TestOut Network Pro Master B

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

The Data Link Later of the OSI Model is comprised of two sublayers. What are they?

-LLC -MAC

Which of the following devices operate at OSI Model layer 2? (Select two)

-Network Interface Card -Switch

Which of the following fire extinguisher types poses a safety risk to users in the area? (Select two)

- CO2 - Halon

You are in the habit of regularly monitoring performance statistics for your... Which type of document should you update to reflect the change?

Baseline

You are building network cables and attaching RJ45 connectors to each end. Which tool do you need for this task? Vampire taps Crimping tool Punch down tool Needle nose pliers

Crimping tool Explanation You should use a crimping tool designed for RJ45 connectors to attach connectors to UTP cable.

You have two switches that you need to connect using their uplink ports. The switches do not support auto-MDI. Which type of cable should you use?

Crossover

You need to transfer data from one laptop to another and would like to use an Ethernet cable. You do not have a hub or a switch. Which type of cable should you use?

Crossover

You have a computer that is connected to the Internet through a NAT router. You want to use a private addressing scheme for your computer. Which of the following IP addresses could you assign to the computer?

10.0.12.15 172.18.188.67 192.168.12.253

you have two switches connected together as shown in the following diagram. How many broadcast domains are there in the network?

2

You are designing a wireless network for a client. Your client needs the network to support data rate of at least 150Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4GHz. Which 802.11 standard will work best in this situation?

802.11n

You are designing an update to your clients wireless network. The existing wireless network uses 802.11g equipment, which your client complains runs to slowly. She wants to upgrade the network to run 150Mbps or faster. Which 802.11 standard will work best in this situation.

802.11n

In a variation of the brute force attack, an attacker may use a predefined list...best addresses this issue?

A strong password policy

Using the exhibit to match the connector type on the left with the corresponding letter on the right.

A- DB-25 B- DB-9 C- RJ45 D- RJ11 E- LC F- BNC G- F-Type

RouterA is connected to RouterB through Serial1. You want to configure the link to use PPP with CHAP authentication with a password of CISCO. which set of commands would you use on RouterA to complete the configurations?

A- RouterA(config)#username RouterB password cisco

The media access control method of all Ethernet networks is

CSMA/CD

The media access control method of all Ethernet networks is __________. CSMA/CD CSMA/CA Polling Token passing

CSMA/CD Explanation Carrier sense multiple access with collision detection (CSMA/CD) is the media access control method of all Ethernet networks.

You are troubleshooting a workstation connection... drop cable connecting the computer to the network. Which type of document should you update?

Change documentation

You are troubleshooting a workstation to the network. During your troubleshooting, you replace the drop cable connecting the computer to the network. Which type of document should you update?

Change documentation.

Which type of polish grade uses green-colored connectors to help prevent using the wrong connector type?

Angled Physical Contact polish

A network switch is configured to perform the following checks on its ports. -all ARP requests -each intercepted request -if the packet has a valid Binding -if the packet has an invalid binding What security feature was enabled on the switch to accomplish this?

Dynamic ARP inspection

You have a network connected using a physical bus topology. One of the cables connecting a workstation to the bus breaks. Which of the following best describes what happens to network communications?

No device is able to communicate.

After blocking a number of ports to secure your server

Open port 25 to allow SMTP service

Which of the following are characteristics of a packet filtering firewall? (Select two.)

Filters IP address and port Stateless

Which of the following are characteristics of a circuit-level gateway? (Select two.)

Filters based on sessions Stateful

Which of the following are characteristics of a circuit-level gateway?(Select two)

Filters based on sessions AND Stateful

Which is the most common failure of a security policy in an environment?

Lack of user awareness

A SYN packet is received by a server. The SYN packet has the exact same address for both the sender and receiver addresses, which is the address of the server. This is an example of what type of attack?

Land Attack

Which TCP/IP utililty gives you the following output? route table interface list 0x1.....................................MS TCP LOOPBACK interface

Netstat-r

Which of the following are true of a circuit proxy filter firewall?(Select two)

Operates at the Session Layer AND Verifies sequencing of session packets

Which of the following devices is used on a LAN and offers guaranteed bandwidth to each port? Router Bridge Switch

Switch Explanation A switch offers guaranteed bandwidth to each port.

A small startup company has hired

The UTM represents a single point of failure

Of the following cables, which offer the best protection against EMI?

RG-6

Which phase or step of security assessment is a passive activity

Reconnaissance

What is the primary security feature that can be designed into a networks infrastructure to protect and support availability?

Redundancy

You need to find out what kind of laws might apple to... Which type of document would you consult?

Regulation

Which of the following are used when implementing Kerberos for authentication and authorization? (Select two.)

Ticket granting server Time server

Which of the following technologies does GSM use to allow multiple connections on the same frequency?

Time division multiple access

Which of the following are used when implementing Kerberos for authentication and authorization? Select two

Time server Ticket granting server

You have an Ethernet network using the 10Base-T standard. Network devices are connected together using hubs. Which of the following is true?

The network uses half-duplex communications

While working on a Linux server, you are unable to connect to Windows Server 2003 system across the Internet.You are able to ping the default gateway on your own network, so you suspect that the problem lies outside of the local network. Which utility would you use to track the route a packet takes as it crosses the network?

Traceroute

You need to keep users in all other departments from accessing the servers used by the finance department. Which of the following technologies should you use to logically isolate the network?

VLANs

A false server intercepts communications from a client by impersonating the intended server.

Which of the following describes a man-in-the-middle attack?

Which of the following CCTV camera types lets you adjust the distance that the camera can see?

Varifocal

Awareness.

What is the primary countermeasure for social engineering?

How do switches and bridges learn where devices are located on a network?

When a frame enters a port, the source MAC address is copied from the frame header

How do switches and bridges learn where devices are located on the network?

When a frame enters a port, the source MAC address is copied from the frame header

When would choosing to do nothing about an identified risk be acceptable?

When the cost of protecting the asset is greater than the potential loss

Denial of Service attack.

Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occuring?

Smurf.

Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?

An All-in-one security appliance is best

a Remote

You manage a network that uses multiple switches. You want to provide multiple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support?

spanning tree

Which protocol uses traps to send notifications from network devices? a. SMTP b. IMAP4 c. IGMP d. SNMP e. ICMP

d. SNMP

While troubleshooting a problem on a Linux system, you run a utility that generates the following output:

traceroute

Which of the following hardware devices regenerates a signal out all connected ports without examining the frame of packet contents? (Select two)

-Hub -Repeater

F-Type connectors are typically used with cables using which of the following standards? (Select two)

-RG-6 -RG-59

In the OSI Model, which of the following functions are performed at the Presentation Layer?

