your network and installed a wireless network card in two laptops running windows. Neither laptop can find the network and you have come to the conclusion that you must manually configure the wireless access points (AP). Which of the following values uniquely identifies the network AP?
SSID
You want to connect your client computer to a wireless access point connected to your wired network air work. The network Admin tells you that the access point is configured to use WPA2 personal with the strongest encryption method possible. SSID broadcast is ruined off. Which of the following must you configure manually on the client. select three
SSID AES Preshared Key
FTPS uses which mechanism to provide security for authentication and data transfer?
SSL
Which protocol does HTTPS use to offer greater security for Web transactions?
SSL
You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations.
SSL
You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports,hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls?
SSL
Which protocol does HTTPS use to offer greater security in Web transactions?
SSL HTTPS uses Secure Sockets Layer (SSL) to offer greater security in Web transactions.
You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls?
SSL Ports must be opened in firewalls to allow VPN protocols. For this reason, using SSL for the VPN often works through firewalls when other solutions do not because SSL uses port 443--a port that is often already open to allow HTTPS traffic. In addition, some NAT solutions do not work well with VPN connections.
Which of the following protocols are often added to other protocols to provide secure transmission of data?
SSL TLS
You can use a variety of methods to manage the configuration of a network router. Match the management option on the right with its corresponding description on the left. (Each option can be used more than once.)
SSL Uses publickey cryptography HTTP Transfers data in clear text SSH Uses publickey cryptography Telnet Transfers data in clear text Console port Cannot be sniffed
You can use a variety of methods to manage the configuration of a network router. Match the management option on the right with its corresponding description on the left. (Each option can be used more than once.)
SSL ==> Uses public-key cryptography HTTP ==> Transfers data in clear text SSH ==> Uses public-key cryptography Telnet ==> Transfers data in clear text Console port ==> Cannot be sniffed
Which of the following connectors is used with fiber optic cables and connects using a twisting motion?
ST
Which of the following cloud computing solutions will deliver software applications to a client either over the Internet or on a local area network?
SaaS
You are configuring a wireless network with two wireless access points. Both access points connect to the same wired network. You want wireless users to be able to connect to either access point, and to be able to roam between the two access points. How should you configure the access points?
Same SSID, different channel.
Which of the following is most susceptible to interference related to atmospheric conditions?
Satellite
You have installed anti-virus software on the computers on your network. You update thedefinition and engine files, and configure the software to update those files every day. What else should you do to protect your systems from malware?(Select two.)
Schedule regular full system scans. Educate users about malware.
Which of the following are examples of social engineering?
Shoulder surfing Dumpster diving
Your organizations security policy specifies that any mobile device (regardless of ownership) that connects to your internal network must have remote with enabled. If the device is lost or stolen, then it must be wiped to remove any sensitive data from it. Your organization recently purchased several Windows RT tablets. Which should you do?
Sign up for a Microsoft Intune account to manage the tablets
You are considering using WIFI triangulation to track the location of wireless devices within your organization. However, you have read on the internet that this type of tracking can produce inaccurate results. What is the most important consideration for getting reliable results when implementing this type of system?
Signal strength
Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities listed in a database?
Signature based
Non-Return-to-Zero
Similar to Return-to-zero. tere is no netural (zero) voltage state between bits
Which of the following forms of optical fiber would usually be used to connect two building across campus from each other, which are several kilometers apart?
Single Mode
You want to implement an Ethernet network at very long distances using fiber optic cables. Which standard and cable type would you choose?(2 answers)
Single Mode Fiber 1000BaseLX
SMF
Single path of Light Progression for a Fiber-Optic Cable
RJ-11
Six Pin Connector availability. Usually only consist of 2-4 conductors. Most commonly found in home telephone networks.
Which of the following is a hardware device that contains identification and which can be used to control building access or computer log on.
Smart Card
Which of the following are examples of Type 2 authentication credentials? select two
Smart card Photo ID
Users report that the Internet is no longer accessible. You suspect that the line connecting your building to the Internet is not working properly. Which of the following allows the service provider to remotely test the local loop?
Smart jack.
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?
Smurf
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?
Smurf Smurf is a form of denial of service attack which uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network.
Which of the following are denial of service attacks? (Select two.)
Smurf Fraggle
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active patch between any two switches?
Spanning tree
Match each Interoperability Agreement document on the left with the appropriate description on the right. Each document may be used once, more than once, or not at all. Specifies exactly which services will be performed by each party Creates an agreement with a vendor to provide services on an ongoing basis Provides a summary of which party is responsible for performing specific tasks Documents how the networks will be connected Defines how disputes will be managed Specifies a preset discounted pricing structure Choices SLA BPO MOU ISA
Specifies exactly which services will be performed by each party - SLA Creates an agreement with a vendor to provide services on an ongoing basis - BPO Provides a summary of which party is responsible for performing specific tasks - MOU Documents how the networks will be connected - ISA Defines how disputes will be managed - SLA Specifies a preset discounted pricing structure - BPO
One method of preventing routing loops is to not send information about a route back to the router from which the information came? What is this technique called?
Split horizon
A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received on the Internet-facing interface. This is an example of what form of attack?
Spoofing Spoofing is the act of changing or falsifying information in order to mislead or re-direct traffic. In this scenario, a packet received on the inbound interface cannot receive a valid packet with a stated source that is from the internal network.
Which of the following physical topologies are used with Ethernet networks?(2 answers)
Star Bus
Which of the following are characteristics of a circuit level gateway?
Stateful Filters based on sessions
When troubleshooting network issues, its important to carry out tasks in a specific order. Drag the trouble shooting task on the left to the correct step on the right.
Step 1 Identify the problem Step 2 Establish a theory of probable causes Step 3 Test the theory to determine the cause Step 4 Establish a plan of action Step 5 Implement the solution or escalate Step 6 Verify full system functionality Step 7 Document findings, actions and outcomes
Arrange the Fibre Channel SAN implementations tasks in the order they should be performed.
Step 1- Install a Fibre Channel adapter in each server that will access the shared storage on the SAN. Step 2- Deploy a Fibre Channel switch. Step 3- Connect each server to the Fibre Channel switch using the appropriate fiber optic cabling for the equipment you are using. Step 4- Deploy a shared storage device, such as an external RAID device containing multiple hard disk drives.
Workstation -> Switch through regular port (not uplink) and switch doesn't support auto-mdi.
Straight Through
You need to connect a workstation to a switch using a regular port on the switch (not an uplink port). The switch does not sport auto-MDI. Which type of cable should you use?
Straight-Through
Management
Subnet, Internetwork, Network
Which of the following best describes the purpose of using subnets?
Subnets divide an IP address into multiple addresses.
Which of the following best describes the purpose of using subnets?
Subnets divide an IP address into multiple network addresses.
Which of the following best describes the purpose of using subnets?
Subnets divide an IP network address into multiple network addresses.
Which of the following best describes how addressing is configured for the subnet?
Supernetting
You manage a subnet that uses the following subnet address: 198.162.1.0/23. Which of the following best describes how addressing is configured for the subnet?
Supernetting
A VPN is used primarily for what purpose?
Support secured communications over an untrusted network.
Which of the following are characteristics of VDSL?
Supports both data and voice at the same time unequal down and upload speeds
Which of the following is a characteristic of SDSL?
Supports data traffic only (No Voice)
Which of the following is the least effective power loss protection for computer systems?
Surge protector
A virtual LAN can be created using which of the following?
Switch
Which of the following connectivity hardware is used to create a VLAN?
Switch
You want to reduce collisions by creating separate collision domains and virtual LANs. Which of the following devices should you choose?
Switch
When configuring VLANs on a switch, what is used to identify VLAN membership of a device?
Switch Port
When configuring VLANs on a switch, what is used to identify VLAN membership of a device?
Switch port
Which of the following statements accurately describes a VLAN ID?
Switches append a VLAN ID to the header of each frame to identify the virtual network to which it belongs.
What problem does the Spanning Tree protocol prevent?
Switching loops from developing when redundant paths are implemented between switches.
Which of the following is a standard for sending log messages to a central logging server?
Syslog
Syslog servers
Syslog Logging Component: Receives and stores log messages sent from syslog clients.
Syslog clients
Syslog Logging Component: Send logging information to a syslog server.
Critical (2)
Syslog Severity Level: A less-severe condition, as compared to alerts, which should be addressed to prevent an interruption of service
Alerts (1)
Syslog Severity Level: Conditions requiring immediate attention
Informational (6)
Syslog Severity Level: Detailed information about the normal operation of a system
Debugging (7)
Syslog Severity Level: Highly detailed information (for example, information about individual packets), which is typically used for troubleshooting purposes
Notifications (5)
Syslog Severity Level: Nonerror notifications that alert an administrator about state changes within a system
Errors (3)
Syslog Severity Level: Notifications about error conditions within the system that do not render the system unusable
Warnings (4)
Syslog Severity Level: Notifications that specific operations failed to complete successfully
Emergencies (0)
Syslog Severity Level: The most severe error conditions, which render the system unusable
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access?
TACACS+ RADIUS
time domain reflectometer
TDR
Which of the following network services or protocols uses network prot 69?
TFTP
Which encryption method is used by WPA for wireless networks?
TKIP WPA uses TKIP for encryption. TKIP uses rotating encryption keys for added security over WEP. AES encryption is used with WPA2. AES requires specialized hardware that might not be available on a device that only supports WPA. WEP is a security method for wireless networks that provides encryption through the use of a shared encryption key (the WEP key).
You have a small wireless network that uses multiple access points. The network currently uses WPA. You want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop?
TKIP encryption Preshared key
Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)
TLS SSL Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are protocols that are used with other protocols to add security. In addition, Secure Shell (SSH) can be used to add security when using unsecure protocols.
What is the primary purpose of penetration testing?
Test the effectiveness of your security perimeter
You have recently experienced a security incident with one of your servers. After some research, you determine that hotfix #568994 that has recently been released would have protected the server. Which of the ff. recommendations should you follow when applying the hotfix?
Test the hotfix, then apply it to all servers.
Which of the following statements about DSCP are true? select two
The DiffServ field is used to add precedence values Classification occurs at layer 3
Transport (Layer 4)
The Transport layer provides a transition between the upper and lower layers of the OSI model making the upper and lower layer transparent from each other.
A small startup company has hired you to harden their new network. Because funds are limited, you have decided to implement a unified threat management (UTM) device that provides multiple security features in a single network appliance: • Firewall • VPN • Anti-spam • Antivirus You join the UTM device to the company's Active Directory domain. The company's traveling sales force will use the VPN functionality provided by the UTM device to connect to the internal company network from hotel and airport public WiFi networks. What weaknesses exist in this implementation?
The UTM represents a single point of failure.
Which of the following is true about single mode fiber optic network cabling?
The central core is smaller than that of multimode fiber optic cabling
A user on your network has been moved to another office down the hall. after the move she calls you complaining that she has only occasional network access through her wireless connection. Which of the following is most likely the cause of the problem?
The client system has moved to far away from the access point.
A network is connected following the IEEE 802.3 specifications. Which of the following best describes when a device can transmit messages?
The device listens to determine if the transmission media is free.
What information does the next hop entry in a routing table identify?
The first router in the path to the destination network.
What information does the next hop entry in the routing table indentify?
The first router in the path to the destination network.
Consider the following output generated by the show interface fa0/0 command generated on a router: Which of the following statements are true about fa0/0 interface. select three
The interface has been dropping incoming packets Several collisions have occurred One cyclic redundancy check error has occurred
Which of the following are true using multiple VLANS on a single switch? select two
The number of broadcast domains increases The number of collision domains remain the same
You have been struggling to keep the temperature in your server room under control. To address this issue, you have decided to reconfigure the room to create hot and cold aisles. Which of the following are true concerning this configurations? select two
The rear of your servers should fave the hot aisle The from of your servers should face the cold aisle
A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While talking to her, you discover that she is trying to work from the coffee rom two floors above the floor where she normally works. What is the most likely cause of her connectivity problem?
The user is out of the effective range of the wireless access point on her floor
While viewing the status of the interfaces on a Cisco switch, you see abnormally large of oversized ethernet frames being received on one interface. This interface is connected to a workstation located on the 2nd floor. What could be causing this to happen?
The workstation's network board is jabbering
Why do attackers prefer static environment devices to conduct distributed network attacks? select two
These devices tend to employ much weaker security than traditional network devices These devices are typically more difficult to monitor than traditional network devices.
What is the risk associated with smart technology used in network devices such as smart refrigerators, environmental controls, or industrial equipment?
They are vulnerable to exploits due to weaker security.
cable tester
This can test the conductors in an Ethernet cable. It contains two parts. By connecting these parts to each end of a cable under test, you can check the wires in the cable for continuity (that is, check to make sure that there are no opens, or breaks, in a conductor). In addition, you can verify an RJ-45 connector's pinouts (which are wires connected to the appropriate pins on an RJ-45 connector).
You have a WAN link that connects two sites. The WAN link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link. Which tool should you use?
Throughput tester.
When using kerberos authentication, which of the following terms is used to describe the token that verifies the identity the user to the target system?
Ticket
Which of the following are used when implementing Kerberos for authentication and authorization? (Select two.)
