Networks practice questions
An Active Directory administrator is trying to identify the primary authoritative name server. What can they check to find this?
SOA The Start of Authority (SOA) record identifies the primary authoritative name server that maintains complete resource records for the zone.
What is a secure replacement for Telnet?
SSH (Secure Shell)
What protocols provide protection against switching loops?
STP
What refer(s) to the POP3S encrypted communication?
Secure Sockets Layer (SSL) TCP port 995 Transport Layer Security (TLS)
A network technician is installing sensors to measure environmental conditions in an equipment closet. A sensor is attached to the fire suppression system. What will this sensor detect?
Flooding
Which of the following policies applies to any requests that fall outside the criteria defined in an ACL?
Implicit deny policy
Character encoding, data compression, and encryption/decryption take place at which OSI layer?
In the presentation layer, the data from the application layer is extracted and manipulated as per the required format to transmit over the network. Translation, encryption/decryption, and compression are some of the functions at the presentation layer.
A systems administrator establishes a failover solution while configuring network systems. What technology does the systems administrator use to accomplish this?
Port aggregation means combining two or more separate links into a single channel. The Link Aggregation Control Protocol (LACP) can autonegotiate the bonded link between the switch ports and end systems.
A network engineer suggests using a packet sniffer to capture traffic for troubleshooting purposes. What configuration on a switch allows for this capability?
Port mirroring Switched port analyzer
An engineer installs fiber cable between two buildings on a large company campus. Which type of fiber optic cable does the engineer use?
Single-mode fiber cables support data rates up to 10 Gbps or better and cable runs of many kilometers, depending on the quality of the cable and optics.
An engineer suggests running fiber cable for a project. Which type allows for a longer distance?
Single-mode fiber cables support data rates up to 10 Gbps or better and cable runs of many kilometers, depending on the quality of the cable and optics.
What application can define policy decisions on the control plane?
Software Defined Networking (SDN) A Software Defined Networking (SDN) application, or suite of applications, can be used to define policy decisions on the control plane.
The security network administrator of a company wants to ensure only authorized hosts are connecting to the network. Which options would an administrator utilize on routers and switches to provide port-based authentication for network access to devices?
The IEEE 802.1X standard defines a PNAC mechanism, which means that the switch (or router) performs some sort of authentication of the attached device before activating the port. PNAC means that the switch (or router) performs a type of authentication of the attached device before activating the port.
A network technician is troubleshooting network issues between a workstation and a virtual server running a beta application. Network performance is lacking and there seems to be issues in between the source and destination. Which command will provide the technician with the best information regarding other nodes between the workstation and the remote host?
The pathping command performs a trace route, then it pings each hop router a given number of times for a given period to determine the Round Trip Time (RTT) and measure link latency more accurately. The output also shows packet loss at each hop.
What is the correct formula for the mean time between failure?
Total operational time divided by the number of failures
OSI Layer 4: Transport - Applications
Transmits data using transmission protocols like TCP & UDP. TCP: Host to Host Flow Control. Responsible for ensuring reliable data delivery. Concept of a port number introduced. Segments.
Which protocol would a switch authenticating via 802.1x mechanisms use?
Under 802.1X, the device requesting access is the supplicant. The switch, referred to as the authenticator, enables the Extensible Authentication Protocol over LAN (EAPoL) protocol only and waits for the device to supply authentication data.
EMI shielding protects the transferred data signals from:
Outside interference Eavesdropping
What refers to a solution that replaces the classful network design?
CIDR
A user is connected to a remote desktop using the protocol WebSockets. What technology solution is the user using?
Clientless VPN also referred to as HTML5 VPN, uses a WebSockets protocol, enabling bidirectional messages between the server and client without requiring the overhead of separate HTTP requests.
IPv6 loopback address
0:0:0:0:0:0:0:1, also expressed as ::1
IPv4 Loopback Address Range
127.0.0.1 - 127.255.255.255 (127.0.0.0/8)
IPv4 multicast address block
224 - 239 Class D range
A limited IPv4-to-IPv6 transition mechanism that allows for encapsulation of IPv6 packets in IPv4 packets transmitted over IPv4 networks is referred to as:
6to4
A network administrator is trying to set up IP assignments to be automatic for all broadcast domains. How can they enable this for routers?