-Specify data format -Encrypt and compress data

What type of cabling could be used for an Ethernet 100BaseT (100 Mbps) network? (select two)

1) Cat 6 UTP 2) Cat 5 UTP

Which of the following are advantages of using a domain to manage a network? (select two)

1) Centralized administration 2) Scalability

Which mechanisms could you use to resolve a hostname into its associated IP address? (select two)

1) DNS 2) hosts file

Which of the following are features of Basic Rate ISDN (BRI)? (select three)

1) Dial-up connection 2) Two data channels 3) One control channel

A customer has called an indicated that he thinks his neighbor is connecting to his wireless access point (AP) to use his high-speed Internet connection. Which of the following will help resolve this issue? (select two)

1) Disable SSID broadcast on the AP 2) Implement WPA2

Which of the following terms describes a group of computers and users that utilize centralized resources, administration, and security settings? (select two)

1) Domain 2) Directory

You are configuring an ADSL connection. Which of the following will be part of the configuration? (select two)

1) Filters of splitters 2) RJ-11 connectors

Which protocols are used on the Internet to transmit Web pages from Web browsers running on client workstations? (select two)

1) HTTP 2) HTTPS

Which of the following correctly describe the most common format for expressing IPv6 addresses? (select two)

1) Hexadecimal numbers 2) 32 numbers, grouped using colons

Which of the following are advantages of using fiber optic cabling for a network, as opposed to other types of cabling? (select two)

1) Immunity to electromagnetic interference 2) Greater cable distances without a repeater

Which of the following statements accurately describes how a modem works? (select two)

1) It demodulates analog data from a telephone network into digital PC data 2) It modulates digital data from the PC into analog data and transmits it on a telephone network

Which of the following are characteristics of coaxial network cable? (select two)

1) It uses two concentric metallic conductors 2) It has a conductor made from copper in the center of the cable

What is the binary format for the following decimal IP address?

100000011.00001001.1001010.01101111

What is the binary format for the following decimal IP address? 131.9.202.111 10000001.00001010.11000011.01010111 10000110.00001011.11000101.10101110 10000111.00001101.11001110.01011101 10000011.00001001.11001010.01101111

10000011.00001001.11001010.01101111 Explanation 10000011.00001001.11001010.01101111 is the binary format of the address. To convert binary to decimal, remember the following numbers: 128, 64, 32, 16, 8, 4, 2, 1 Each number represents the decimal value for a binary 1 in the corresponding position. For example, 10000000 is equal to 128, and 00010000 is equal to 16.To find the binary form of a decimal number, try to subtract each decimal value from the value in the octet. For example, for 131, you can subtract 128 leaving a remainder of 3. You can then subtract 2 and then 1. For each number you can subtract, write a 1 in the binary position of the address.

Which of the following standards is used by SONET?

10GBaseLW

Which of the following standards is used by SONET? 10GBaseER 1000BaseSX 1000BaseLX 1000BaseCX 10GBaseLW

10GBaseLW Explanation 10GBase standards ending in W are used for SONET implementations. These include 10GBaseSW (short), 10GBaseLW (long), and 10GBaseEW (extended). 10GBaseER is for extended fiber optic but not used with SONET. 1000Base standards are not used for SONET. 1000BaseCX is a copper cable specification.

You have been tasked with designing an Ethernet network. Your client needs to implement a very high-speed network backbone between campus buildings; some of which are around 300 m apart. Fiber-optic cabling has already been installed between buildings. Your client has asked that you use the existing cabling that operates at full-duplex. Which Ethernet standard meets these guidelines?(2 answers)

10GBaseSR 1000BaseSX

How many total channels are available for 802.11g wireless networks?

11

Which of the following uses metal clips placed over plastic slots for connecting individual copper wires? 25 pair 66 block 100 pair 110 block

110 block Explanation A 110 block is a punchdown block that uses metal clips fitted over plastic pins. When connecting wires using a 110 block, place the wires in the plastic slots, attach the metal clip, then punch down the connecting cable on the top of the clip. A 66 block uses metal pins for connecting wires. Wires are placed in the pins, and pins within a row are electrically connected. 25 pair and 100 pair are cable bundles that include multiple pairs of copper wires (either 25 pairs of wires or 100 pairs of wires).

A host on the network has an IP address of 129.11.99.78 using the default subnet mask. How would you identify the address and mask using CIDR notation? 129.11.99.78/24 129.11.99.78/16 129.11.99.78/8 129.11.99.78:8 129.11.99.78:24 129.11.99.78:16

129.11.99.78/16 Explanation Use 129.11.99.78/16 for the address and the mask. With CIDR notation, follow the IP address with a slash (/) and the number of bits in the mask. The default subnet mask for this address is 255.255.0.0 which uses 16 bits in the mask.A mask value of 255.0.0.0 uses 8 bits, and a mask value of 255.255.255.0 uses 24 bits.

In an IP addressing scheme using default subnet masks, which of the following IP addresses can you assign to a host? 127.0.0.1 199.45.207.0 127.35.88.92 132.70.254.15

132.70.254.15 Explanation Addresses starting with 127 are reserved and cannot be assigned to hosts. The address 199.45.207.0 is a network ID, and is therefore not assigned to a host.

Which of the following IP addresses is a valid IP address for a host on a public network?

142.15.6.1

Which of the following IP addresses is a valid IP address for a host on a public network? 192.168.16.45 10.3.125.2 142.15.6.1 172.16.254.12

142.15.6.1 Explanation A public network is a network that does not limit traffic to members of a corporation or other group. The Internet is an example of a public network. Certain sets of IP addresses are reserved for private networks only and cannot be used on public networks. They are: • 10.0.0.0 to 10.255.255.255 • 172.16.0.0 to 172.31.255.255 • 192.168.0.0 to 192.168.255.255

Which three of the following are not valid IP addresses? 45.22.156.256 116.0.0.116 1.55.254.3 132.64.32.8 145.8.260.7 257.0.122.55 122.0.0.0

145.8.260.7 257.0.122.55 Explanation IP addresses have a value between 0 and 255 within each octet. In this list, 45.22.156.256, 145.8.260.7, and 257.0.122.55 are not valid IP addresses.

Which of the following IP address ranges is reserved for Automatic Private IP Addressing?

169.254.0.2 - 169.254.255.254

What is the decimal format for the following binary IP address?

206.58.170.67

What is the decimal format of the following binary IP address? 11001110.00111010.10101010.01000011 238.90.202.99 206.58.170.67 190.42.154.51 205.57.169.66

206.58.170.67 Explanation 206.58.170.67 is the decimal form of the IP address. To convert binary to decimal, remember the following numbers: 128, 64, 32, 16, 8, 4, 2, 1 Each number represents the decimal value for a binary 1 in the corresponding position. For example, 10000000 is equal to 128, and 00010000 is equal to 16. To find the decimal form of a binary number, add up each decimal equivalent for each 1 bit in the address. For example, the number 11001110 would be: 128 + 64 + 8 + 4 + 2 = 206.