Ticket granting server Time server
ESD wrist strap
To prevent static electricity in your body from damaging electrical components on a circuit board, you can wear this. It is equipped with a clip that you can attach to something with a ground potential (for example, a large metal desk). While wearing this, if you have any static buildup in your body, the static flows to the object with a ground potential to which your strap is clipped, thus avoiding damage to any electrical components that you might touch.
Which of the following is an example of three-factor authentication?
Token device, keystroke analysis, cognitive question
Which of the following is an example of three-factor authentication?
Token device, keystroke analysis, cognitive question Three-factor authentication uses three items for authentication, one each from each of the authentication types: • Type I (something you know, such as a password, PIN, pass phrase, or cognitive question) • Type II (something you have, such as a smart card, token device, or photo ID) • Type III (something you are, such as fingerprints, retina scans, voice recognition, or keyboard dynamics)
MDI
Traditional Port found in a PC's NIC
You manage a server that runs your company Web site. The Web site includes streaming video that shows features of some of your products. The link connecting your server to the Internet charges based on bandwidth use. When the bandwidth spikes, so does your bill. You would like to implement a solution to prevent the amount of traffic sent over the WAN link from exceeding a specific level. Which solution should you implement?
Traffic shaper
Purchasing insurance is what type of response to risk? Acceptance Transference Rejection Deployment of a countermeasure
Transference
Purchasing insurance is what type of response to risk?
Transference An organization can transfer risk through the purchase of insurance. When calculating the cost of insurance and the deductible, balance the cost against the expected loss from the incident.
Which electrical devices is used to convert the voltage of an alternating current (AC) from the utilities company's transmission lines to 110 volts that can be used by devices in the data center?
Transformers
Match each WIFI jamming attach on the left with its corresponding description on the right.
Transmits radio signals at random amplitudes and frequencies/ Random noise jamming Transmits pulses of radio signals at random amplitudes and frequencies/Random pulse jamming Repeatedly transmits high-intensity, short-duration RF burst at a rapid pace/ Spark jamming
What is a program that appears to be legitimate application, utility, game or screensaver and that performs malicious activities surreptitiously?
Trojan horse
You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the second switch also in VLAN 1. What should you configure to allow communication between these two devices through the switches?
Trunking
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature allows the switches to pass VLAN traffic between the switches?
Trunking
Which of the following allows for easy exit of an area in the event of an emergency, but prevents entry? (Select two.)
Turnstile Double-entry door A double entry door has two doors that are locked from the outside but with crash bars on the inside that allow easy exit. Double entry doors are typically used only for emergency exits, and alarms sound when the doors are opened. A turnstile is a barrier that permits entry in only one direction. Turnstiles are often used to permit easy exit from a secure area.
What is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment but which actively prevents re-entrance through the exit portal?
Turnstiles
Shielded Twisted-Pair Cable
Twisted Pair is surrounded by a metal shielding, similar to a coaxial cable. As frequencies increase, wavelengths decrease
Unshielded Twisted Pair Cable
Twister Pair strands are twisted so tightly that EMI is blocked.
What type of cabling is used with 100BaseTX Fast Ethernet networks?
Type 1A STP or Category 5 UTP
RG-59
Typically used for short distance applications, such as carrying composite video between two nearby devices
Match each UC component on the left with its corresponding definition on the right.
UC Server - Manages the entire UC system UC Gateway - Connects a digital network to an analog network UC Server - Makes presence information available to users UC Hardware Device - An IP phone for making phone calls UC Gateway - Connects a UC network to the PSTN UC Software Device - A smart phone used to access the UC system UC Hardware Device - Designed to work specifically with the UC server
Which protocol and port number is used by BOOTP/DHCP?
UDP 67
Which protocol and port number is used by TFTP?
UDP 69
What is the greatest threat to the confidentiality of data in most secure organizations?
USB devices
What is the greatest threat to the confidentiality of data in most secure organizations? Malware USB devices Hacker intrusion Operator error
USB devices
Which type of address is the IP address 198.162.12.254/24?
Unicast
Which type of address is used in a packet to address the packet to a single host?
Unicast
You've been asked by upper management if there is a way to integrate phone calls, emails, and instant messaging into a single platform. Which of the following systems should you recommend to them?
Unified communication
An active IDS system often performs which of the following actions? select two
Update filters to block suspect traffic Perform reverse lookups to identify an intruder
If your anti-virus software does not detect and remove a virus, what should you try first?
Update your virus detection software.
You are troubleshooting a connectivity problem in which one clien system is unable to connect to a server. Both the server and client system are connected to the same Ethernet network switch. No other users have complained of a problem, and you suspect that faulty network cabling might be to blame. Which of the following troubleshooting steps are you most likely to perform first?
Use a cable tester to test the cable between the computer system and the network switch.
While configuring a new 802.11g wireless network, you discover another wireless network within range that uses the same channel ID that you intend to use. Which of the following strategies are you most likely to adopt in order to avoid a conflict between the networks?
Use a different channel ID
crimper
Used to attach a connector (for example, an RJ-45 connector) to the end of an unshielded twisted-pair (UTP) cable.
"What security mechanism uses a unique list for each object embedded directly in the object itself that defines which subjects to have access to certain objects and the level or type of access allowed?"
User ACL
Which of the following information is typically not included in an access token?
User Account password
Which of the following identification and authentication factors are often well-known or easy to discovery by others on the same network or system?
Username
Which of the following identifications and authentication factors are often well-know or easy to discover by others on the same network or system?
Username
Match each bring your own device (BOYD) security concern on the right with a possible remedy on the left. Each remedy may be used once, more than once, not at all.
Users take pictures of proprietary processes and procedures- Specify where and when mobile devices can be possessed in your acceptable use policy. Devices with a data plan can e-mail stole data- Specify where and when mobile devices can be possessed in your acceptable use policy Devices have no PIN or password configured- Enroll devices in a mobile device management system Anti-malware software is not installed- Implement a network access control (NAC) solution A device containing sensitive data may be lost- Enroll devices in a mobile device management system
Which of the following are characteristics of TACACS+? (Select two.)
Uses TCP Allows for a possible of three different servers, one each for authentication, authorization, and accounting
Star
Uses a hub or switch to connect all network connections to a single physical location
Which of the following statements about SSL VPN are true? select two
Uses port 443 Encrypts the entire communication session
Virtual PBX
Usually a VoIP solution, where voice is encapsulated inside data packets for transmission across a data network
Smart Hub
Usually amplifies an active hub with enhanced features
You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?
VLAN
You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive doc. What should you use for this situation?
VLAN
You have configured a virtual network which includes the following virtual components Four virtual machines (i.e., Virtual OS1,Virtual OS2,etc.) One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Given the port configuration for the virtual switch and the physical switch in the table below, click on all of the virtual and physical machines that Virtual OS1 can communicate with.
Virtual OS2 & 3
You have configured a virtual network which includes the following virtual components Four virtual machines (i.e., Virtual OS1,Virtual OS2,etc.) One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Given the port configuration for the virtual switch and the physical switch in the table below, click on all of the virtual and physical machines that Virtual OS1 can communicate with.
Virtual OS2 & 3
You have configured a virtual network which includes the following virtual components Four virtual machines (i.e., Virtual OS1,Virtual OS2,etc.) One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Given the port configuration for the virtual switch and the physical switch in the table below, click on all of the virtual and physical machines that Virtual OS1 can communicate with.
Virtual OS3 Physical OS1-1 Physical OS1-2 Physical OS1-3 Physical OS1-4
You have configured a virtual network which includes the following virtual components Four virtual machines (i.e., Virtual OS1,Virtual OS2,etc.) One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Given the port configuration for the virtual switch and the physical switch in the table below, click on all of the virtual and physical machines that Virtual OS1 can communicate with.
Virtual OS3 Physical OS1-4
Which of the following terms describes a test lab environment that does not require the use of physical hardware? offsite virtual storage VLAN Network as a service (NaaS) Virtual sandbox
Virtual sandbox
You need to provide DHCP and file share services to a physical network. These services should be deployed using virtualization. Which type of virtualization should you implement?
Virtual servers
You need to provide DHCP and file share services to a physical network.These services should be deployed using virtualization. Which type of virtualization should you implement?
Virtual servers
You need to provide DHCP and file sharing services to a physical network. These services should be deployed using virtualization. Which type of virtualization should you implement?
Virtual servers.
Which component is most likely to allow physical and virtual machines to communicate with each other?
Virtual swich
What type of component is most likely to allow physical and virtual machines to communicate with each other?
Virtual switch
Which component is most likely to allow physical and virtual machines to communicate with each other?
Virtual switch
What is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found?
Virus
What is the common name for a program that has no useful purpose,m but attempts to spread itself to other systems and often damages resources on the system where it is found? \
Virus
SIP
VoIP signaling protocol used to set up, maintain, and tear-down VoIP phone calls
What is the main difference between vulnerability scanning and penetration testing?
Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.
What is the main difference between vulnerability scanning and penetration testing? The goal of vulnerability scanning is to identify potential weaknesses; the goal of penetration testing is to attack a system. Vulnerability scanning is performed with a detailed knowledge of the system; penetration testing starts with no knowledge of the system. Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter. Vulnerability scanning uses approved methods and tools; penetration testing uses hacking tools.
Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.
Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients?
WEP, WPA Personal, and WPA2 Personal
You need to add security for your wireless network. You would like to use the most secure method. Which method should you implement.
WPA2
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. What should you do?
Wait for convergence to take place.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configure dto use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. What should you do?
Wait for convergence to take place/
You are configuring a firewall to allow access to a server hosted on the demilitarized zone of your network. You open TCP/IP ports 80, 25, 110, 143. Assuming that no other ports on the firewall need to be configured to provide access, what application are most likely to be hosted on the server?
Web server, e-mail server
A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind production. The email is sent from someone she doesn't know and he is asking for immediate clarification on several of the project's details so the project can get back on schedule. Which type of an attack best describes the scenario?
Whaling Whaling is a form of a social engineering attack that is targeted to senior executives and high profile victims. Social engineering is an attack that exploits human nature by convincing someone to reveal information or perform an activity.
Which of the following are not reasons to remote wipe a mobile device?
When the devices is inactive for a period of time
Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.
White box test The tester has detailed information about the target system prior to starting the test. Grey Box test The tester has the same about of information that would be available to a typical insider in the organization. Black box test The tester has no prior knowledge of the target system. Single blind test Either the attacker has prior knowledge about the target system, or the administrator knows that the test is being performed. Double blind test The tester does not have prior information about the system and the administrator has no knowledge that the test is being performed
You want to use the T568B standard for adding connectors to your Cat5 cable. Starting with pin 1, which order should you use for the wires within the connector?
White/orange, orange, white/green, blue, white/blue, green, white/brown, brown The T568A standard switches the green and orange wires (along with their corresponding white wires). Use the order Blue-Orange-Green-Brown (BLOG), with the white wire first, for connecting wires on a 110 punchdown block.
Which of the following documents would likely identify that drop cables on your network use the T568A standard? Policy Baseline Change log Network diagram Wiring schematic
Wiring schematic
You are troubleshooting a workstation connection to the network. During your troubleshooting, you move the cable in the wiring closet to a different port on the patch panel. Which type of document should you update? Wiring schematic logical network diagram Baseline Procedure
Wiring schematic
Which of the following benefits apply only to creating VLANs with switches and not to segmenting the network with regular switches?
You can create multiple broadcast domains
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a cross-over plenum UTP cable that will be run through the suspended tile ceiling for the data center. what is wrong with this configuration? select two
You should implement a UPS between the wall outlet and the network devices You should implement redundant power supplies for the network devices
Time-division multiplexing
assigns different frequencies to different channels on the same network medium.
Frequency-division multiplexing
assings different frequencies to different channels on the same network media. e.i. cable TV
Network needs to support 1000 Mbps over ethernet. What cables must you replace?
cat 3 cat4
You manage a network with a single switch. On each switch port, a hub connects multiple devices to the switch. which condition are you most likely to experience on the network ?
collisions
Network
computer system controlled by a single organization.
Wireless Local Area Network (WLAN)
covers an area that is roughtly the same size as a standard LAN but uses radio signals instead of wires.
You have connected a new computer to your network. The network uses static IP addressing.... which of the configuration values would you most likely need to change?
default gateway
Return-to-Zero
each indivicudal bit in the binary data is identified by dropping the signal to zero between pulses.
Baseband communication
entire network medium as a single transmission channel. One channel is used for standard analog voice phonecalls. other used for digital network data.