A DHCP relay agent can be configured to provide forwarding of DHCP traffic between subnets. Routers that can provide this type of forwarding are described as RFC 1542 compliant.
What illustrates the network architecture of a group of interconnected network equipment without involving a precise layout?
A logical network diagram illustrates the network architecture of a company's network equipment without necessarily involving a specific floor plan or layout.
What kind of tool can a network administrator run to measure the network statistics of a building's network equipment?
A packet analyzer, such as NetFlow, can measure network traffic statistics, but trying to record each frame imposes a heavy processing overhead on the network tap or mirror port.
A solutions architect needs to replace their hub and spoke type designs with more efficient, but still secure, connectivity to corporate clouds. What should they use?
A software-defined WAN (SD-WAN) replaces hub and spoke type designs with more efficient, but still secure, connectivity to corporate clouds with less of the expense associated with provisioning an MPLS service to each remote location.
In IPv6, a router periodically sends a special type of message to announce its presence on the network. A mechanism that allows to filter these messages (i.e. reject those that are labeled as unwanted or rogue)is known as:
RA Guard
A vendor visits an organization to demo a network management device. As part of the hands-on demonstration, an IT engineer can see and manage an extended service set (ESS) on the network. Based on the engineer's experience with the device, what is the vendor demonstrating?
A wireless controller is a hardware device or software application which can centralize the management function of a wireless network. An extended service set is defined in a wireless network.
An attacker used a malicious host with a spoofed physical address to perform cache poisoning and perpetuate an on-path attack. Which of the following can prevent these types of attacks?
ARP inspection prevents a host attached to an untrusted port from flooding the segment with gratuitous ARP replies. ARP inspection maintains a trusted database of IP:ARP mappings. DHCP snooping is a type of switch port security setting that inspects DHCP traffic arriving on access ports to ensure that a host is not trying to spoof its MAC address.
OSI Layer memorization
All People Seem To Need Data Processing
Which of the following Domain Name System (DNS) records can identify a record that is providing a network service or protocol?
An SRV (service) record is used to identify a record that is providing a network service or protocol. They are often used to locate VoIP or media servers.
A user is having trouble connecting to the company's WiFi network. They have verified that the password is correct and the network is indeed available. What could be a potential issue with the device not connecting?
An encryption protocol mismatch will cause the connection to fail, even if the correct credentials are supplied. Check OS drivers or verify authentication types/protocols on the device.
An attacker successfully connected to a corporate network's Wireless Local Area Network (WLAN) and sniffed tracking communication between hosts. The attacker then modified the traffic before relaying it elsewhere. What type of Attack is this?
An on-path attack is a specific type of spoofing attack where a threat actor compromises the connection between two hosts and transparently intercepts and relays all communications between them.
A systems administrator wants to set up IPv4 forwarding for the purposes of load balancing and failover. What should they use?
Anycast means that a group of hosts is configured with the same IP address. It allows for load balancing and failover between the server hosts sharing the IP address.
A network engineer reviews a report that makes recommendations where the network is not meeting goals for performance or security. What is the name of this report?
Audit and Assessment Report
OSI Layer 5: Session - Applications
Authentication & Authorization Responsible for opening, closing & maintains connections and is responsible for controlling ports and sessions. Synch & Send to ports (Logical Ports. Provides services for applications that need to exchange multiple messages (dialog control). Connection Maintenance. Concurrent DB Access: SQL, RPC, NFS
A type of Ethernet interface that automatically detects the required cable connection type (straight-through vs. crossover) and configures the connection appropriately is known as:
Auto MDI-X
Which types of attacks can utilize pharming, denial of service (DoS), traffic interception, and client cache corruption?
DNS poisoning compromises name resolution. It can redirect users to fraudulent sites (pharming), involve DoS attacks by directing traffic to an invalid IP, intercept and modify traffic, or pollute the client's name cache. ARP poisoning is where an attacker redirects an IP address to the MAC address of a computer that is not the intended recipient, and can be used to perform DoS, spoofing, and man-in-the-middle (MitM) attacks.