How many total channels are available for 802.11a wireless networks?

23

You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the main floor. You need to connect the two wiring closets. Which of the following are typically used to connect the two wiring closets? (Select two.) Demarc extension 25 pair Horizontal cross connect Smart jack Vertical cross connect

25 pair Horizontal cross connect Explanation A horizontal cross connect connects wiring closets on the same floor. 25 pair or 100 pair wiring punched down into 66 or 110 blocks are often used to connect the wiring closets together. A vertical cross connect connects the IDF to the MDF on a different floor. The demarcation point (demarc) is the line that marks the boundary between the telco equipment and the private network or telephone system. A demarc extension extends the demarcation point from its original location to another location within the building. A smart jack is a special loopback plug installed at the demarcation point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc.

You have been told to assign the IP address 21.155.67.188 to a host on the network using the default subnet mask. Which mask should you use? 21.155.0.0 255.255.0.0 21.155.67.0 255.0.0.0 255.255.255.0 21.0.0.0

255.0.0.0 Explanation The default subnet mask for this address is 255.0.0.0. The address is a class A address, which begins with a number between 1 and 126 in the first octet. 21.0.0.0 is the subnet address. 255.255.0.0 is the default subnet mask for a class B address,and 255.255.255.0 is the default subnet mask for a class C address.

You've enabled Remote Desktop on a Windows workstation. Which port must be opened in the server's firewall to allow remote clients to access the desktop?

3389

Which of the following tunneling methods is used to send IPv4 traffic through an IPv6 network?

4-to-6 tunneling

Your network follows the 100BaseFX specifications for Fast Ethernet, and uses halfduplex cable. What is the maximum cable segment length allowed? 100 meters 412 meters 550 meters 1,000 meters 2,000 meters

412 meters Explanation For 100BaseFX, halfduplex, multimode cable has a maximum segment length of 412 meters. 1000BaseSX and 1000BaseLX support multimode cable up to 550 meters. 10BaseFL supports fiber optic cable between 1,000 and 2,000 meters.

To increase security on your company's internal network

443

Which of the following ports are used with TACACS ?

49

What is the frequency of 802.11a networking?

5.75GHz

What is the recommended humidity level for server rooms?

50%

You want to maintain security on your internal network

53

Which of the following are valid IPv6 IP addresses?

6384:1319:7700:7631:446A:5511:8940:2552 141:0:0:0:15:0:0:1

What is recommended humidity level for several rooms?

70%

Which wireless standard operates at up to 54 Mbps to a maximum of 150 feet?

802.11a

You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54Mbps. In addition, the client already has a wirelesss telephone system installed that operates 2.4GHz. Which 802.11 standard will work best in this situation?

802.11a

Which IEEE standard describes wireless communications?

802.11b

After installing a new 2.4GHz cordless phone system in your office, you notice that wireless network performance is adversely affected. Which of the following wireless networking standards are you most likely to be using? (Select two.)

802.11b 802.11g

You are designing an update to your clients wireless network. The existing network uses 802.11b. Due to budget, which 802.11 standard will work best.

802.11g

You have been contacted by OsCorp to recommend a wireless solution.

802.11g

Which of the following specifications identify security that can be added to wireless networks? (Select two.)

802.11i 802.1x Standards described in 802.11i have been implemented in Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2). 802.1x is an authentication protocol that can be used on wireless networks.

In virtualization, what is the role of a hypervisor?

A hypervisor allows virtual machines to interact with the hardware without going through the host operating system.

Which of the following are typical components of a NAS device? select two

A minimal network OS. One or more NICs.

Which of the following is the best definition for a LAN?

A network in a small geographic area, like in an office

An all-in-one security appliance is best suited for which type of implementation?

A remote office with no on-site technician.

Which of the following information are you likely to find in a policy document?

A requirement for using encrypted communication for Web transactions.

Which of the following information are you likely to find in a policy document?

A requirement for using encrypted communications for web transactions

Which type of configuration would you use if you wanted to deploy 802.11n technology to communicate directly between two computers using a wireless connection?

Ad hoc

Your Cisco router has three

Add a permit

You have a network connected using a physical star topology. One of the drop cables connecting a workstation is removed. Which of the following best describes what happens to network communications?

All devices except the device connected to the drop cable will be able to communicate.

What Security Practice is an example of the Principle of Least Privilege?

All users on a Windows workstation are limited users except for one user who is responsible for maintaining the system.

Which of the following are characteristics of TACACS +? select two

Allowing for a possible of three different servers, one each for authentication, authorization, and accounting. Uses TCP.

Which of the following describes how access lists

An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.

Which of the following describes how access lists can be used to improve network security?

An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.

Denial of Service.

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?

You are implementing a SOHO network for a local business. The ISP has already installed and connected a cable modem in the business. The business has four computers that need to communicate with each other and the internet. You examine each computer and notice only one of the four has a wireless NIC; they all have ethernet NICs. What should you purchase.

An unmanaged switch and Cat5e cabling

You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat6e cable to connect the wiring closet to the shipping building. Which of the following are you most likely to experience?

Attenuation.

Which of the following routing protocols is used by routers on the Internet for learning and sharing routes? EIGRP BGP RIP ISIS OSPF

BGP Explanation BGP is the protocol used on the Internet: ISPs use BGP to identify routes between ASs. Very large networks can use BGP internally, but typically only share routes on the Internet if the AS has two (or more) connections to the Internet through different ISPs. RIP is used on small private networks, while OSPF and EIGRP are used on larger private networks. ISIS is used on very large private networks and within the Internet Service Provider (ISP) network.

You are working with an older 10Base2 Ethernet network. Which of the following connector types will you most likely encounter?

BNC

Which of the following is an important aspect of evidence gathering?

Backing up all log files and audit trails

You are concerned about the amount of traffic that passed through a router on your network. You want to see how the amount of traffic has changed over time. Which document would help in identifying past average network traffic?

Baseline.

You are in the habit of regularly monitoring performance statistics for your devices. You find that this month a specific server has averaged a higher number of active connections than last month. Which type of document should you update to reflect the change?

Baseline.

A user reports that his machine will no longer boot properly. After asking several questions to determine the problem you suspect the user unknowingly downloaded malware from the internet, and the malware corrupted the boot block. Based on your suspicions, what actions could you take to correct the problem? (2)

Boot from the Windows 7 installation DVD and use the Recovery Environment to run a startup repair. // Reimage the machine

Which of the following topologies connects all devices to a trunk cable?