Which of the following intrusion detection and prevention systems use fake resources to entice intruders by displaying a vulnerability, configuration flaw, or valuable data?
honeypot
Application (Layer 7)
integrates network functionality into the host operating system and enables network services. does not include specific applications but rather provides the capability for services to operate on the network. operate multiple layers. Layers include HTTP, Telnet, FTP, TFTP, SNMP
Which command would you use on a switch to enable management from a remote network?
ip default-gateway 192.168.10.185
What is the most common failure of a security policy in an environment? Improperly outlined procedures overlooked critical assets lack of user awareness failure to assign responsibilities
lack of user awareness
Switches running the STP are in the process of exchanging BPDUs and defining their roles. In what state are the switches?
listening
You have decided to conduct a business meeting at a local coffee shop. The coffee shop you chose has a wireless hotspot for its customers who want Internet access. You decide to check your e-mail before the meeting begins, but when you open the browser you cannot gain Internet access. Other customers are on the Internet and because you use a wireless connection at work, you are sure your laptops wireless adapter works. What is the likely cause of this problem?
mismatched SSID
You manage a network with multiple subnets connected to the internet..... which of the following is likely the cause of the problem?
missing default route on a router
you work for a large, multinational organizaiotn that has an extensive global network that is interconnected using WAN links and routers.... what does this mean?
one of the intermediate routers is an MTU black hole
Host Role
peer-to-peer and client-server
Peer-to-Peer
peer-to-peer network makes it so each host can provide network resources to other hosts or access resources located on other hosts.
De-multiplexing
provides opposite function, combining signals from multiple channels into single channel.
Network Access
responsible for describing the physical layout of the network and how messages are formatted on the transmission medium
Host-to-host
responsible for error checking and reliable packet delivery
Internet OSI
responsible for moving packets through a network
which of the following utilties would you use to view the routing table?
route
which of the following commands woudl display the outputs shown here?
route print
Which of the following commands would display the output shown here?
route print.
Sampling size
sampling frequency which is the number of samples per second in a sound.
Which connector is usually on one end of a rollover?
serial
Which of the following connectors is typically used on one end of a rollover cable?
serial
Each of the following tools used to check the health of a network. Which of these is typically used to managing and sending messages from one computer system to another?
syslog
What is the primary purpose of penetration testing? test the effectiveness of security perimeter Infiltrate a competitor's network Evaluate newly deployed firewalls Assess the skill level of new IT security staff
test the effectiveness of security perimeter
Examine the following output: 4 22 ms 21 ms 22 ms sttlawa01gr02.bb.ispxy.com [154.11.10.62] 5 39 ms 39 ms 65 ms plalca01gr00.bb.ispxy.com [154.11.12.11] 6 39 ms 39 ms 39 ms Rwest.placa01gr00.bb.ispxy.com [154.11.3.14] 7 40 ms 39 ms 46 ms svl-core-03.inet.ispoxy.net [205.171.206.29] 8 75 ms 117 ms 63 ms dia-core-01.inet.ispxy.net [205.151.142.1] Which of the following produced this output?
tracert.
You are the network administrator of a branch office of your company. The branch office network is part of a WAN that covers most of the United States. The office has two Windows 2000 servers, two UNIX severs, one Windows NT server, 90 Windows 98 clients, 40 Windows 2000 Professional clients, and five Macintosh clients. Users have been complaining that they are unable to access resources over the WAN at the main headquarters. You suspect that one of the routers between your office and the main headquarters is not working properly. What TCP/IP utility can you use to see if a router is not working properly?
tracert.
Your organization is in the process of negotiating an Interoperability Agreement (IA) with another organization. As part of this agreement, the partner organization proposes that a federated trust be established between your domain and their domain. This configuration will allow the users in their domain to access resources in your domain and vice versa. As a security administrator, which tasks should you complete during this phase?(Select two.) Conduct security audit on the partner organization Reset all passwords used by the third party to access data or applications on your network Identify how data ownership will be determined verify compliance with the IA documents Identify how data will be shared
Identify how data ownership will be determined Identify how data will be shared
What is the primary goal of business continuity planning? Protecting an organization from major computer services failure Maintaining business operations with reduced or restricted infrastructure capabilities or resources Minimizing the risk to the organization from delays and interruptions in providing services Minimize decision making during the development process
Maintaining business operations with reduced or restricted infrastructure capabilities or resources
optical time domain reflectometer
OTDR
What is the primary goal of business continuity planning?
Maintaining business operations with reduced or restricted infrastructure capabilities or resources
Which protocol is used for securely browsing a web site?
HTTPS
"Which form of access control enforces security based on user identities and allows individual users to define access control over owned resources?"
"DAC(Discretionary Access Control) uses identities to control resource access. Users can make their own decisions about the access to grant to others users."
"You have a system that allows the owner of a file to identify users and their permissions to the files. Which type of access control model is implemented?"
"Discretionary Access Control (DAC) model. With DAC, individual use their own discretion ( decision or preferences) for assigning permissions and allowing or denying access."
"What type of access control focuses on assigning privileges based on security clearance and data sensitivity?"
"MAC (Mandatory Access Control) uses classifications to assign privileges based on a security clearances and data sensitivity."
Which of the following best describes one-factor authentication?
"Multiple authentication credentials may be required, but they are all of the same type. (something you know, such as a password, PIN, pass phrase, or cognitive question)"
You would like to add additional servers to your network. You have decided to use virtual machines and Hyper-V to create these servers. You have installed Hyper-V on the Server named CorpServer. You would like to create a virtual machine that will be used to install a Domain Controller for the network. Create a new virtual machine as follows: -Create a virtual hard disk named CorpDC in the D:\HYPERV\Virtual Hard Disks directory. -Select the format that allows for maximum backwards compatibility -Configure the disk for best performance -Configure a size of 500 GB
**Create the Test Network Virtual Network** **Configure virtual machine network settings - Create a legacy network adapter. - Configure the legacy adapter to use the WDS network.** **Create a Virtual Hard Drive** From server manager select tools - New, hard disk - next - Select disk format, next - select disk type, next - type the name of the path for the hard disk file, click next - type the size for the new hard disk, next - finish. **Create a Virtual Machine** In Hyper-V manager, R click the server and select New - Virtual Machine, click next - Type the name for the virtual machine, to modify the path to the virtual machine files, select Store the virtual machine in a different location and specify the path, click next - Type the amount of memory , click next - Select the network used by the virtual machine, click next - Select the option for the virtual hard disk to either a new disk, existing disk or attach a disk, select next - if you created a new virtual hard disk, you will be prompted for the operating system installation, select the method you need, click next - finish. **Create a Virtual Switch** In Hyper-V Manager, R click the server and select Virtual Switch Manager - Select New Virtual Network Switch in the left pane - In the right pane, select the network type and click create virtual switch - Type the virtual network name and configure additional parameters as necessary click apply - click yes to apply, click ok. **Configure Virtual Machine Settings** In Hyper-V R click the virtual machine and select settings - In the add hardware section, select legacy network adapter, and click add - for the network adapter, select which virtual switch to use, click apply - To boot from the legacy adapter, select BIOS from the hardware list, to change boot order select the legacy network adapter click move up to move to the top of the list, click apply - To configure dynamic memory, select memory from the hardware list, configure settings as desired click apply - click ok
You are the IT Administrator for the CorpNet domain. You are in the process of implementing a group strategy for your network. The CorpNet domain has a Support OU. All Support employees in the domain have user accounts within the Support OU itself or the Support sub OU's. All support employees need access to the Support department's shared folders and printers. Your group strategy must minimize administration when granting resource access to new Support employees or removing resource access from old Support employees. Your task in this lab is to implement a group strategy that meets the above requirements on the CorpDC
**Support - Global security group - All user accounts in the Support OU and the Support sub OU's. Add Tom Plask, Shelly Emery and Janice Rons as a member and Support Group as a member of Support Resources - Domain local security group -add the Support Group as a member of the Support Resources group**
You are the IT Administrator for a small corporate network. Until now your network has consisted only of workstations accessing the internet through a consumer grade switch. You have convinced management that adding a server would ease your administrative burden. As a result, you are testing various configurations of the Windows Server 2012 operating system. CorpServer currently has two volumes. You would like to create a volume that could easily be moved to another server, if needed. Your task in this lab is to create a volume using a VHD file.
*Create a VHD file File name: C:\MyVHD.vhd Size: 100 GB Dynamic *Create the VHD_Vol volume
You are the IT Administrator for a small corporate network. Until now the network has consisted only of workstations accessing the internet through a consumer grade switch. You have convinced management that adding a server would ease your administrative burden. As a result, you are testing various configurations of the Windows Server 2012 operating system. You have reinstalled the operating system on a server named CorpServer. During this installation, you created a single partition that took up the entire first disk. You would like to add fault tolerance to the system volume and create an additional fault tolerant volume for storing data. Four additional hard disks are now installed in the Server. Your task in this lab is to complete the following tasks: -Modify the existing System volume to add fault tolerance. -Create a new volume that provides both fault tolerance and improved performance. Use the following settings for the volume: -Make the volume as large as possible given the existing drives. -Assign drive letter R -Format the drive using NTFS and assign Data as the volume label.
*Mirror the C: Drive *Create the Data volume *Create the volume as a RAID-5 volume *Create a 2 TB volume *Assign drive letter R *Format the volume with NTFS
Which of the following are advantages of using fiber optic cabling for a network, as opposed to other types of cabling? (Select two)
-Immunity to electromagnetic interference -Greater cable distances without a repeater
Which of the following are characteristics of an MT-RJ fiber optic connector? (Select two)
-They can be used with multimode fiber optic cables. -They use metal guide pins to ensure accurate alignment.
Match the COS priority on the left with the corresponding value on the right.
0-Best effort (default) 1-Backgroud 2-Excellent effort 3-Critical applications 4-Video(<100ms latency) 5-Video(<10ms latency) 6-Internetwork control 7-Network control
You have several shared folders on the H:\ drive of the CorpFiles12 server. To improve fault tolerance and allow backup of open files, you need to enable shadow copies for the drive. Complete the following tasks: -Enable shadow copies on the H:\ drive -Store the copies on drive D:\ -Configure a limit of 24000 MB for shadow copies - Configure a single schedule to run once a day at 8:00 pm - Delete any other schedules.
1. From Hyper-V Manager click CORPSERVER 2. R click CorpFiles08 and select connect. 3. On the taskbar, click file explorer. 4. R click the drive and select Configure shadow copies 5. Select the drive and click settings 6. Select the drive on which to store shadow copies from Located on this volume: , if necessary. 7. To configure a storage limit, select Use Limit: and type the amount of space to use for shadow copies. 8. Be default, shadow copies are taken twice daily. To set a schedule click Schedule -Modify the selected schedule by selecting specific days or other parameters. -To delete a schedule, select it in the dropdown, then click delete. - To create a new schedule, click New > Schedule Task > Start time Click ok to save
You have previously installed the LaserJet4240 printer and shared it on CorpFiles12 using a share name of ResearchPrinter. Due to an increase in the workload on the printer, you decide to add a second print device for members of the Research team to use. You want print jobs to be automatically load balanced between the two print devices without having to install a second printer to client systems or having users choose between two printers. Your task in this lab is to enable printer pooling on the LaserJet4240 printer. The second print device has been connected to a Standard TCP/IP port on 192.168.0.21.
1. From Hyper-V Manager click CORPSERVER, click on CorpFiles12 server and select connect. From Server Manager select Tools > Print Management > Expand the print servers and the server nodes. > Select printers > R click the appropriate printer and select properties > Select the ports tab > Select Enable Printer Pooling, then check additional ports used by the printer. Do not deselect currently used ports. Click ok.
You need to manage the permissions You need to manage the permissions assigned to various folders. Department data is stored on the server in a folder named D:\Departments on CorpFiles08. Each department has a subfolder within the Departments folder where they can publish files to the rest of the company. The default permissions inherited by the D:\Departments folder and each departmental subfolder currently allow all users to read and execute files. Your task in this lab is to configure permissions for each departmental subfolder so that only users within each department can change their department's files. To complete this task, assign permissions as outlined in the following table: Folder Group Permissions D:\Departments \Accounting Accounting Resources domain local group Allow Full Control D:\Departments \Research Research Resources domain local group Allow Full Control D:\Departments \Sales Sales Resources domain local group Allow Full Control D:\Departments \Support Support Resources domain local group Allow Full Control
1. From Hyper-V Manager, click CORPSERVER 2. R click the CorpFiles08 and select connect. 3. choose start > computer 4. browse to and R click a drive, folder, or file and select properties. 5. go to security tab. this tab lists each security principal who has permission to the drive, folder, or file. to view permissions for a security principal select it. the permissions granted to the selected user or group are displayed. 6. you can take one or more of the following actions to change permissions for a drive, folder or file. To Add permissions for a new security principal: Click Edit, Click Add, If necessary click locations...button and select the location where Windows will look for security principals. Click ok. Type the name of each security principal in the specified location that will receive permission to the shared folder, or click advanced...then Find Now to select security principal from a list. Click ok. To configure permissions for existing security principal on the security list: Click Edit, Select the security principal, check or uncheck the Allow check box for the desired permissions. Click ok. To remove permissions for a security principal: Click Edit, select the security principal, click remove, click ok.
The director of the Accounting department has requested a copy of older versions of purchase order reports located in the POs share. He would like a copy of any report versions available from 2012. The files are located in the D:\Finances\POs directory on the CorpFiles08 server. You need to retrieve previous version of the POs folder without affecting any of the current files or folders in D:\Finances. Your task in this lab is to retrieve a copy from a restore point of the POs folder located in the D:\Finance directory on the CorpFiles08. Copy the folder to the D:/Temp folder on the system.
1. From Hyper-V Manager, click CORPSERVER. 2. R Click on the CorpFiles08 server and select Connect. 3. Click Start / Computer 4. Browse to the D:\Finances folder 5. R click on the POs folder and select Restore Previous Versions. 6. Select the appropriate version of the folder and click Copy. 7.Browse to the desired location and click copy. 8. Click ok.