OSI Layer 1 - Physical - Devices
Cables (Copper & Fiber) Hubs Transceiver Media Converters Modems Repeater
An IT security employee discovered a rogue access point (AP) and traced the activity to a smartphone tethered to a workstation on the corporate network. What would this type of attack allow a malicious user to do?
Capture user logon attempts Perform on-path attacks Allow access to private information
A network administrator wants to protect the hosts and network infrastructure against attacks through an in-depth defensive strategy. What deploys systems in a secure configuration to harden the devices on the network and reduce the attack surface of service vulnerabilities that an attacker could exploit?
Change default system credentials. Disable unnecessary network protocols.
On the multi-floor office, the staff is deploying multiple switches and there must be multiple broadcast domains. The Layer 2 switch with a single broadcast domain requires more bandwidth as more hosts are connecting to it. How can these switches be set up to accommodate the network architecture?
Configure multiple VLANs.
Which type of encryption cipher is used in Wi-Fi Protected Access 2 (WPA2)?
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) Advanced Encryption Stand (AES)
Network switches at a small manufacturing firm use the neighbor discovery (ND) protocol. Which features will the network benefit from as a result?
Hosts can configure IPv6 addresses automatically. Hosts are allowed to discover other nodes.
A criminal enacts a phishing scheme to trick a user into clicking a malicious link. As a result, the user is no longer able to access their work files. A popup message on the computer states that without paying a fee, the files are lost forever. Which attack type has the criminal executed on the users files?
Crypto-malware Ransomware
OSI Layer 3: Network - Applications
Decides which physical path the data will take. Responsible for moving data around a network of networks, known as an internetwork or the Internet. This layer moves information around an internetwork by using logical network and host IDs. Packets: "Letter", Contains IP Address. Responsible for logical network addressing and forwarding. Internet protocol (Source & Destination IP address). Protocols: IPSec, ARP, ICMP.
OSI Layer 2: Data Link - Applications
Defines the format of Data on the Network. Responsible for transferring data between nodes. Frames "envelopes", contain Layer 2 Address (ex Source & Destination MAC Address). Packages bits of data from the Physical layer into frames. VLANS 802.3 Ethernet standards
A network engineer is noticing a lot of traffic collisions on the network. What should the engineer investigate to help lower the collision rates?
Duplex Settings
A systems administrator is attempting to set up a framework for deploying multiple types of authentication protocols and technologies. What should they use?
Extensible Authentication Protocol (EAP) provides a framework for deploying multiple types of authentication protocols and technologies.
True or False: In the context of the OSI model, the term "Data encapsulation" is used to describe a process where each layer of the OSI model adds its own control information to the original data that is being passed across the layers from the physical layer up to the application layer.
FALSE
#55: An engineer plans to configure a device as transparent, rather than non-transparent, at an organization. Which device does the engineer configure?
Firewall
What is piggybacking?
Gaining unauthorized access to restricted areas by following another person (with the consent of the authorized person.
A network engineer is configuring cellular phones for new employees. What communication-based phones use Time Division Multiple Access to declare time slots?
Global System for Mobile Communications
A working physical server is experiencing network connectivity issues after switching connections to another physical port on a basic layer 2 switch. Identify the most likely problem with the switch.
HardWare Failure A bad physical port or a hardware failure is most likely the cause of the issue, as the connection to the previous physical switch port was working fine.
OSI Layer 7: Application
Human-computer interaction layer, where the applications can access the network devices. Application-layer protocols provide an interface for software programs on network hosts that have established a communications channel through the lower-level protocols to exchange data. E-mail Programs, Web Browser, Photo Apps, Search engines. End User Layer: Program that opens what was sent or creates what is to be sent. Providing support to applications requiring network services (file transfer, printing, email, databases, and so on). End User application protocols (HTTP, DNS, SMTP, FTTP, FTP).
OSI - 7. Application
Human-computer interation layer, where the applications can access the network devices. Application-layer protocols provide an interface for software programs on network hosts that have established a communications channel through the lower-level protocols to exchange data. E-mail Programs, Web Browser, Photo Apps, Search engines. End User Layer: Program that opens what was sent or creates what is to be sent. Providing support to applications requiring network services (file transfer, printing, email, databases, and so on). End User application protocols (HTTP, DNS, SMTP, FTTP, FTP).