Bus

Which of the following cable types often includes a solid plastic core?

Cat6

Which type of network medium is used by an Integrated Services Digital Network (ISDN) adapter?

Copper telephone wire

How can a criminal investigator ensure the integrity of a removable media device found while collecting evidence?

Create a checksum using a hashing algorithm

What function is performed by the TMP?

Create a hash of system components

Which of the following is an example of privilege escalation?

Creeping privileges

You have a network that occupies the top floor of a three story building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. What would you use to relocate the WAN line into a wiring closet on your floor?

Demarc extension

Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?

Denial of service attack

Which of the following can be used to stop piggybacking that has been occurring at the front entrance where employees should swipe their smart cards to gain entry?

Deploy a mantrap

You manage the two-location network shown in the exhibit. Workstations and servers at each location connect to a patch panel using behind-the-wall wiring. The patch panel.... Drag the cable type on the left to the most appropriate network location on the right.

Drop Cables Cat6 straight-through UTP Patch Cables Cat6 straight-through UTP Uplink Cables Cat6 crossover UTP WAN Cable Single-mode fiber optic

A router is connected to a network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. There is no default route on router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?

Drop the packet.

You need to disable the FastEthernet 0/0 interface on a switch. Drag the command on the left to the appropriate configuration step on the right to accomplish this. Not all of the commands may be required.

Enter global configuration mode: conf t Enter interface configuration mode: int fa0/0 Disable the interface: shutdown Verify the interface is disabled: show ip interface brief

The FastEthernet 0/0 interface on a switch is currently disabled. You need to enable it so a workstation can be connected to it. Drag the command on the left to the appropriate configuration step on the right to accomplish this. Not all of the commands may be required.

Enter global configuration mode: conf t Enter interface configuration mode: int fa0/0 Verify the interface is disabled: show interface status Enable the interface: no shut

Which of the following are solutions that address physical security?

Escort visitors at all times Require identification and name badges for all employees

You are a network administrator for your computer. A frantic user calls you one morning exclaiming that "nothing is working." What should you do next in your troubleshooting strategy?

Establish the symptoms.

Which of the following is a wired networking method most commonly used today by desktop PCs and other network devices to connect to a local area network?

Ethernet

You have a network server with two network interface cards. You want both network adapters to be used at the same time to connect to the same network to double the amount of data the server can send. Which feature would you use?

Ethernet bonding

You manage a firewall that connects your private network to the Internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use?

Event log.

What is the primary benefit of CCTV?

Expands the area visible by security guards

Which of the following WAN technologies provides packet switching over high-quality digital lines that speeds up to 1.544 Mbps or greater?

Frame Relay

What type of virtualization completely simulates a real physical host?

Full Virtualization

Which IP protocol is used by Web browsers and Web servers to exchange files?

HTTP

Which of the following hardware devices regenerates a signal out all connected ports without examining the frame or packet contents? (Select two.) Bridge Hub Repeater Switch Gateway Router

Hub & Repeater Explanation A hub and a repeater send received signals out all other ports. These devices do not examine the frame or the packet contents. A switch or a bridge use the MAC address in a frame for forwarding decisions. A router uses the IP address in a packet for forwarding decisions.

When multiple routes to a destination exist, what is used to select the best possible route?

Metric

Which TCP/IP utility gives you the following output? Route Table Interface List

Netstat -r

Which of the following is a mechanism for granting and validating certificates?

PKI

At which layer of the OSI model do hubs operate? Data Link Internet Physical Layer 3

Physical Explanation Hubs operate at layer 1, or the Physical layer of the OSI model.

What topology is used with 100BaseTX Fast Ethernet networks?(2 answers)

Physical star/logical bus Physical star/logical star

Which TCP/IP utility gives you the following output? Reply from 192.168.1.168

Ping

Which switch features are typically used with VoIP?

PoE VLAN

Which of the following techniques allows incoming traffic addressed to a specific port to move through a NAT router and be forwarded to a specific host?

Port forwarding

Match each layer of the TCP/IP model on the left with the corresponding layer of the OSI model on the right. Each option on the left can be used more then one.

Presentation-Application Data Link-Network Interface Application-Application Session-Application Network-Internet Transport-Transport

What does hashing of log files provide?

Proof that the files have not been altered

Private cloud

Provides cloud services to a single organization

Which of the following are benefits of LCP? select three

Provides load balancing across multiple links Negotiates the use (or lack) of authentication before starting the session Monitors data dropped on the link and avoids frame looping

You manage a server that runs your company Web site. The Web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that static Web content can be offloaded to a different server, while the Web server continues to process dynamic content. Which solution should you implement?

Proxy server

You have a small home network connected to the Internet using an RG-6 cable. You need to move the router connecting the network to the Internet, but can't find any RG-6 cable. Which cable types could you use instead?

RG-59

Which of the following connectors is used with Ethernet 10BaseT networks? RJ11 RJ45 15-pin D-shell BNC

RJ45 Explanation RJ45 connectors are used with Ethernet 10-BaseT networks.

Which of the following connector types would you most likely use to connect to a T1 WAN service?

RJ48c

QoS provides which of the following on a network?

Reduces latency of time-sensitive traffic

You often travel away from the office. While traveling, you would like to use a modem on your laptop computer to connect directly to a server in your office and access files on that server that you need. You want the connection to be as secure as possible. Which type of connection will you need?

Remote access

What is the main difference between RIP and RIPv2?

Rip is a classful protocol, while RIPv2 is a classless protocol.

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?

Rogue access point

Which of the following hardware devices links multiple networks and directs traffic between networks?

Router

Which of the following Internet services provides equal upload and download bandwidth?

SDSL

You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations.

SSL

Which security protocols use RSA encryption to secure communications over an untrusted network? (Select two.)

Secure Sockets Layer Transport Layer Security

Which of the following could easily result in a denial of service attack if the victimized system had too little free storage capacity?

Spam

You have a small network that uses a hub to connect multiple devices. What physical topology is used?

Star

You need to connect a workstation to a switch using a regular port on the switch (not an uplink port). The switch does not support auto-MDI. Which type of cable should you use? Straight-through Crossover Loopback Rollover

Straight-through Explanation Use a straight-through cable to connect a workstation or router to a regular switch port. Use a crossover cable to connect the workstation to the uplink port. Use a rollover cable to connect the workstation to the console port of the switch. Use a loopback plug to allow a workstation to communicate with itself through its own network adapter.

Which of the following applications is more likely to justify the investment in Category 6 cable?

Streaming video

Which of the following are true about routed firewalls

Supports Counts

A virtual LAN can be created using which of the following?