Which Gigabit Ethernet standard can support long network segments up to a maximum of 5 km when used with single mode fiber-optic cable?
1000BaseLX
You would like to implement 10 Gbps Ethernet over a distance of 1 km or greater. Which of the following would be the minimum requirement for the implementation?(2 answers)
10GBaseLR standards Single mode fiber
You have been tasked with designing an Ethernet network. Your client needs to implement a very high-speed network backbone between campus buildings; some of which are around 300 m apart. Fiber-optic cabling has already been installed between buildings. Your client has asked that you use the existing cabling that operates at full-duplex. Which Ethernet standard meets these guidelines?(2 answers)
10GBaseSR 1000BaseSX
which of the following services automatically creates and deletes host records wen an ip address lease is created or released?
DYNAMIC DNS
You've decided to use a subnet mask of 255.255.192.0 on the 172.17.0.0 network to create four separate subnets. Which network IDs will be assigned to these subnets in this configuration? (selec two)
172.17/128.0 AND 172.17.0.0
You have a computer that is connected to the internet through a NAT router. You want to use a private addressing scheme for your computer. Which of the following IP addresses could you assign to the computer?
172.18.188.67 10.0.12.15 192.168.12.253
Which of the following defines an objects as used in access control.
Data, Applications, systems, networks, and physical space
Which of the following fire extinguisher types poses a safety risk to users in the area? (Select two.) Halon CO2 Water Foam
Halon CO2
You have been contacted by OsCorp to recommend a wireless solution.
802.11g
You want to increase the security of your network by allowing only authenticated users to be able to access network devices through a switch. Which of the following should you implement?
802.1x 802.1x authentication is an authentication method used on a LAN to allow or deny access based on a port or connection to the network. 802.1x is used for port authentication on switches and authentication to wireless access points. 802.1x requires an authentication server for validating user credentials. This server is typically a RADIUS server. Authenticated users are allowed full access to the network; unauthenticated users only have access to the RADIUS server.
You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solution? (Select two.)
802.1x authentication Remediation servers
Which of the following is the countermeasure against man in the middle attacks?
IPsec
Which of the ff. describes a logic bomb?
A program that performs a malicious activity at a specific time or after a triggering event.
SNMP
A protocol used to monitor and manage network devices, such as routers, switches, and servers.
Which of the following is an example of two-factor authentications?
A token device and a pin
Which of the following is an example of an internal threat?
A user accidentally deletes the new product designs
Which of the following is an example of an internal threat? A server backdoor allows an attacker on the Internet to gain accesss to the intranet site A delivery man is able to walk into a controlled area and steal a laptop A water pipe in the server room break A user accidentally deletes the new product designs
A user accidentally deletes the new product designs
A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to the wireless network and then uses NMAP to probe various network hosts to see which operating system they are running. Which process did the administrator use in the penetration test in this scenario?
Active fingerprinting Active fingerprinting is a form of system enumeration that is designed to gain as much information about a specific computer as possible. It identifies operating systems based upon ICMP message quoting characteristics. Portions of an original ICMP request are repeated (or quoted) within the response, and each operating system quotes this information back in a slightly different manner. Active fingerprinting can determine the operating system and even the patch level.
You work as the IT Administrator for a small corporate network. You have recently expanded the network to a second building. In doing so, you have removed the consumer grade internet router that you started with and have installed a network router to the other building. You have decided to use CorpDHCP12 Server as a DHCP server to replace the DHCP service that was provided by the consumer grade router. Your task in this lab is to: -Install the DHCP Role -Authorize the CorpDHCP12 as a DHCP server. -configure and activate the DHCP scope as follows: -Name: Subnet1 -Address range: 192.168.0.1 to 192.168.0.100 -Subnet mask: 255.255.255.0 -Lease duration: 5 days Do NOT configure exclusions at this time.
Add a DHCP Role 1. Go to CORPSERVER > CorpDHCP12 and select connect 2. From server manager, select Manage > Add Roles and Features 3. Click next to begin the add roles and features wizard, verify that role-based or feature based installation is selected and click next. 4. Ensure that CorpDHCP12.CorpNet is selected in the Server pool area, and then click next. 5. Select the DHCP server role, and click add features when prompted to add additional features, click next. 6.Click install to add the selected role services. 7.Click complete DHCP configuration link to begin the DHCP Post-Install configuration wizard. 8.Verify credentials and click commit > Close. Configure and Activate the DHCP Scope 1. From Server Manager, Select Tools > DHCP > R click the protocol for which you wish to create the scope and choose New Scope. 2. Click next to start the new scope wizard > Name the scope > Next > Configure IP address > Next Configure lease duration > Select No, I will configure these options later > Next > Finish > To activate scope, browse to and select the Subnet1 scope > **R click the scope and choose Activate**
You work as the IT Administrator for a small corporate network. You have recently expanded the network to a second building. In doin so, you have removed the consumer grade internet router that you started with and have installed a network router to the other building. You have decided to use the CorpDHCP12 server as a DHCP server to replace the DHCP service that was provided by the consumer grade router. Your task in this lab is to: -Install the DHCP role -Authorize the CorpDHCP12 as a DHCP server. -Configure and activate the DHCP scope as follows: Name: Subnet1 Address Range: 192.168.0.1 to 192.168.0.100 Subnet Mask: 255.255.255.0 Lease Duration: 5 days Do not configure exclusions or options at this time.
Add a DHCP Role: 1. Click CORPSERVER, go to CorpDHCP12 and connect. 2. Go to Manage > Add Roles and Features 3. Next > Role-based or feature based installation is selected and click next 4. Ensure that CorpDHCP12.CorpNet is selected in the Server Pool area, and click next. 5. Select DHCP Server role, and click Add Features when prompted to add additional features. Click Next 6. Click install to add the selected services, click complete DHCP configuration link to begin the DHCP Post-Install configuration wizard. Click Next, Commit Configure and Activate the DHCP Scope: 1. From Server Manager select Tools > DHCP 2. Expand the DHCP Server > R click the protocol for which you wish to create the scope and choose New Scope.. 3. Click next to start the new scope wizard, name the scope then click next, configure the IP Address 4. Type a start IP address and an end IP Address - Set the subnet mask by typing the mask value or typing the number of subnet mask bits. Click Next 5. Click next to ignore any exclusions and delays, configure lease duration, click next, select No, I will configure these options later to postpone configuring other DHCP options, then click next. Click finish. To activate scope, browse to and select the Subnet1 scope. R click the scope and choose Activate.
You have recently installed the DHCP service on the CorpDCHP12 server. You have configured two scopes--one for your original building (on 192.168.0) and one for a new building which you have connected to your network (on 192.168.10). Each building is shown in the Change Location diagram. After activating the scopes, you find that clients on Subnet1 have received IP addressing information from the DHCP server. Clients on Subnet2, however, have IP addresses in the range of 169.254.0.0/16. You realize that DHCP messages are not being forwarded through the router. Your task in this lab is to: Use Routing and Remote Access to configure CorpServer2 as a DHCP relay agent. To do so, complete the following tasks in Routing and Remote Access:1.Add the DHCP Relay Agent routing protocol. 2.Add Local Area Connection as a DHCP Relay Agent interface. Set the boot threshold to 0. 3.Configure the DHCP Relay Agent properties to identify 192.168.0.14 as the DHCP server. Renew the TCP/IP information on Exec2 (the client machine in Bldg B) and verify that it has a network connection.
Add the DHCP Relay Agent Protocol: 1. Choose Start / Administrative Tools / Routing and Remote Access 2. Expand the server node and the appropriate protocol node. 3. R click the general node and choose New Routing protocol 4. Select DHCP Relay Agent and click ok. Add and Configure a Relay Agent Interface: 1. R click the DHCP Relay Agent node and select New Interface.. 2. select the interface that will listen to DHCP broadcast. Click ok. 3. be sure the Relay DHCP packets option is enabled. 4. Set the hop count and boot thresholds. Click ok. Identify the DHCP Server: 1. R click the DHCP Relay Agent node and select properties 2. Type the IP address of the DHCP server, This is the sever to which DHCP broadcasts will be forwarded. 3. Click ok Renew The TCP/IP Address: 1. On Exec2, type command (command prompt) 2. In the cmd prompt, type ipconfig /renew the computer should receive an address of 192.168.10 network. 3. Click on the network icon in the Task bar to view the connection status.
You need to replace a fiber optic cable that is connecting two switches together. You instpect the existing fiber cable and determine that it uses LC connectors. You also notice the cable's ferrule has a slight slant to it. Which polish grade should you use to replace the existing cable?
Angled Physical Contact polish
You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem?
Application log.
A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computers represent?
Botnet A botnet refers to a collection of zombie computers which are commanded from a central control infrastructure to propagate spam or to collect usernames and passwords to access secure information.
A programmer that fails to check the length of input before processing leaves his codevulnerable to what form of common attack?
Buffer overflow
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?
Buffer overflow A buffer overflow occurs when software code receives too much input than it was designed to handle and when the programmer of that code failed to include input validation checks. When a buffer overflow occurs, the extra data is pushed into the execution stack and processed with security context of the system itself. In other words, a buffer overflow attack often allows the attacker to perform any operation on a system.
You are building a wireless network within and between two buildings. The buildings are separated by more then 3000 feet. The wireless network should meet the following requirements....
Building 1-location A Right-facing directional Antenna/WPA2 with CCMP Building 1-location B Omni directional Antenna/WPA2 with CCMP Building 1-location C Left-facing directional Antenna/WPA2 with CCMP Building 1-location D Right-Facing Parabolic Antenna/WPA2 with CCMP Building 2-location A Omni Directional/WEP with Open authentication Building 2-location B Left-facing Parabolic Antenna/WPA2 with CCMP
In business continuity planning, what is the primary focus of the scope?
Business processes Company assets are the focus of risk assessment for security policy development, not BCP. Human life and safety are considerations for emergency response, but are not the focus of the BCP scope. Recovery time objective is a consideration in the development of emergency response, not an aspect of BCP scope.
Which of the following network layer protocols provides authentications and encryptions services for IP based network traffic?
IPsec
You are configuring the file system of a Windows Server 2012 server. You shared the D:\Shared folder on CorpFiles12 for common file access. The Everyone group has complete NTFS permissions to the folder (except permission to change file and folder permissions). The folder is shared using its default share name. Network users report that they can only read data in the Shared folder. They should be able to create, edit, and delete all folders and files. You want to enable these permissions using the least administrative effort. Your task in this lab is to fix the access problem by granting Everyone the Allow Change permission to the Shared folder.
CORPSERVER > R click CorpFiles12 > Connect > On the taskbar, click File Explorer > Navigate to the shared folder and select properties > On the sharing tab click Advanced sharing > Click permissions > Select the user or group then check or uncheck the Allow check box for the desired permissions, click ok> click ok to save changes.
Which of the following are advantages of virtualization? select two
Centralized administration Easy migration of systems to different hardware
You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this?
Chain of custody
You just developed a new Cisco router that connects several network segments in your organization. The router is physically located in the server route that requires an ID card to gain access. You backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using Telnet client with a username admin and a password of admin. You used the MDS hashing algorithm to protect the password. What should you do to increase the security of this device? select two
Change the default administrative username and password Use an SSH client to access the router configuration
You recently installed a new all-in-one security appliance in a remote office. You are in the process of configuring the device. You need to: • Increase the security of the device. • Enable remote management from the main office. • Allow users to be managed through Active Directory. You want to configure the device so you can access it from the main office. You also want to make sure the device is as secure as possible. Which of the following tasks should you carry out? (Select two.)
Change the default username and password. Configure the device's authentication type to use Active Directory.
Consider the following IP address. 1. 124.77.8.5 2. 131.11.0.9 3. 190.66.250.10 4. 196.5.89.44 Which list represents the IP address class of each listed IP address?
Class A, Class B, Class B, Class C.
Which of the following describes the address type?
Classless
You manage a server that uses an IP address of 192.168.255.188 with a mask of 255.255.0.0. Which of the following describes the address type?
Classless
You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this?
Client-side scripts JavaScript is an example of client-side scripting, where the client system runs the scripts that are embedded in Web pages. When pages download, the scripts are executed. ActiveX runs executable code within a browser, but ActiveX controls are not written using the JavaScript language. Server-side scripts execute on the server, and modify the Web pages served to clients based on the results of the scripts. The Common Gateway Interface (CGI) is scripting language that is often used to capture data from forms in a Web page and pass the data to an external program. CGI runs on the server to process Web form data.
Match each wireless term or concept on the left with its associated description on the right
Compares the level of the WIFI signal to the level of background radio signals/ Signal to Noise ratio Checks channel utilization and identifies sources of RF inference/ Spectrum analysis Identifies how strong a radio signal is at the receiver/Received Signal Level Identifies the number of useful bits delivered from the senders to the receiver/ Causes multiple copies of the same radio signal to be received by the receiving antenna/ Bounce Degrades wireless network performance/ Device saturation
What does an IDS that uses signature recognition use for identifying attacks?