A solution that allows to supply electricity over standard Ethernet cables is known as:
IEEE 802.3af PoE
What is the name of a network layer protocol that specifies the format of packets and addressing scheme in network communications?
IP
#31: A cyber security technician is observing a DOS attack on the organization's network. The technician can not determine anything surrounding the attacker's identity but does notice that no data traffic is being returned to the attacker. What type of attack is this?
IP Spoofing
Which of the cable types listed below is often used to connect a computer terminal to a router's console port?
Rollover Cable
What refers to an SSL/TLS-based directory access protocol?
LDAPS
A security team is reviewing the authentication controls on the corporate network. Which of the following is an important reason for the team to implement role-based access and least privilege?
Least privilege means that a user is granted sufficient rights to perform his or her job and no more. This mitigates risk if the account should be compromised and fall under the control of a threat actor. Role-based access define organizational roles and subjects are allocated to those roles. Users gain rights implicitly (through being assigned to a role) rather than explicitly (being assigned the right directly).
A systems administrator looks to restrict access to a small LAN. How can the administrator achieve this goal when configuring a switch?
Link aggregation
A company is considering using a co-location connection with a cloud service provider to support some virtual services in its data center. This will provide the company a private and hybrid cloud model to easily move services from the local infrastructure to the cloud during peak season by using infrastructure as code tools. Which of the following network components are most likely required for hybrid solution?
MPLS Private link VLAN
Which of the following are examples of a Key Performance Indicator (KPI)?
Mean Time Between Failures (MTBF) is a Key Performance Indicator (KPI) measuring the expected lifetime of a product. This is for assets meant to be replaced versus repaired. The calculation is the total lifetime of all devices divided by the number of failures. Mean Time to Repair (MTTR) is the mean time it takes to repair assets or correct a fault to the point of restoration and recovery of network services. It is another KPI.
An IPv6 protocol performing the function of IPv4's Address Resolution Protocol (ARP) is called:
NDP
A Cisco-designed IP traffic collection method is called:
NetFlow
A host uses Internet Protocol version 6 (IPv6). The host sends a packet to another host, and a router informs the host of a better route to take. Which protocol provides this function?
One of the main functions of the Neighbor Discovery (ND) protocol is redirection, which enables a router to inform a host of a better route to a particular destination.
dedicated software tool used to monitor and examine contents of network traffic is known as:
Packet sniffer Protocol analyzer
OSI Layer 1 - Physical - Applications/Features
Providing for the transmission and receipt of data bits from node to node. This includes the network medium and mechanical and electrical specifications for using the media. Distribution Frames. 802.3 Ethernet standards. BITS.
What allows fine-grained control over traffic parameters?
Quality of Service (QoS) allows fine-grained control over traffic parameters. Protocols, such as Multiprotocol Label Switching (MPLS), provides QoS. MPLS can reserve the required bandwidth and pre-determine statistics when configuring the link.
OSI Layer 2: Data Link - Devices
Routers Layer 2 Switches Bridge WAP NICs Protocols: MIC
OSI Layer 3: Network - Devices
Routers - IP/IPX/ICMP Layer 3 Network Switches
Using a Windows server, a network admin is trying to test a remote server's network configuration and confirm the packet's routing path. Apply the information given to determine which of the following actions will provide the appropriate information for this test.
Run a ping command. Run a tracert command.
A network engineer monitors the network and follows information packets as they move through the network from hosts to endpoints. What is the engineer observing?
Sending and receiving traffic involves the movement of information within a system.
The entire office floor at a company is receiving new multi-functional phones at each office. These phones have the capability of sending and receiving regular telephone calls, text messages, and videos. Management wants to prevent as much clutter as possible so every desk looks tidy. Which of the following configurations should a network administrator implement to accommodate management's vision?
Setup PoE to connect to the phones. Setup QoS to reserve bandwidth.
Which type of VPN enables connectivity between two networks?
Site-to-site
A systems administrator troubleshoots a problematic network. In doing so, a packet sniffer captures all suspected garbage traffic from numerous source ports to a single destination port on a Cisco switch. What configuration does the systems administrator use to achieve this?