Switch

What device is used to create a physical star topology?

Switch

What problem does the Spanning Tree protocol prevent?

Switching loops from developing when redundant paths are implemented between switches.

Which of the following correctly describes the T1 carrier system?

T1 lines use two pairs of copper wires. A single T1 channel can transfer data at 64 Kbps.

You are implementing Internet connectivity for a new start-up company. Your client will provide on-line storefronts for retailers. To do this, they have calculated that their Internet connection must provide a data rate of at least 20 - 30 Mbps. Which type of service should you implement?

T3

Which of the following protocols includes extensive error checking to ensure that a transmission is sent and received without mistakes?

TCP (Transmission Control Protocol)

Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)

TLS SSL Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are protocols that are used with other protocols to add security. In addition, Secure Shell (SSH) can be used to add security when using unsecure protocols.

Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)

TLS// SSL

Which security measure uses a unique key that can be used for hardware system identification?

TPM- trusted platform module

Which of the following is true about single mode fiber optic network cabling? It's less expensive than multimode fiber optic cabling. The central core is smaller than that of multimode fiber optic cabling. The central core is composed of braided plastic or glass fibers. It doesn't support segment lengths as long as that supported by multimode fiber optic cabling. It transmits multiple rays of light concurrently.

The central core is smaller than that of multimode fiber optic cabling. Explanation Single mode fiber optic cabling transmits a single ray (or mode) of light through glass or plastic fiber. It supports longer transmission distances than multimode fiber optic cable and is also more expensive. It also has a central core that is much smaller than that of multimode fiber optic cabling.

Which of the following best describes an IP address class?

The class defines the default network address portion of the IP address

A user on your network has been moved to another office down the hall. after the move she calls you complaining that she has only occasional network access through her wireless connection. Which of the following is most likely the cause of the problem?

The client system has moved to far away from the access point.

A user on your network has been moved to another office down the hall. After the move she calls you complaining that she has only occasional network access through her wireless connection. Which of the following is most likely the case of the problem?

The client system has moved too far away from the access point

Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. You ran the show interface. What are the most likely causes of this WAN issues? select two

There is a problem with the service providers network The WAN interface on one or both routers have been disabled.

Why do attackers prefer static environment devices to conduct distributed network attacks? select two

These devices tend to employ much weaker security than traditional network devices These devices are typically more difficult to monitor than traditional network devices.

Which of the following are characteristics of an LC fiber optic connector? (Choose two.) They use a stainless steel housing. They are threaded. They can be used with either fiber optic or copper cabling. They use a one-piece bayonet connecting system. They use a housing and latch system similar to an RJ45 UTP connector. They are half the size of standard connectors.

They use a housing and latch system similar to an RJ45 UTP connector. They are half the size of standard connectors. Explanation LC fiber optic connectors are small; about half the size of other fiber optic connectors. Their appearance is similar to a typical RJ45 connector used with UTP wiring. Like an RJ45 connector, it uses a small latch to lock the connector in a jack.

What device sends signals from a computer onto a network?

Transceiver

What is the program that appears to be a legit application utility, game, or screensaver and hat performs malicious activities surreptitiously?

Trojan horse

When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch?

Trunk Ports

You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the second switch also in VLAN 1. What should you configure to allow communication between these two devices through the switches?

Trunking

Which of the following allows for easy exit of an area in the event of an emergency, but prevents entry? (Select two.)

Turnstile Double-entry door A double entry door has two doors that are locked from the outside but with crash bars on the inside that allow easy exit. Double entry doors are typically used only for emergency exits, and alarms sound when the doors are opened. A turnstile is a barrier that permits entry in only one direction. Turnstiles are often used to permit easy exit from a secure area.

What is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment but which actively prevents re-entrance through the exit portal?

Turnstiles

You manage 2 computers with the following user accounts: -Wrk1 has user accounts Mary and Admin. The Mary account does not have a password set; the Admin account does. -Wrk2 has user accounts Mary and Julia. The Mary account has a password set; the Julia account does not. You are working from Wrk2 and would like to access a shared folder on Wrk1. What credentials should you use to access the shared folder?

Type Admin for the username and specify the password

Match each UC component on the left with its corresponding definition on the right.

UC Server - Manages the entire UC system UC Gateway - Connects a digital network to an analog network UC Server - Makes presence information available to users UC Hardware Device - An IP phone for making phone calls UC Gateway - Connects a UC network to the PSTN UC Software Device - A smart phone used to access the UC system UC Hardware Device - Designed to work specifically with the UC server

You are a software developer and you are creating a multimedia streaming application. Data will be streamed from your streaming server to streaming clients over IP networks. Which transport protocol should your application use to send data between the clients and the server?

UDP

Which protocol and port number is used by BOOTP

UDP 67

You want to use a vulnerability scanner to check a system for known security risks. What should you do first?

Up date the scanner definition files

An active IDS system often performs which of the following actions? select two

Update filters to block suspect traffic Perform reverse lookups to identify an intruder

You recently installed a small office home office wireless router. To avoid security holes and bugs, what should you do to the route?

Update the firmware

If your anti-virus software doesn't detect and remove a virus, what should you try first?

Update your virus detection software

If your anti-virus software does not detect and remove a virus, what should you try first?

Update your virus detection software.

Which of the following actions adds new features and fixes bugs for anti-malware software?

Updating the anti-malware software

You have purchased new computers and will be disposing of our old computers. Instead of recycling the computers, you decide to resell them by placing an ad on the Internet. These computers were previously used for storing sensitive information. What should you do prior to getting rid of the computers?

Use data wiping software to clear the hard drives

You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users. Which solution should you use?

Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.

You have a company network that is connected to the Internet. You want all users

Use firewalls to create a DMZ. Web Inside / Private Behind

Which of the following identifications and authentication factors are often well-know or easy to discover by others on the same network or system?

Username

What is the most common form of authentication?

Username and password

You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive doc. What should you use for this situation?

VLAN

Your company is a small start-up that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented.

VLAN

You manage a network that uses a single switch. All ports within your buildings connect through he single switch . Which feature should you implement?

VLANs

You have a group of salesmen who would like to access your private network through the Internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?

VPN concentrator

You manage the information systems for a large co-location data center. Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?

Verify that your network's existing security infrastrucutre is working properly. Install the latest firmware updates from the device manufacturer

Which of the following social engineering attacks use Voice over IP (VoIP) to gain sensitive information?

Vishing

When would you typically use an RJ-11 connector

When connecting a phone to a phone line.

It infects the MBR of a hard drive.

Which of the following is not a primary characteristic of a worm?