Comparison to a database of know attacks
Match each switch management method on the left with its corresponding characteristics on the right. Each method may be used once, more than once, or not at all.
Competes with normal network traffic for bandwidth In-band management Uses a dedicated communication channel Out-of-band management Must be encrypted to protect communications from sniffing In-band management Does not compete with normal network traffic for bandwith Out-of-band management Affected by network outages In-band management
SNMP agent
Component of SNMPv1/v2c Network Management Solution: A piece of software that runs on a managed device (for example, a server, router, or switch).
MIB
Component of SNMPv1/v2c Network Management Solution: Information about a managed device's resources and activity is defined by a series of objects.
SNMP manager
Component of SNMPv1/v2c Network Management Solution: Runs a network management application. Sometimes referred to as a network management system (NMS).
Coaxial Cable
Composed of two conductors Inner Conductor: Insulated Outer Conductor: Made of metallic foil or woven wire, protects wire
Computers A and B are on the same VLAN and are separated by two switches, as shown in the exhibit. Computer A sends a Fram to Computer B. Which of the following best describes the composition of the frame as it travels from A to B?
Computer A sends a normal frame. The first switch appends a VLAN ID to the frame. The second switch removes the VLAN ID before forwarding it to Computer B.
Besides protecting a computer from under voltages, a typical UPS also performs which two actions:
Conditions the power signal Protects from over voltages
"You want to make sure that all users have password over 8 characters and that passwords must be changed every 30 days. What should you do?"
Configure account policies in Group Policy
Which of the following is not a valid concept to associate with integrity.
Control access to resource to print unwanted access
• You notice that a router/firewall/content filter UTM device has been implemented in the server closet to protect the internal network from external attacks. Which securityrelated recommendations should you make to this client? (Select two.)
Control access to the work area with locking doors and proximity readers. //Relocate the switch to the locked server closet.
You are the IT Security Administrator for a small Corporate Network. You would like to allow a group of desktop administrators to have administrative rights to all of the workstations in the domain. The workstations are located in the Workstations OU. Your task in this lab is to complete the following actions on the CorpDC server: -Create a global security named Desktop Admins in the Admins OU. -Configure a restricted group policy in the WorkstationsGPO object that adds the Desktop Admins group to the local admins group on the workstations.
Create a Group CorpServer > R click CorpDC , Connect > From Server Manager select Tools > Active Directory Users and Computers > Browse the Active Directory structure to the parent OU > R click the OU or other container in which the new group must be created > From pop up menu click New > Group > Type a name for the group > Select a group scope and group type then click ok. Create a Restricted Group: From Server Manager, select Tools > Group Policy Management > Browse to policy object R click and select edit > In group policy Management editor, browse to computer Configuration / Policies / Windows Settings / Security Settings / Restricted Groups / R click and Select Add Group > Click browse then enter name of group > click ok > In the "This Group is a member of" section click Add > Type the name of the local group to the group will be added > Click ok
You work as the IT Administrator for a small corporate network. You have two servers in addition to your DNS server that use static addresses on the 192.168.0.0/24 subnet . You plan to install three additional servers soon. You need to create DNS records for these servers on the CorpDC DNS server. Your task in this lab is to: Create an IPv4 Active Directory-integrated reverse lookup zone for subnet 192.168.0.0/24. (Accept the default replication and dynamic updates settings.) Manually create A records and PTR records for the following hosts: Host IP Address CorpServer.CorpNet 192.168.0.10 CorpFiles08.CorpNet 192.168.0.12 CorpFiles12.CorpNet 192.168.0.13 CorpDHCP.CorpNet 192.168.0.14 CorpWeb.CorpNet 192.168.0.15
Create a Primary Reverse Lookup Zone 1. From Hyper-V Manager, click CORPSERVER. 2. R click the CorpDC server and select connect. 3. From server manager select tools > DNS 4. If necessary, expand the server node that will host the new zone. 5. R click reverse lookup zone, and select new zone. 6. Click next to begin the new zone wizard. 7. Select primary zone as the zone type and verify that store the zone in active directory is selected, then click next. 8. Select the appropriate replication scope, then click next. 9. Select the type of reverse lookup zone you wish to create. Click next 10. Enter the network ID. From the address, omit any trailing zeros that are excluded based on the subnet mask. click next. 10.1 For subnet 10.1.0.0/16 click next 11. Specify the type of dynamic updates that will be accepted for the DNS zone. 12. Click next, finish. Create a Host (A) and Associated Pointer (PTR) Record 1. In the DNS console, expand the server and the Forward Lookup zone nodes. 2. R click the zone that will hold the new host record and select New Host (A or AAAA) 3. Enter the host name and IP address. 4. To create the PTR record automatically, check the Create Associated pointer (PTR) record option. The reverse lookup zone must exist for this record to be created. 5. Click Add Host, then click ok. 6. Repeat steps 3 through 5 to add additional host records as necessary. 7. Click done to close the New Host dialog.
You are building network cables and attaching RJ45 connectors to each end. Which tool do you need fo this task?
Crimping tool You should use a crimping tool designed for RJ45 connectors to attach connectors to UTP cable.
You have a TCP/IP network with 50 hosts. There has been inconsistant communication problems between hosts. You run a protocol analyzer and discover that two hosts have the same IP address assigned. Which protocol can you implement on your network to help prevent problems such as this?
DHCP
You have a network with 50 workstations. You want to automatically configure workstations with the IP address, subnet mask, and default gateway values. Which device should you use?
DHCP Server.
A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organizations firewall. As a result, the switch drops the DHCP message from that server. Which security feature was enabled on the switch to accomplish this?
DHCP snooping
Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted Internet?
DMZ A DMZ or demilitarized zone is a network placed between a private secured network and the untrusted Internet to grant external users access to internally controlled services. The DMZ serves as a buffer network.
You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. Which protocol should you implement?
DNS
Which type of Denial of Service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses?
DNS poisoning
You need to enable hosts on your network to find the IP address of logical names such as srv1.myserver.com Which device would you use?
DNS server
Which wireless networking component is used to correct multiple APs together?
DS
Which of the following Internet connection technologies requires that the location be within a limited distance of the telephone company central office?
DSL
Which WAN connection type use digital communications over POTS?
DSL ISDN
Breaks data into pieces and ends the pieces access multiple frequencies in a defined range
DSSS
You have configured a wireless access point to create a small network. You have configured all necessary parameters. Wireless clients seem to take a long time to find the wireless access point. You want to reduce the time it takes for the clients to connect. What should you do?
Decrease the beacon interval.
VPN Concentrators
Dedicated device to terminate a VPN circuit
You have just connected a new computer to your network. The network user static IP addressing. You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having a problem Which of the configuration values would you most likely need to change?
Default gateway.
You have just finished installing the operating system and applications on the ServerParent virtual machine. This virtual machine will be used to create two child virtual machines that use differencing disks. Your task in this lab is to complete the configuration and configure the two child virtual machines. Complete the following: In Hyper-V Manager, delete the ServerParent virtual machine. In File Explorer, set the D:\HYPERV\Virtual Hard Disks\ParentDisk.vhd file to Read Only. Create two new differencing hard disks named Server1.vhd and Server2.vhd. Save all hard disks in D:\HYPERV\Virtual Hard Disks. Use the ParentDisk.vhd disk as the parent disk. Create two new virtual machines named Server1 and Server2. Save the machines in the D:\HYPERV\ directory. Use 4096 MB of RAM for each virtual machine. Configure each virtual machine to use the External network. Configure each virtual machine to use the corresponding virtual hard disk you created earlier.
Delete a Virtual Machine: 1. Tools > Hyper-V Manager 2. Select the tool that holds the machine 3. If necessary, R click the virtual machine and select Turn Off 4. R click the virtual machine and select delete. Make a Virtual Hard Disk Read Only: 1. Click File Explorer 2. Browse to location of the virtual hard disk. 3. R click the ParentDisk.vhd file and select properties. 4. Select Read only check box and click ok. Create a Differencing Disk: 1. In Hyper-V Manager, R click and select New > Virtual Machine click next 2. Type the name for the virtual machine, next 3. Type the amount of memory to use with the virtual machine and click next 4. Select the network used by the virtual machine, click next 5. Select the option for the virtual hard disk to use, either new disk, an existing disk, or attaching a disk later. Click next 6. If you created a new virtual hard disk, you will be prompted for the operating system installation. Select the installation method and click next. Click Finish.
You have just installed a packet filtering firewall on you network. What options will you be able to set on you firewall?
Destination address of packet Source of address of a packet Port number
Content Switch
Distributes incoming requests across the various servers in a server farm
Which of the following are true for the IS-IS routing protocol?
Divides large networks into areas. Supports IPv6 routing.
A network switch is configured to perform the following checks on its ports. -all ARP requests -each intercepted request -if the packet has a valid Binding -if the packet has an invalid binding What security feature was enabled on the switch to accomplish this?
Dynamic ARP inspection
You have contracted with a vendor to supply a custom application that runs on Windows workstations. As new application versions and patches are released, you want to be able to automatically apply these to multiple computers. Which tool would be the best choice to use?
Group Policy
You need to configure the FastEthernet 0/1 interface on a switch to automatically detect the appropriate link speed and duplex setting by negotiating with the device connected to the other end of the link. Drag the command on the left to the approbate configuration step on the right to accomplish this. Not all of the commands may be required
Enter global configuration mode conf t Enter interface configuration mode int fa0/1 Set speed of the interface speed auto Set the duplex setting for the interface duplex auto
Wide Area Network (WAN)
Group of LANs that are geographically isolated.
You are a network administrator for your computer. A frantic user calls you one morning exclaiming that "nothing is working." What should you do next in your troubleshooting strategy?
Establish the symptoms.
Uses a narrow frequency band and hops data signals in a predictable sequence
FHHS
Which of the following is likely to be located in a DMZ?
FTP server
You have two switches connected as shown in the Exhibit. You would like to configure rapid spanning tree on switch A. On which ports would you use portfast command?
Fa0/1 and Fa0/2
You are moving a client to a new location within an Ethernet network. Previous to the move, the client system did not have any difficulty accessing the network. During the relocation, you attach a patch cable from the client system to the wall jack and from the patch panel to the switch. Once connected you do not get a link light on the network card or the switch. You swap out the cable running between the patch panel and the switch with a known working one but you can still not connect. Which of the following might you suspect as the problem?
Failed patch cable between the client system and the wall jack.
You have heard about a Trojan horse program where the compromised systems sends personal information to a remote attacker on a specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker. Which log would you monitor?
Firewall
Match the virtualization feature on the right with the appropriate description on the left.
Flexibility - Moving virtual machines between hypervisor hosts Testing - Verifying that security controls are working as designed Server consolidation - Performing a physical-to-virtual migration (P2V) Sandboxing - Isolating a virtual machine from the physical network
You have just configured a scope on the CorpDHCP12 server to service the 192.168.0.0/24 subnet. You defined a scope to distribute IP addresses between 192.168.0.1 and 192.168.0.100. You need to prevent the DHCP server from assigning addresses used by the servers and network devices. Your task in this lab is to create two exclusion ranges as follows: Create a range to exclude addresses 192.168.0.1 to 192.168.0.6 Create a range to exclude addresses 192.168.0.10 to 192.168.0.
From Hyper-V Manager, Click CORPSERVER R Click the CorpDHCP12 server and select connect From Server Manager, select Tools > DHCP Expand the Server node and expand the appropriate protocol. Expand the scope folder. R click the address pool node and choose New Exclusion Range Enter the starting and ending IP addresses. To exclude a single IP address, leave the ending address blank. Click Add Click close to close the add exclusion range dialog.
Which of the following is true of a wireless network SSID?
Groups wireless devices together into the same logical network
You have installed Hyper-V on the CorpServer server. You want to use the server to create virtual machines. Prior to creating the virtual machines, you are experimenting with virtual switches. Your task in this lab is to create the following virtual switches: -Create a virtual switch named Switch 1. This switch is to be used only by virtual machines to communicate with each other. No other device should be able to use this switch. - Create a virtual switch named Switch 2. This switch is to be used by the virtual machines and the CorpServer server. Other network devices should not be able to use this network.
From Server Manager, select Tools > Hyper-V Manager R Click the server and select Virtual Switch Manager Select New virtual network switch in the left pane. In the right pane, select the type of switch type and click create virtual switch type the virtual switch name and configure additional properties as necessary. click apply button, click yes to apply changes.
Which of the ff. solutions would you use to control the actions that users can perform on a computer, such as shutting down the system, logging on through the network, or loading and unloading device drivers?
Group Policy
Match each physical security control on the left with an appropriate example of that control on the right. Each security control may be used once, more than once, or not at all.
Hardened carrier Protected cable distribution Biometric authentication Door locks Barricades Perimeter barrier Emergency escape plans Safety Alarmed carrier Protected cable distribution Antipassback system Physical access control Emergency lighting Safety Exterior floodlights Perimeter barrier
Match each physical security control on the left with an appropriate example of that control on the right. Each security control may be used once, more than once, or not at all.