Switched port analyzer Port mirroring
A network engineer configures network connectivity. Identify how switches will work if the engineer configures the spanning tree protocol (STP).
Switches are organized into a hierarchy. Each switch determines the shortest path to the root.
An IT engineer uses the Nmap utility to document a network. The documentation will then help the engineer plan network improvements. What describes the use of Nmap for this purpose?
Systems hardening The Nmap Security Scanner is widely used for scanning remote hosts and networks, both as an auditing and a penetration testing tool. Results can be used to harden systems.
A pre-shared key (PSK) passphrase generates a 256-bit master key (MK). Distinguish which types of packet encryption can utilize the 128-bit temporal key (TK) subsequently generated by the MK.
The PSK passphrase generates a 256-bit master key (MK), which is used to generate the 128-bit temporal key (TK) for RC4/TKIP packet encryption. The PSK passphrase generates a 256-bit master key (MK), which is used to generate the 128-bit temporal key (TK) for AES/CCMP packet encryption.
An engineer troubleshoots a recent network configuration. Two switches that connect via a crossover cable can not communicate. Which statements help the engineer describe the current configuration?
The crossover cable uses T568A on one end and T568B on the other end. Transmit occurs on pins 3 and 6 of the switch
In the OSI model, Media Access Control (MAC) and Logical Link Control (LLC) sublayers are the components of which layer?
The data link layer (DLL) is responsible for the node-to-node delivery of the message. When a packet arrives in a network, it is the responsibility of DLL to transmit it to the host using its MAC address.
Mobile users in an organization complain about limited functionality in a company's headquarters. The IT staff decide to extend mobile access capabilities by widening the current wireless network. When evaluating the expansion configuration, a wireless access point media access control (MAC) address relates to which option?
The media access control (MAC) address of a wireless access point (AP) is used as the Basic Service Set Identifier (BSSID).
A network technician has been tasked with finding a solution where a leased fiber link is terminated at a demarc. Which of these solutions would accomplish that?
The most expensive solution is Fiber to the Premises (FTTP). The essential point about both these implementations is that the fiber link is terminated at the demarc.
A technology company is investigating the possibility of working with a marketing company on the development and advertising of a new product. In order to discuss the details of the product without concern that the marketing firm will share it with other technology companies, what will the technology company ask the marketing firm to sign?
The technology company will ask the marketing firm to sign a memorandum of understanding (MOU) which is a preliminary agreement to express an intent to work together and almost always have clauses stating that the parties shall respect confidentiality.
What step of the CompTIA Network+ troubleshooting methodology involves confirming a theory and determining the next steps to resolve a problem?
The third step of the CompTIA Network+ troubleshooting methodology is to test the theory to determine the cause. It involves determining the next steps if the theory is confirmed.
A network technician patches the vulnerability and verifies full system functionality after identifying a vulnerability on a network switch operating system. Justify the technician's decision to document any findings, actions, or outcomes that may have taken place during the process.
They establish a new baseline for the template. They create installation procedures.
An attacker created a rogue access point (AP) with the same Service Set Identifier (SSID) as a legitimate one, and then used a Denial of Service (DoS) technique to overcome the legitimate AP. Users were forced to disconnect from the network and reassociate with the attacker's AP. What is the goal of the attacker when setting up this kind of evil twin attack?
To steal user network credentials To snoop on connections with web servers
OSI Layer 6: Presentation - Applications
Transmits data using transmission protocols like TCP & UDP. TCP: Host to Host Flow Control. Responsible for ensuring reliable data delivery. Concept of a port number introduced. Segments.
A network specialist received a port failure notification on UDP port 162. What agent is detecting the notable event?
Traps
Which command in MS Windows displays a table consisting of IP addresses and their resolved physical addresses?
arp -a
A Linux administrator is configuring a Linux server's network interface card. The server must have a static IP (Internet Protocol) address for a Class C network. Settings must be verified. Analyze and select which commands would be most appropriate to run in this scenario. (Select all that apply.)
ifconfig eth0 netmask 255.255.255.0 ifconfig eth0 192.168.101.120 ifconfig
A Linux command-line utility for displaying intermediary points (routers) the IPv4 packet is passed through on its way to another network node is known as:
traceroute