What is the main difference between a worm and a virus?

a worm can replicate itself, while a virus requires a host for distribution

Which of the following are improvements to SNMP that are included within SNMP version 3? (Select two) a. Authentcation for agents and managers b. Encryption of SNMP messages c. Hashing of the community name d. Use of SFTP for transferring SNMP data

a. Authentcation for agents and managers b. Encryption of SNMP messages

Which of the following statements about the use of anti-virus software is correct?

anti-virus software sh0uld be configured to download updated virus definitions files as soon as they become available.

You manage a network with a single switch. On each switch port, a hub connects multiple devices to the switch. which condition are you most likely to experience on the network ?

collisions

In a SAN implementation, the servers that connect to shared storage devices are called___________________.

initiators

Which of the following commands would display the output shown here?

route print.

Which of the following solutions would you implement to eliminate switching loops?

spanning tree

At what percent is packet loss noticeable in voice traffic?

1%

What is the network address and subnet mask used by APIPA?

255.255.0.0 169.254.0.0

Padded cell.

A Smurf attack requires all but which of the following elements to be implemented?

What is another name for a logic bomb?

Asynchronous Attack

A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computers represent?

Botnet

Which of the following are true about reverse proxy? select two

Can perform load and balancing, authentication, and caching. Handles requests from the internet to a server n a private network

Man-in-the-middle attack.

Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which security concern?

Which of the following fire extinguisher suppressant types is best used for electrical fires that might result when working with computer components?

Carbon dioxide (CO2)

Consider the following IP addresses .

Class A, B, B, C

You have implemented a network where hosts are assigned specific roles, such as for file sharing and printing. Other hosts access those resources but do not host services of their own. What type of network do you have?

Client-server

You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this?

Client-side scripts

Which of the following is NOT true regarding cloud computing?

Cloud computing requires end-user knowledge of the physical location and configuration of the system that delivers the services.

Computers A and B are on the same VLAN and are separated by two switches, as shown in the exhibit. Computer A sends a Fram to Computer B. Which of the following best describes the composition of the frame as it travels from A to B?

Computer A sends a normal frame. The first switch appends a VLAN ID to the frame. The second switch removes the VLAN ID before forwarding it to Computer B.

Besides protecting a computer from under voltages, a typical UPS also performs which two actions:

Conditions the power signal Protects from over voltages

You want to create a loopback plug using a single RJ-45 connector. How should you connect the wires in the connector?

Connect pin 1 to pin 3 and pin 2 to pin 6.

You have a network configured to use the OSPF routing protocol. Which of the following describes the state when all OSPF routers have learned about all other routes in the network? Link state Convergence Classful VLSM Distance vector

Convergence Explanation The term convergence is used to describe the condition when all routers have the same (or correct) routing information. Convergence requires some time, but once reached means that any router has learned about all other networks that are being advertised (or shared) on the network. Link state and distance vector describe general methods that routers use to share routes with other routers. Classful describes a routing protocol that assumes the subnet mask based on the address class of the network. Variable

Which firewall implementation creates a buffer

DMZ

You need to enable hosts on your network to find the IP address of logical names such as srv1.myserver.com. Which device would you use? IPS DNS server Bandwidth shaper IDS Load balancer

DNS server Explanation Use a DNS server to provide hostname-to-IP address resolution. A bandwidth shaper modifies the flow of traffic to keep traffic within predefined limits. A load balancer accepts incoming client requests, and distributes those requests to multiple other servers. An IDS detects security threats, while an IPS can both detect and respond to security threats.

Which wireless networking component is used to correct multiple APs together?

DS

Which of the following Internet connection technologies requires that the location be within a limited distance of the telephone company central office?

DSL

You have configured a wireless access point to create a small network. You have configured all necessary parameters. Wireless clients seem to take a long time to find the wireless access point. You want to reduce the time it takes for the clients to connect. What should you do?

Decrease the beacon interval.

You have just connected a new computer to your network. The network user static IP addressing. You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having a problem Which of the configuration values would you most likely need to change?

Default gateway.

Which TCP/IP configuration parameter identifies the router that is used to reach hosts on remote networks?

Default gatway

Which of the following information are you likely to find in a procedure document?

Details on how to test and deploy patches.

Consider the following output from a dig command run on a Linux system. ; <<>> DiG 8 .2 <<>> westsimlll.com ;;res options :init recurs defnam dnsrch ;;got answer : ;;->>HEADER<< -opcode :QUERY , status : NOERROR , id :4 ;;flags : qr rd ra ; QUERY :l , ANSWER :l , AUTHORITY :2, ADDITIONAL :0 ;;QUERY SECTION : ;; westsimlll.com , type= A , class= IN ;;ANSWER SECTION : westsimlll .com . 7h33m IN A 76 .141 .43 .129 ;;AUTHORITY SECTION : westsimlll .com . 7h33m INNS dnsl .deriatctlll .com. westsimlll.com. 7h33m INNS dns2.de riatct222.com . ;;Total query time : 78 msec ;;FROM: localhost .localdomain to SERVER :default -- 202 .64 .49 .150 ;;WHEN: Tue Feb 16 23 :21 :24 2005 ;;MSG SIZE sent : 30 rcvd :l03 which of the following utilities produced this output?

Dig

On your way into the back entrance of the building at work one morning, a man dressed as a plumber asks you to let him in so he can "fix the restroom." What should you do?

Direct him to the front entrance and instruct him to check in with the receptionist.

Your wireless network consist of multiple wireless 802.11n access points that are configured as follows.....This network is required to support an ever-increasing number of devices. what should you do?

Double the bandwidth assigned per channel to 40MHz

Which of the following allows for easy exit of an area in the event of an emergency, but prevents entry? (Select two)

Double-entry door AND Turnstile

Using the Netstat command, you notice that a remote system

Downloading a file

Which of the following are examples of social engineering?

Dumpster diving //Shoulder surfing

You have a cable Internet connection at home. The installer had connected the router near the outside wall of your house with RG-6 cable. You move the cable router a distance of 50 meters using RG-8 cables and special connector adapters. Which condition are you most likely to experience?

Echo

You have configured a remote access server to accept dial-up connections for remote access clients. Remote clients are able to connect successfully and access resources on the remote access server. However, the remote clients are not able to connect to other devices located on the same subnet where the remote access server is located. Which action would likely correct the problem?

Enable proxy arp on the LAN connection for the remote access server.

You have just signed up for a broadband home Internet service that uses coaxial cable. Which connector type will you most likely use? RJ45 SC Ftype BNC ST RJ11

F-type Explanation Use an F-type connector for broadband cable connections that use coaxial cable. Use a BNC connector for 10Base2 Ethernet networks. Use an RJ11 connector for modem connections to a phone line. Use an RJ45 connector for an Ethernet network that uses twisted pair cable. Use ST and SC connectors for fiberoptic cables.