Hardened carrier >> Protected cable distribution Biometric authentication >> Door locks Barricades >> Perimeter barrier Emergency escape plans >> Safety Alarmed carrier >> Protected cable distribution Anti-passback system >> Physical access control Emergency lighting >> Safety Exterior floodlights >> Perimeter barrier
Match each physical security control with the appropriate example:
Hardened carrier: Protected cable distribution Biometric authentication: Door locks Barricades: Perimeter barrier Emergency escape plans: Safety Alarmed carrier: Protected cable distribution Anti-passback system: Physical access control Emergency lighting: Safety Exterior floodlights: Perimeter barrier
By definition, what is the process of reducing security exposure and tightening security controls?
Hardening
Which method can be used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence?
Hashing
Which of the following devices can monitor a network and detect potential security attacks?
IDS
Which of the following is a security service that monitors network traffic in real time of reviews the audit logs on servers looking for security violations?
IDS
Which protocol does an IP host use to inform a router that it wants to receive specific multicast frames?
IGMP
You have a private network connected to the Internet. Your routers will not share routing information about your private network with the Internet routers. Which of the following best describes the type of routing protocol you would use?
IGP
You have a private network connected to the Internet. Your routers will not share routing information about your private networkwith Internet routers. Which of the following best describes the type of routing protocol you would use?
IGP
You have a private network connected to the Internet.Your routers will not share routing information about your private network with Internet routers. Which of the following best describes the type of routing protocol you would use?
IGP
Match each type of access point on the left with the wireless network architecture that they are commonly used in on the right
Independent access point infrastructure/ Intelligent AP Hub-and-spoke infrastructure/ Lightweight AP Distributed wireless mesh infrastructure/ Intelligent AP
Which of the following best describes spyware?
It monitors the actions you take on your machine and sends the information back to itsoriginating source.
You have two folders that contain documents used by various departments: o The Development group has been given the Write permission to the Design folder. o The Sales group has been given the Write permission to the Products folder. No other permission have been given to either group. User Mark Tillman needs to have the Read permission to the Design folder and the Write permission to the Products folder. You want to use groups as much as possible. What should you do?
Make Mark a member of the Sales groupl add Mark's user account directly to the ACL for the Design folder.
You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activities on the disk to see what kind of information it contains. What should you do first?
Make a bit-level copy of the disk
You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activities on the disk to see what kind of information it contains. What should you do first?
Make a bit-level copy of the disk Before conducting an investigation of data on a disk, you should create a hash of the disk, create a bit-level copy of the disk, then create a hash of your copy of the disk. Perform any investigative activities on your copy of the disk, not on the original disk.
Match each wireless device on the left with is corresponding characteristics on the right.
Manages all of the Apps that are connected to it/ Wireless controller Suppors 30 to 50 wireless clients per access point/ Wireless controller Profides NAT routing and an ethernet switch in one device/ SOHO wireless router Supports a maximum of 5-10 wireless clients/ SOHO wireless router Pushes wireless configurations settings to connected access points/ Wireless controller
"You are configuring the local secuirty policy of a Windows 7 system. You want to require users to create passwords that are at least 10 characters long. You also want to prevent logon after three unsuccessful logon attempts. "
Minimum password length and account lockout threshold
Which of the following best describes OSPF
OSPF is a classless link-state routing protocol.
When recovery is being performed due to a disaster, which services are to be stabilized first? Mission critical Outside communications Financial support Least business critical
Mission critical
When recovery is being performed due to a disaster, which services are to be stabilized first?
Mission critical The services to be restored first are mission critical services. If mission critical services are not restored within their maximum tolerable downtime, the organization is no longer viable.
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration from your notebook computer using an SSH client with the user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?
Move the router to a secure server room
Match the wireless networking term or concept on the left with its appropriate description on the right.
Moving an wireless device/Roaming Used by Cisco wireless equipment/ LWAPP Specifies the number of clients/ Device density Automatically partitions a single/ VLAN pooling Graphically displays wireless/ Heat map Connects tow wired networks/ Wireless bridge Identifies how strong/ The number of useful bits/ Goodput
Which of the following best describes OSPF?
OSPF is a classless link-state routing protocol.
What key advantage does a virtual router have over a physical router?
Multiple networks can be connected to a single interface.
Which of the following is a feature of MS-CHAP v2 that is not included in CHAP?
Mutual authentication
What are the main differences between the OSPF and IS-IS routing protocols?
OSPF requires an area 0, while IS-IS does not.
What are the main differences between the OSPF and IS-IS routing protocols?
OSPF requires an area, while IS-IS does not.
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and e-mail server that you want to make available to Internet users. You want to create a DMZ for these tow serves. Which type of device should you use to create the DMZ?
Network based firewall
You are configuring a switch so that you can manage it via PuTTY from the same network segment as the switch. On the switch, you enter the following commands: switch#config terminal switch(config)#interface vlan 1 switch(config-if)#ip address 192.168.1.10 255.255.255.0 Will this configuration work?
No, the no shutdown command needs to be entered.
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through plenum UTP cable that will be run along the floor around the perimeter of the data center to prevent tripping. To provide power for the net devices.... Will this configuration work?
No, you should consider relocating the new rack next to the existing rack.
Long ass question #2... Will this implementation work?
No, you should purchase path cables that use MT-RJ connectors
You are adding a new rack to your data center, which will house five new blade servers. The new servers will be installed in a cluster that will host a customer tracking database. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to connect each new server to the switch in the existing rack using straight-through UTP cables that will be run along the floor around the perimeter of the data center. To provide power for the new devices, you will hire an electrician to install several new 20-amp wall outlets near the new rack. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work?
No, you should run the cable around the perimeter of the room in a cable tray.
Long ass question #1... Will this implementation work?
No, you shouldn't use multimode patch cables with single mode GBIC moduals
Your 24U rack currently houses two 4U server systems. To prevent overheating, yo've installed a rock-mounted environment monitoring device within the rack. Currently, the device shows the temp within the rack to be 79 degrees. what should you do?
Nothing, the temperature within the rack is within acceptable limits
Breaks data into very small data streams in order to send the information across long distances
OFDM
Which of the following routing protocols divides the network into areas, with all networks required to have an area 0 (area 0 identifying the backbone area)?
OSPF
Which of the following routing protocols divides the network into areas, with all networks required to have an area of 0 (area 0 identifying the backbone area)?
OSPF
Which of the following routing protocols divides the network into areas,with all networks required to have an area 0 (area 0 identifying the backbone areas)?
OSPF
Which of the following routing protocols uses relative link cost as the metric?
OSPF
Which of the following routing protocols are classified as link state routing protocols?
OSPF IS-IS
Which of the following routing protocols are classifies as link state routing protocols? (Select two.)
OSPF IS-IS
Match the firewall type on the left with its associated characteristics on the right. Each firewall type may be used once, more than once, or not at all.
Operates at Layer 2 >> Virtual firewall Operates at Layer 3 >> Routed firewall Counts as a hop in the path between hosts >> Routed firewall Does not count as a hop in the path between hosts >> Virtual firewall Each interface connects to a different network >> Routed firewall Each interface connects to the same network segment >> Virtual firewall
Cladding
Outer Strand of glass which helps to bend light
You have been hired to troubleshoot a wireless connectivity issue for two separate networks located within a close proximity. Both networks use a WAP from the same manufacturer and all settings, with the exception of SSIDs, remain configured to the default. Which of the following might you suspect as the cause of the connectivity problems?
Overlapping channels
Which of the following associates a port number with a host on a private network?
PAT
Which of the following associates a port number with a host on a privet network?
PAT
Consider the network diagram shown below. Click on the item in the diagram that does not follow a standardized labeling scheme
PC2
Match the authentication factor types on the left with the appropriate authentication factor on the right. Each authentication factor type can be used more than once.
PIN ==> Something you know Smart card ==> Something you have Password ==> Something you know Retina scan ==> Something you are Fingerprint scan ==> Something you are Hardware token ==> Something you have User name ==> Something you know Voice recognition ==> Something you are Wi-Fi triangulation ==> Somewhere you are Typing behaviors ==> Something you do
Which of the following is a mechanism for granting and validating certificates?
PKI
Which of the following is a mechanism for granting and validating certificates?
PKI Certificates are obtained from a Public Key Infrastructure (PKI). A PKI is a system that provides for a trusted third party to vouch for user identities. A PKI is made up of Certification Authorities (CAs), also called certificate authorities. A CA is an entity trusted to issue, store, and revoke certificates.
Which of the following describes the lines used in the local loop for dial-up telephone access?
POTS
You are configuring your computer to dial up to the internet. What protocol should you use?
PPP or Point-to-Point Protocol
Which of the following protocols or services is a commonly used on cable internet connections for user authentication?
PPPoE
You have just signed up for internet access using a local provider that gives you fiber optic line into you house form there, Ethernet and wireless connections are used to create a small network within your home. Which of the following protocols would be used to provide authentication , authorization, and accounting for the internet connection?
PPPoE
A Smurf attack requires all but which of the following elements to be implemented?
Padded cell
A Smurf attack requires all but which of the following elements to be implemented?
Padded cell A padded cell is a type of intrusion enticement mechanism similar to a honey pot. A padded cell is a simulated network environment that is created when an intruder is detected. The intruder is transferred into the padded cell where all of its activities are monitored and logged while isolating the intruder from all sensitive information or controls.
Hub
Passive Hub Active Hub Smart Hub
A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts. Which process did the administrator use in the penetration test in this scenario?
Passive fingerprinting
A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts. Which process did the administrator use in the penetration test in this scenario?
Passive fingerprinting Passive fingerprinting is a form of system enumeration that is designed to gain as much information about network computers as possible. It passively listens to network traffic generated by network hosts and attempts to identify which operating systems are in use based upon the ICMP message quoting characteristics they use. Portions of original ICMP requests are repeated (or quoted) within each response. Each operating system quotes this information back in a slightly different manner.
Which of the following is the most common form of authentication?
Password Most secure systems require only a username and password to provide users with access to the computing environment. Many forms of online intrusion attacks focus on stealing passwords. This makes using strong passwords very important. Without a strong password policy and properly trained users, the reliability of your security system is greatly diminished.
You work as the IT Administrator for a small corporate network. You are configuring a password policy for the domain. Your task in this lab is to edit the Default Domain Policy on CorpDC using Group Policy Management and configure the Account Policy settings to meet the following requirements. -Passwords must be 10 characters long -Passwords must contain uppercase letter, lowercase letter, number, and symbol characters. -Users must change passwords every 90 days. -Users cannot change a new password for at least 14 days. -Any new password must be different than the previous 10 passwords. -If five incorrect passwords are entered within a ten minute interval, lock the account. -Keep accounts locked for 1 hour, then unlock the account automatically.
Password Policy Minimum Password length-10 characters Password must meet complexity requirements- Enabled Maximum password age-90 days Minimum password age- 14 days Enforce password history- 10 passwords remembered Account Lockout Policy Account lockout threshold- 5 Reset account lockout counter after - 10 min Account lockout duration- 60 min
You are the IT Administrator for a small corporate network. As your network grows, you need to delegate common administrative tasks. You have defined the following administrative roles: PasswordAdmins: Delegate permissions to reset passwords to the entire domain ComputerAdmins: Delegate permissions to join computers to the domain for the entire domain GPOLinkAdmins: Delegate permissions to manage GPO links for the Accounting, Marketing, Research-Dev, Sales and Support OU.
PasswordAdmins: Delegate permissions in CorpNet domain to reset passwords to the entire domain ComputerAdmins: Delegate permissions in CorpNet domain to join computers to the domain for the entire domain. GPOLinkAdmins: Delegate permissions to manage GPO links for the Accounting, Marketing, Research-Dev, Sales and Support OU.
An attacker is trying to compromise a wireless network that has been secured using WPA2-PSK and AES. She first tried using AirSnort to capture packets, but found that she couldn't break the encryption. As an alternative, she used software to configure her laptop to function as an access point. She configured the fake access point with the same SSID as the wireless network she is trying to break into. When wireless clients connect to her access point, she presents them with a web page asking them to enter the WPA2 passphrase. When they do, she then uses it to connect a wireless client to the real access point. What attack techniques did the attacker use in this scenario? (Select two.)
Pharming Evil twin • Evil twin: In this exploit, an attacker near a valid wireless access point installs an access point with the same (or similar) SSID. • Pharming: In this exploit, the access point is configured to display a bogus web page that prompts for credentials, allowing the attacker to steal those credentials.
Users in your organization receive email messages informing them that suspicious activity hasbeen detected on their bank account. They are directed to click a link in the email to verify theirbeen detected on their bank account. They are directed to click a link in the email to verify theironline banking username and password. The URL in the link is in the .ru top-level DNS domain.online banking username and password. What kind of attack has occurred?
Phishing
Users on your network report that they have received an email stating that the company has just launched a new web site for employees, and to access the web site they need to go there and enter their user name and password information. No one in your company has sent this email.
Phishing
Users on your network report that they have received an email stating that the company has just launched a new website. The email asks employees to click the website link in the email and log in using their username and password. No one in your company has sent this email. What type of attack is this?
Phishing
Match the social engineering description on the left with the appropriate attack type on the right.