Which of the following is a valid IPv6 address?

FEC0::AB:9007

You have just connected four new computer systems to an Ethernet switch using spare patch cables. After the installation only three systems are able to access the network. You verify all client network settings and replace the network card in the failed system. The client is still unable to access the network. Which of the following might you suspect as the real cause of the problem?

Failed patch cable

Match the virtualization feature on the right with the appropriate description on the left.

Flexibility - Moving virtual machines between hypervisor hosts Testing - Verifying that security controls are working as designed Server consolidation - Performing a physical-to-virtual migration (P2V) Sandboxing - Isolating a virtual machine from the physical network

A router is connected to a network 192.169.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The router is also configured with a static route of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to the network 10.1.0.0/16. What will the router do with the packet.

Forward the packet to the next hop router specified by the route network 0.0.0.0

What type of module might a switch use to allow it to modify the media type supported by a switch port? (Select two.) MPLS GBIC OCx SFP

GBIC & SFP Explanation Older network adapters used an external transceiver that matched the media type. While nearly all current network adapters come with a built in transceiver type, new devices, such as switches and routers, use transceiver modules that allow you to modify the media type of a port by changing the transceiver. Transceiver modules include the following: • A GBIC (gigabit interface converter) is a larger sized transceiver that fits in a port slot and is used for Gigabit media including copper and fiber optic. • An SFP (small formfactor pluggable) is similar to a GBIC but with a smaller size. An SFP is sometimes called a miniGBIC. • An XFP transceiver is similar in size to an SFP but is used for 10 Gigabit networking.

Which of the following can route layer 3 protocols across an IP network?

GRE

What is a major benefit of STP over UTP?

Greater resistance to interference

Which of the following protocols provide gateway redundancy? select all that apply

HSRP GLBP VRRP

Match each physical security control on the left with an appropriate example of that control on the right. Each security control may be used once, more than once, or not at all.

Hardened carrier >> Protected cable distribution Biometric authentication >> Door locks Barricades >> Perimeter barrier Emergency escape plans >> Safety Alarmed carrier >> Protected cable distribution Anti-passback system >> Physical access control Emergency lighting >> Safety Exterior floodlights >> Perimeter barrier

Match each physical security control with the appropriate example:

Hardened carrier: Protected cable distribution Biometric authentication: Door locks Barricades: Perimeter barrier Emergency escape plans: Safety Alarmed carrier: Protected cable distribution Anti-passback system: Physical access control Emergency lighting: Safety Exterior floodlights: Perimeter barrier

Which of the following are characteristics of a rootkitrootkit? (Select two.)

Hides itself from detection Requires administrator-level privileges for installation

Educate employees on the risks and countermeasures. Publish and enforce clearly-written security policies.

How can an organization help prevent social engineering attacks?

Which organization is responsible for allocating public IP addresses?

IANA

Listed below are several DNS record types. Match the record type on the left with its function on the right.

Identify a domain controller- SRV identify a mail server- MX Map a host name to an IPv4 address- A Map an IPv4 address to a host name- PTR

A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the router back online. After doing some research you find that the most likely cause of the problem is a bug in the router's software. A new patch is available from the manufacturer that is supposed to eliminate the problem. What should you do next?

Identify possible effects of the solution.

Under which of the following circumstances might you implement BGP on your company network and share routes with internet routers?

If the network is connected to the internet using multiple ISPs

Which of the following are reasons to configure VLAN's on a switch as opposed to using switches without VLANs?

Increased Security Increased Number of broadcast domains

Which of the following CCTV types would you use in areas with little or no lights?

Infrared

A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While she normally works from her office, today she is trying to access the wireless network from a conference room which is across the hall and next to the elevator. What is the most likely cause of her connectivity problem?

Interference is affecting the wireless signal

Which of the following is true of Multiprotocol Label Switching? (Elect two.)

It can carry ATM, SONET, and Ethernet traffic. CEF is required for all MPLS-enable Cisco routers

Which two of the following statementsabout the Dynamic Host Configuration Protocol (DHCP) are true?

It can deliver other configuration information in addition to IP addresses. A DHCP server assigns addresses to requesting hosts.

Which of the following best describes how a switch functions?

It connects multiple cable segments (or devices), and forwards frames to the appropriate segment

Which of the following describes how a switch functions?

It connects multiple cable segments (or devices), and forwards frames to the appropriate segment

Which of the following best describes how a switch functions? It connects multiple segments of different architectures. It translates frames, and forwards them to the appropriate segment. It connects multiple segments of different architectures. It translates frames, and broadcasts them to all of its ports. It connects multiple cable segments (or devices), and forwards frames to the appropriate segment. It connects multiple cable segments (or devices), and broadcasts frames to all of its ports.

It connects multiple cable segments (or devices), and forwards frames to the appropriate segment. Explanation Switches have multiple ports and can connect multiple segments or devices. The switch forwards frames to the appropriate port. They function similarly to a hub, except instead of sending packets to all ports, switches send packets only to the destination computer's port.

You want to check a server for user account that have weak password. Which tool should you use?

John the Ripper

Match the firewall type

Layer 2- V Layer 3- R Counts-R Does-V Different-R Same-V

At which of the following OSI layers does a router operate? Layer 1 Layer 2 Layer 3 Layer 4

Layer 3 Explanation A router operates at layer 3, or the Network layer.

You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activities on the disk to see what kind of information it contains. What should you do first?

Make a bit-level copy of the disk Before conducting an investigation of data on a disk, you should create a hash of the disk, create a bit-level copy of the disk, then create a hash of your copy of the disk. Perform any investigative activities on your copy of the disk, not on the original disk.

You walk by the server room and notice a fire has started. What should you do first?

Make sure everyone has cleared the area

When recovery is being performed due to a disaster, which services are to be stabilized first?

Mission critical

Based on the diagram, which network line code technique is being used?

Non-Return-to-Zero

Which type of active scan turns off all flags in a TCP header?

Null

Breaks data into very small data streams in order to send the information across long distances

OFDM

You are working with an existing fiber optic installation in your building. You want to know how long each length of cable is that runs through walls. Which tool should you use?

OTDR

Which of the following associates a port number with a host on a private network?

PAT

Which of the following terms identifies the network of dial-up telephone and the long-distance lines?

PSTN

Users in your organization receive email messages informing them that suspicious activity hasbeen detected on their bank account. They are directed to click a link in the email to verify theirbeen detected on their bank account. They are directed to click a link in the email to verify theironline banking username and password. The URL in the link is in the .ru top-level DNS domain.online banking username and password. What kind of attack has occurred?