Phishing -An attacker sends an email pretending to be from a trusted organization, asking users to access a website to verify personal information. Whaling -An attacker gathers personal information about the target individual, who is a CEO. Spear phishing -An attacker gathers personal information about the target individual in an organization. Dumpster diving -An attacker searches through an organization's trash for sensitive information. Piggybacking -An attacker enters a secured building by following an authorized employee through a secure door without providing identification. Vishing -An attacker uses a telephone to convince target individuals to reveal their credit card
Match the social engineering description on the left with the appropriate attack type on the right.
Phishing An attacker sends an email pretending to be from a trusted organization, asking users to access a website to verify personal information. Whaling An attacker gathers personal information about the target individual, who is a CEO. Spear phishing An attacker gathers personal information about the target individual in an organization. Dumpster diving An attacker searches through an organization's trash for sensitive information. Piggybacking An attacker enters a secured building by following an authorized employee through a secure door without providing identification. Vishing An attacker uses a telephone to convince target individuals to reveal their credit card information.
Which of the following are example of Type II authentication credentials
Photo ID and smart card.
What topology is used with 100BaseTX Fast Ethernet networks?(2 answers)
Physical star/logical bus Physical star/logical star
What topology is used with 100BaseTX Fast Ethernet networks?(2 answers)
Physical star/logical bus, Physical star/logical star
Match the authentication factor types on the left with the appropriate authentication factor on the right.
Pin Something you know Smartcard something you have Password Something you know Retina scan Something you are Fingerprint scan Something you are Hardware token Something you have User name Something you know Voice récognition Something you are WI-FI triangulation Somewhere you are Typing behaviors Something you do
Listed below are several DNS record types. Match the record the on the left with its function on the right.
Points a hostname to an IPv4 A Provides alternate names to hosts that already have a host record. CNAME Points an IP address to a hostname PTR Points a hostname to an IPv6 address AAAA identifies servers that can be used to deliver mail. MX
You want to connect your client computer to a wireless access point connected to your wired network at work. The network administrator tells you that the access point is configured to use WPA2 Personal with the strongest encryption method possible. SSID broadcast is turned off. Which of the following must you configure manually on the client? (Select three.)
Preshared key AES SSID WPA2 Personal uses a shared key for authentication. Once authenticated, dynamic keys are generated to be used for encryption. WPA2 supports AES and TKIP encryption, with AES being the stronger encryption method. With the SSID broadcast turned off, you will need to manually configure the SSID on the client.
Which of the following are advantages of using the Spanning Tree Protocol (STP) in network segmented bridges?
Prevents message loops from forming Identifies the optimal path between network devices. Lets you provide redundancy by using more then one connection between devices, making your network more reliable.
You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the Internet. From your work office, you can try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the Internet. Why can't you access the server?
Private addresses are not accessible through the Internet.
You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the Internet. From your work office, you try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the Internet. Why cant you access the server?
Private addresses are not accessible through the Internet.
You have a small network at home that is connected to the Internet.On your home network you have a server with the IP address of 192.168.55.199/16.All computers on your home network can connect to the Internet. From your work office,you try to access your home computer using its IP address,but are unable to communicate with the server.You are able to connect other hosts on he Internet Why can't you access the server?
Private addresses are not accessible through the Internet.
Besides protecting a computer from under voltage, a typical UPS also performs which two actions.
Protects from over voltage Conditions the power signal
You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use?
Protocol analyzer.
Private cloud
Provides cloud services to a single organization
Public cloud
Provides cloud services to just about anyone
Your computer has an IP address of 161.13.5.15. Your computer is on a:
Public Network
You computer has an IP address of 161.13.5.15. Your computer is on a:
Public network
Your computer has an IP address of 161.13.5.15.You computer is on a:
Public network
How can an organization help prevent social engineering attacks?
Publish and enforce clearly written security policies //Educate employees on the risks and countermeasures
What tool should you use to extend network services beyond demarc?
Punchdown tool A demarc is the location where the local network ends and the telephone company's network begins. This location is usually at a punch down block in a wiring closet. You use a punchdown tool to attach wires to the punch down block.
What is the main difference between RIP and RIPv2?
RIP is a classful protocol, while RIPv2 is a classless protocol.
You are working with 25 pair wires and 66 blocks. You have pushed the wires onto the 66 block, but now need to cut off the excess end of each wire. Which tool should you use?
Punchdown tool Use a punchdown tool to push into 66 or 110 blocks and cut wires at the same time. The punchdown tool has a blade on one side that cuts off the excess wires. Use snips to cut cables or wires. However, a punchdown tool would be easier to use for this task than wire snips. Use a cable stripper to remove the plastic covering for a cable. Note: When making drop cables or using punchdown blocks, do not remove the plastic covering for individual wires. Use a butt set to connect to phone lines to monitor, make, or answer phone calls.
You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accessible to Internet users. The Web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the servers? (Select two.)
Put the database server on the private network. Put the Web server inside the DMZ.
You have used firewalls to create a demilitarized zone. You have a Web server that need to be accessible to Internet users. The web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to bet protect the servers?
Put the web server inside the DMZ Put the database server on the private network.
Your network conducts training sessions for high-profile clients. As part of the training, clients connect to get a video feed of the instructor and other class activities. You want to make sure that video traffic related to the training is not delayed on the network. Which solution should you implement?
QoS
When analyzing assets, which analysis method assigns financial values to assets? Acceptance Quantitative Qualitative Transfer
Quantitative
What is the main difference between RIP and RIPv2?
RIP is a classful protocol,while RIPv2 is a classless protocol.
Which of the following is a platform independent authentication system that maintains a database of user accounts and passwords that centralizes the maintenance of those accounts?
RADIUS The Remote Authentication Dial-In User Service (RADIUS) is an authentication system that allows the centralization of remote user account management.
Which type of device is required to implement port authentication throughout a switch?
RADIUS Server
Which of the following protocosl has a limit of 15 hops between any two networks?
RIP
Which of the following connector types are used with UTP cables? (Select two)
RJ45 RJ11 Both RJ11 and RJ45 connectors are used with UTP (unshielded twisted pair) cables. BNC and F-Type connectors are used with coaxial cables. SC connectors are used with fiber optic cables.
The immediate preservation of evidence is paramount when conducting a forensic analysis. Which of the following action is most likely to destroy evidence?
Rebooting the system
The immediate preservation of evidence is paramount when conducting a forensic analysis. Which of the following actions is most likely to destroy critical evidence?
Rebooting the system
Proxy Server
Receives the client's request, and sends it out to the internet. Acts as a middle-man.
Which phase or step of security assessment is a passive activity
Reconnaissance
QoS provides which of the following on a network?
Reduces latency of time-sensitive traffic
What is the primary security feature that can be designed into a network's infrastructure to protect and support availability?
Redundancy
What is the primary security feature that can be designed into a networks infrastructure to protect and support availability?
Redundancy
Even if you perform regular backups, what must be done to ensure that you are protected against data loss?
Regularly test restoration procedures
You need to find out what kind of laws might apply to the design and operation of your network which type of document would you consult? Baseline Procedure Policy Regulation
Regulation
You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around the facility you note the following: When you enter the facility, a receptionist greets you and directs you down the hallway to the office manager's cubicle. The receptionist uses a notebook system that is secured with a cable lock. The office manager infroms you that the organizations servers are kept in a locked closet. Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access the closet. She informs you that the server backups are configured to run each night. A rotation of external usb hard drisks are used a backup media You notice the orgnaization's network switch is kept in an empty cubicle adjacent to the office managers workspace You notice that a router/firewall/content filter all in one device has been implemented in the server closet to protect the internal network from external attacks. Which security related recommendations should you make to this client?
Relocate the switch to the locked server closet Control access to the work area with locking doors and card readers
You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: • When you enter the facility, a receptionist greets you and directs you down the hallway to the office manager's cubicle. The receptionist uses a notebook system that is secured to her desk with a cable lock. • The office manager informs you that the organization's servers are kept in a locked closet. Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access the closet. • She informs you that server backups are configured to run each night. A rotation of external USB hard disks are used as the backup media. • You notice the organization's network switch is kept in an empty cubicle adjacent to the office manager's workspace. • You notice that a router/firewall/content filter all-in-one device has been implemented in the server closet to protect the internal network from external attacks. Which security-related recommendations should you make to this client? (Select two.)
Relocate the switch to the locked server closet. Control access to the work area with locking doors and card readers.
You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: • When you enter the facility, a receptionist greets you and directs you down the hallway to the office manager's cubicle. The receptionist uses a notebook system that is secured to her desk with a cable lock. • The office manager informs you that the organization's servers are kept in a locked closet. Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access the closet. • She informs you that server backups are configured to run each night. A rotation of external USB hard disks are used as the backup media. • You notice the organization's network switch is kept in an empty cubicle adjacent to the office manager's workspace. • You notice that a router/firewall/content filter UTM device has been implemented in the server closet to protect the internal network from external attacks. Which security-related recommendations should you make to this client? (Select two.)
Relocate the switch to the locked server closet. Control access to the work area with locking doors and proximity readers.
You often travel away form the office. While traveling, you would like to use a modem on your laptop computer to connect directly to a server in your office and access files on that server that you need. You wan the connection to be as secure as possible. Which type of connection will you use?
Remote Access
You recently discovered several key files of your antivirus program have been deleted. You suspect that a virus has deleted the files. Which type of virus deletes key antivirus program files?
Retro
Your company security policy states that wireless networks are not to be used because of the potential security risk the present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?
Rogue access point
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?
Rogue access point
Workstation -> Router Config Port. What cable?
Rollover
You have purchased a new router that you need to configure. You need to connect a workstation to the router's console port to complete the configuration task. Which type of cable would you most likely use?
Rollover
You have heard about a new malware program that presents itself to user as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to various system components. The program then tracks system activity and allows an attacker to remotely gain administrator access to the computer. Which of the ff. terms best describes this software?
Rootkit
You have heard about a new malware program that presents itself to users as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to various operating system components. The program then tracks system activity and allows an attacker to remotely gain administrator access to the computer. Which of the following terms best describes this software?
Rootkit A rootkit is a set of programs that allows attackers to maintain permanent, administrator-level, hidden access to a computer. Rootkits require administrator access to install, and typically gain this access using a Trojan horse approach--masquerading as a legitimate program to entice users to install the software.
Which process reduces the size of the routing table by advertising a single route as the destination for a group of contiguous subnets?
Route summarization
Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet?
SSH SSH (Secure Shell) allows for secure interactive control of remote systems. SSH uses RSA public key cryptography for both connection and authentication. SSH uses the IDEA algorithm for encryption by default, but is able to use Blowfish and DES.
Which security protocols use RSA encryption to secure communications over an untrusted network? (Select two.)
Secure Sockets Layer Transport Layer Security
Which of the following mobile device security consideration will disable the ability to use the device after a short period of inactivity?
Screen lock
You want to use CCTV as a preventative security measure. Which of the following is a requirement for your plan?
Security guards
A switch receives a frame addressed to the MAC address FF:FF:FF:FF:FF:FF. What will the switch do with the frame?
Send it out all ports except for the port it was received on
One of the components of Simple Network Management Protocol (SNMP) is an alert. Which of the following best describes an SNMP alert?
Sends a message via email or SMS when an event occurs
What does the MAC method use to control access?
Sensitivity labels
Which of the following protocols is used during the call control process of multimedia communications?
Session Initiation Protocol
Mobile devices in your organization us the access point shown in the figure below to connect to your wireless network. what should you do. select two
Set the channel used by access pint B to 8 Set the access point B to sue 802.11n wireless network
Physical (Layer 1)
Sets standards for sending and receiving electrical signals between devices.
You work as the IT Administrator for a small corporate network. You are creating a share for the H:\Components folder on the CorpFiles12 file server. Research and Development department employees need to store programming components in the shared folder. You want to secure the data in the folder as follows: - Members of the Research Resources group should have full control over this folder. - All other users should be able to view the contents of the folder. -Permissions should apply to both network access through the share and local access.
Share a folder using file explorer: Click CORPSERVER, click CorpFiles12 and select connect. On the taskbar, select file explorer Navigate to the folder you want to share, R click the folder and select properties, on the sharing tab click advanced sharing Select share this folder, in the share name field, type the name to be used when accessing the shared folder. To make the share hidden end the name with a dollar sign ($) If desired, type a comment for the share. If you want to limit the number of users that and concurrently connect to the shared folder, specify a number of users in "Limit the number of simultaneous users to:" Click ok to close advanced sharing. Configure Shared Folder Permissions: From the sharing tab, click advanced sharing, click permissions, select security principal and check or uncheck the desired permissions. click ok. Configure NTFS permissions: From the security tab, click edit. Click add, if necessary, click locations and select the location where windows will look for security principals. Enter the name of each security principal that will receive permission to the folder. or click advanced then Find Now to select security principals from a list. Click ok. Check or uncheck desired permissions. click ok
Which type of social engineering attack uses peer pressure to persuade someone to help an attacker?
Social validation
toner probe
Sometimes called a fox and hound, this allows you to place a tone generator at one end of the connection (for example, in someone's office) and use a probe on the punch-down block to audibly detect to which pair of wires the tone generator is connected.
What is modified in the most common form of spoofing on a typical IP packet?
Source address
You have just installed a packet-filtering firewall on your network. Which options will you be able to set on your firewall? (Select all that apply.)
Source address of a packet Port number Destination address of a packet
An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware. What kind of attack has occurred in this scenario?
Spam
Which of the following features are common functions of an all-in-one security appliance? (Select two.)
Spam filtering Bandwidth shaping
Which of the following features dynamically places switch ports in blocking or forwarding states?
Spanning tree
You manage a network that uses multiple switches. You want to provide muliple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support?
Spanning tree
Which of the following are characteristics of a packet filtering firewall?
Stateless Filters IP address and port
You are the network administrator for a small company that implements NAT to access the Internet. However, you recently acquired 5 servers that must be accessible from outside your network. Your ISP has provided you with 5 additional registered IP addresses to support these new servers but you don't want the public to access these servers directly. You want to place these servers behind your firewall on the inside network yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these 5 servers?
Static
You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.138.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal website. What should you use to allow access?
Static NAT
You have a small network at home that is connected to the Internet.On your home network you have a server with the IP address of 192.168.55.199/16.You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal Web site. What should you use to allow access?
Static NAT
Which type of virus intercepts system requests and alters service outputs to conceal its presence?
Stealth
You manage a subnet that uses the following subnet address: 198.162.1.0/23. Which of the following best describes how addressing is configured for the subnet?
Supernetting.
You manage a subnet that uses the following subnet address: 198.162.1.0/23. Which of the following best describes how addressing is configured for the subnet?
Supernetting.
You are a network administrator for your company. A user calls and tells you that after stepping on the network cable in her office, that she can no longer access the network. You go to the office and see that one of the user's stiletto heels has broken and exposed some of the wiring in the Cat 5 network cable. You make another cable and attach it from the wall plate to the user's computer. What should you do next in your troubleshooting strategy?
Test the solution.
Match each troubleshooting command on the left with its function on the right. each utility may be used one, more than once, or not at all
Tests connectivity between two network hosts by sending IPv4 ICMP echo requests packets without modifying the TTL parameters/Ping Computes lost/sent packet statistics for each hop in the route between two hosts/ Pathping Used on Linux systems to identify the route between two IPv6 hosts/ Tracetroute6 Used on Windows systems to identify the route between two IPv4 hosts/ Tracert Tests connectivity IPV6/
If dynamic DNS is being used, which of the following events will cause a dynamic update of the host records?
The DHCP server renews an ip address lease The ipconfig/release command is entered on a workstation.
You have a small network connected to the Internet as shown in the Exhibit. You need to configure the default gateway address on Wrk1 so that it can communicate with the hosts on the Internet. Which address would you use for the default gateway address?
The IP address assigned to Fa0/0 on Router 1
Your company is a small start-up company that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides Internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented?
VLAN
Your organization uses an 802.11b wireless network. Recently other tenets installed the following equipment in your building....
The wireless tv system
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the identity of the user to the target system?
Ticket The tokens used in Kerberos authentication are known as tickets. These tickets perform a number of functions including notifying the network service of the user who has been granted access, and authenticating the identity of the person when they attempt to use that network service.
Which of the following are used when implementing Kerberos for authentication and authorization?
Ticket granting server Time Server
Which of the following are used when implementing Kerberos for authentication and authorization? Select two
Time server Ticket granting server
What is the primary purpose of gateway redundancy?
To overcome a single point of failure on the next hop router
Why should backup media be stored offsite?
To preven the same disaster from affecting both the network and the backup media
Which of the following is a good reason to install a firewall?
To prevent hackers from accessing your whole network.
Which security protocols use RSA encryption to secure communications over an untrusted network? (Select two.)
Transport Layer Security Secure Sockets Layer
You just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card to gain access. You backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with a username of admin and a password of admin. You used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? (Select two.)
Use an SSH client to access the router configuration. Change the default administrative username and password.
What is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment but which actively prevents re-entrance through the exit portal?
Turnstiles Turnstiles allow easy egress from a secured environment but actively prevent re-entrance through the exit portal. Turnstiles are a common exit portal used in conjunction with entrance portal mantraps. A turnstile cannot be used to enter into a secured facility as it only functions in one direction.
You are the network administrator for a growing business. When you were initially hired, the organization was small and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device's console. However, the organization has grown considerably in recent months. You now must manage 8 individual switches and three routers. It's becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner. What should you do?
Use syslog to implement centralized logging.
You manage a network with a single switch. All hosts connect to the network through the switch. You want to increase the security of devices that are part of the accounting department. You want to make sure that broadcast traffic sent by an accounting computer is only received by other accounting computer , and you want to implement ACLs to control traffic sent to accounting computers through the network. What should you do? Configure MAC address filtering on the switch for the accounting computers Implement NAC with 802.1x authentication for the accounting computers. Configure a VLAN on the switch for the accounting computers. Use a router to configure a subnet for the accounting computers.
Use a router to configure a subnet for the accounting computers.
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires and ID card to gain access...What should you do to increase the security of this device?
Use a stronger administrative password
You have 5 salesmen who work out of your office and who frequently leave their laptops laying on their desk in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best protection to implement to address your concerns?
Use cable locks to chain the laptops to the desks
You have 5 salesmen who work out of your office and who frequently leave their laptops laying on their desk in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best protection to implement to address your concerns?
Use cable locks to chain the laptops to the desks
You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users. Which solution should you use?
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.
Which of the following methods would you use to create a crossover cable?
Use the T568A standard on one connector, and the T568B standard on the other connector. The easiest way to create a crossover cable is to arrange the wires in the first connector using the T568A standard and arrange the wires in the second connector using T568B standard. A crossover cable connects the transmit pins on one connector to the receive pins on the other connector (pin 1 to pin 3 and pin 2 to pin 6).
Your company is a small start-up that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented.
VLAN
You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?
VLAN Define virtual LANs (VLANs) on the switch. With a VLAN, a port on the switch is associated with a VLAN. Only devices connected to ports that are members of the same VLAN can communicate with each other. Routers are used to allow communication between VLANs if necessary.
You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to a switch. You want to allow visitors to plug into these ports to gain Internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and Internet access. Which feature should you implement?
VLANs
You manage a network that uses a single switch. All ports within your buildings connect through he single switch . Which feature should you implement?
VLANs
You need to keep users in all other departments from accessing the servers used by the finance department. Which of the following technologies should you use to logically isolate the network?
VLANs
You manage a server at work that has just been configured with a new application. Consequently, the server has crashed several times during the last week. you think you have the problem resolved, but you would like to be able to manage the server remotely in case there is a problem Which of the following protocols would you use for remote management? select two
VNC ICA
You have a group of salesmen who would like to access your private network through the Internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?
VPN concentrator
Which of the following protocols provide gateway redundancy?
VRRP GLBP HSRP
Which of the following CCTV camera types lets you adjust the distance that the camera can see?
Varifocal
You have just received a generic-looking email that is addressed as coming from the administrator of your company. The email says that as part of a system upgrade, you are to go to a website and enter your username and password at a new website so you can manage your email and spam using the new service. What should you do?
Verify that the email was sent by the administrator and that this new service is legitimate
You manage the information systems for a large co-location data center. Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?
Verify that your network's existing security infrastrucutre is working properly. Install the latest firmware updates from the device manufacturer
You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building closet on the main floor. You have a wiring closet on the two remaining fllors directly above the wiring closet on the main floor. What woud you use to connect the wiring closets together?
Vertical cross connect A vertical cross connect connects the main distribution frame (MDF) on the main floor to intermediate distribution frames (IDFs) on upper floors. Cabling runs vertically (up and down) between the MDF and the IDFs. A horizontal cross connect connects IDFs on the same floor. Cabling runs horizontally (sideways) between the IDFs. A smartjack is a special loopback plug installed at the demarcation point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc. A demarc extension extends the demacation point from its original location to another location within the building.
Which of the following statements about virtual NICs are true?
Virtual NICs need the appropriate driver installed to function. Multiple virtual NICs can be added to a virtual machine.
You have configured a virtual network that includes the following virtual components: *Four virtual machines (Virtual OS 1, Virtual OS 2, etc.) *One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Give the port configuration for the virtual switch and the physical switch in the table below, click on on all of the virtual and physical machines Virtual OS 1 can communicate with.
Virtual OS 2 Virtual OS 3
You have configured a virtual network that includes the following virtual components: *Four virtual machines (Virtual OS 1, Virtual OS 2, etc.) *One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Give the port configuration for the virtual switch and the physical switch in the table below, click on on all of the virtual and physical machines Virtual OS 1 can communicate with. Virtual Switch - P1 - Virtual OS 1- Virtual Network1 P2 - Virtual OS 2 - Virtual Network2 P3 - Virtual OS 3 - Virtual Network1 P4 - Virtual OS 4 - Virtual Network2 P5 - Virtual Switch - Virtual Network1, Physical Network Physical Switch P1 - Physical Switch - Physical Network P2 - Physica OS1 - Physical Network P3 - Physica OS2 - Physical Network P4 - Physica OS3 - Physical Network P5 - Physica OS4 - Physical Network
Virtual OS 3 Physical OS 1 Physical OS 2 Physical OS 3 Physical OS 4
punch-down tool
When terminating wires on a punch-down block (for example, a 110 block), you should use a this, which is designed to properly insert an insulated wire between two contact blades in a punch-down block, without damaging the blades.
When would choosing to do nothing about an identified risk be acceptable? When the threat is likely to occur less than once a year When the asset is an intangible asset instead of tangible asset When the cost of protecting the asset is greater than the potential loss when the threat is most likely to come from an internal source instead of an external source
When the cost of protecting the asset is greater than the potential loss
BERT
When troubleshooting a link where you suspect a high bit-error rate (BER), you can use this which contains both a pattern generator (which can generate a variety of bit patterns) and an error detector (which is synchronized with the pattern generator and can determine the number of bit errors) and can calculate a BER for the tested transmission link.
Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.
White box test The tester has detailed information about the target system prior to starting the test. Grey box test The tester has the same amount of information that would be available to a typical insider in the organization. Black box test The tester has no prior knowledge of the target system. Single blind test Either the attacker has prior knowledge about the target system, or the administrator knows that the test is being performed. Double blind test The tester does not have prior information about the system and the administrator has no knowledge that the test is being performed.
The power supply in a tower server system has malfunctioned. To get the server back on line, you decide to open the server case and open it. You place the server on a static mat. ground the server's case to the mat. and then ground yourself to the mat with a wristband. Next, you remove the power supply unit from the server and open it up. To identify which component has failed. you plug in the power supply to the wall outlet and then use a multi meter to test the various components within it. Which safety rules were violated in this scenario?(select two.) You should unplug a device from the wall outlet before connecting yourself to it with a static wristband You should never open a computer supply. You should never use a static wristband when working on computer systems you should never use a static mat when working on computer systems. A toner probe should be used to test a power supply, not a multi meter
You should unplug a device from the wall outlet before connecting yourself to it with a static wristband You should never open a computer supply.
In which of the following situations would you most likely implement a demilitarized zone (DMZ)?
You want to protect a public Web server from attack.
In which of the following situations would you use port security?
You want to restrict the devices that could connect through a switch port.
You have just downloaded a file. You created a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file?
Your copy is the same as the copy posted on the website
You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file?
Your copy is the same as the copy posted on the website. A hash is a function that takes a variable-length string (message) and compresses and transforms it into a fixed-length value. Hashes ensure the data integrity of files and messages in transit. The sender and the receiver use the same hashing algorithm on the original data. If the hashes match, then the data can be assumed to be unmodified. Hashes do not ensure confidentiality (in other words, hashes are not used to encrypt data).
Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack?
Zero knowledge team
Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack?
Zero knowledge team A zero knowledge team is a penetration testing team which most closely simulates a real-world hacker attack as they must perform all of the initial blind reconnaissance.
Which of the following is an example of a strong password?
a8bT11$yi (a strong password should not contain dictionary words or any part of the login name. They should include upper-and lower-case letters, and symbols. In addtioin, longer passwords are stronger than shorter passwords.
To optimize your network, you want to configure your wireless AP to use a channel that meets the following criteria. non-overlapping, low utilization, low interference.
channel 1
You are in the process of configuring an iSCSI storage area network (SAN) for your network.... Which tool should you use?
iSCSI Initiator
Your wireless network consists of multiple 802.11n access points that are configured as follows... what should you do
implement antenna diversity
You need to place a wireless access point in your two-story building. While trying avoid interference, which of the following is the best location for the access point?
in the top floor
Which of the following utilities would you use to view the routing table?
route.
Which TCP/IP utility gives you the following output? 2 14 ms <10 ms 14 ms Loopback0.GWI.SLT1.ALTER.NET [137.39.2.123] 3 14 ms <10 ms 13 ms 122.at-6-0-0.XR1.SLT4.ALTER.NET [152.63.91.86] 4 <10 ms 14 ms <10 ms 0.so-0-1-0.TL1.SLT4.ALTER.NET [152.63.1.210] 5 41 ms 41 ms 41 ms 0.so-7-0-0.TL1.PQR3.ALTER.NET [152.63.32.41] 6 42 ms 41 ms 41 ms 0.so.6-0-0.XL1.SEA1.ALTER.NET [152.63.38.82] 7 41 ms 41 ms 41 ms PQS6-0.GW11.SEA1.ALTER.NET [152.63.107.17]
tracert.