Phishing

Users on your network report that they have received an email stating that the company has just launched a new website. The email asks employees to click the website link in the email and log in using their username and password. No one in your company has sent this email. What type of attack is this?

Phishing

At which layer of the OSI Model do hubs operate?

Physical

Which of the following features is used with digital IP phones to supply power through a switch port?

PoE

In which stage of the evidence lifecycle is the forensic report created?

Preservation and analysis

You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use?

Protocol analyzer.

You manage a server that runs your company website

Proxy Server

You have used firewalls to create a demilitarized zone

Put the Database on the private network/Put the Web server inside the DMZ

Your network conducts training sessions for high-profile clients. As part of the training, clients connect to get a video feed of the instructor and other class activities. You want to make sure that video traffic related to the training is not delayed on the network. Which solution should you implement?

QoS

Which of the following protocols has a limit of 15 hops between and two networks?

RIP

Which of the following is the process f fixing problems detected by anti-virus software so that the computer is restored to its original state?

Remediation

You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat 6e cable to connect the wiring closet to the shipping building. Which of the following should you include in your plan?

Repeater

You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat 6e cable to connect the wiring closet to the shipping building. Which of the following should you include in your plan?

Repeater.

Which of the following is undetectable software that allows administrator-level access?

Rootkit

Which of the following is a characteristic of a virus?

Requires an activation mechanism to run

Which of the following protocols are used with VoIP?

SIP RTP

What protocol is used to send e-mail messages from a mail client to a mail server?

SMTP

Of the following cables, which offer the best protection against EMI?

Single mode fiber optic

Of the following cables, which offer the best protection against EMI? Cat 5e Cat 5 RG6 Single mode fiber optic

Single mode fiber optic Explanation Fiber optic cables offer the best protection against electromagnetic interference (EMI).

Which type of address is the IP address 198.162.12.254/24?

Unicast

Which of the following strategies are used to prevent duplicate IP addresses being used on a network? (Select two.) Install the DHCP client on all workstations Set the Windows networkmonitoring utility to identify potential IP conflicts Configure a HOSTS file for local IP resolution Use Automatic Private IP Addressing Install a DHCP server on the network Configure client systems to use static IP assignment

Use Automatic Private IP Addressing Install a DHCP server on the network Explanation To avoid duplicate IP addresses being used by network systems, automatic IP assignment is used. Both the DHCP service and APIPA can automatically assign addresses to client systems. Clients configured to use static IP addressing may inadvertently have duplicate IP addresses assigned to them. In such a case, one of the systems will not be able to log on to the network.

Which of the following are characteristics of ATM?(Select Two)

Uses fixed-length cells of 53-bytes add labels to data units

You have just received a generic-looking email that is addressed as coming from the administrator of your company. The email says that as part of a system upgrade, you are to go to a website and enter your username and password at a new website so you can manage your email and spam using the new service. What should you do?

Verify that the email was sent by the administrator and that this new service is legitimate

Which of the following documents would likely identify that drop cables on your network use T568A standard?

Wiring schematic

In which of the following situations would you use port security?

You want to restrict the devices that could connect through a switch port.

Which TCP/IP utility gives you the following output? Interface: 192.168.4.101 on Interface 0x3 Internet Address Physical Address Type 192.168.1.23 00-d1-b6-d7-c2-af dynamic

arp

To optimize your network, you want to configure your wireless AP to use a channel that meets the following criteria. non-overlapping, low utilization, low interference.

channel 1

What is a firewall function?

packet filtering

Due to widespread network expansion, you have decided to upgrade the network by configuring a DHCP sever for the network uses Linux, Windows, and Mac OS X client systems. You configure the server to distribute IP addresses from 12.168.2.1 to address 192.168.2.100. You use the subnet mask of 255.255.255.0. after making al setting changes on the DHCP sever, you reboot each client system but they are not able to obtain an ip address from the dhcp server. Which of the following would explain the failure?

the clients must be configured to obtain ip addressing from a dhcp server

What is the best countermeasure against social engineering?

user awareness training

Which of the following is included in an operations penetration test? (select three)

1. Looking through discarded papers or media for sensitive information 2.Eavesdropping or obtaining sensitive information from items that are not properly stored 3.Acting as an imposter with the intent to gain access or information

You want to use CCTV to increase the physical security of your building. Which of the following camera types would offer the sharpest image at the greatest distance under the lowest lighting conditions?

500 resolution, 50mm, .05 LUX

You've just installed the DNS service on a Windows server. Which port must be opened in the server's firewall to allow clients to access the service?

53

You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 150 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standard will work best in the situation?

802.11n

You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 150 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standard will work best in this situation?

802.11n

You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54Mbps. Which 802.11 standard will work best in this situation? select two

802.11n 802.11a

Review the output from the show interfaces far/1 command on the switch 2 switch in the exhibit. what is wrong with the fa0/1 interface in this example?

A duplex mismatch exists with the device on the other end of the connection.

Which of the following best dedscribes a man-in-the-middle attack?

A false server intercepts communications from a client by impersonating the intended server

Which of the following describes a man-in-the-middle attack?

A false server intercepts communications from a client by impersonating the intended server.

Which of the following describes a logic bomblogic bomb?

A program that performs a malicious activity at a specific time or after a triggering event

Which of the following describes a logic bomb?

A program that performs a malicious activity at a specific time or after a triggering event.

You connect your computer to a wireless network available at the local library. You find that you can access all web sites you want on the Internet except two. What might be causing the problem?

A proxy server is blocking access to the web sites

You connect your computer to a wireless network available at the local library. You find that you can access all websites you want on the Internet except for two. What might be causing the problem?

A proxy server is blocking access to the web sites.

Match the COS priority on the left with the corresponding value on the right.

0-Best effort (default) 1-Backgroud 2-Excellent effort 3-Critical applications 4-Video(<100ms latency) 5-Video(<10ms latency) 6-Internetwork control 7-Network control

Which of the following is a valid IPv6 address? FEC0::AB:9007 FEC0:9087:AB04:9900:7GA2:7788:CEDF:349A 199.12.254.11 FEC0:AB98::A7::9845:4567 FEC0:AB04:899A

FEC0::AB:9007 Explanation FEC0::AB:9007 is a valid IPv6 address. The :: in the address replaces blocks of consecutive 0's. The longer form of this address would be FEC0:0000:0000:0000:0000:0000:00AB:9007. Leading 0's within a quartet can also be omitted. You can only omit one block of 0's using the double colon. Each number in the IPv6 address must be between 0-9 or A-F; G is not a valid number for the IPv6 address. An address without double colons should have a total of 32 hexadecimal numbers in 8 blocks.

Uses a narrow frequency band and hops data signals in a predictable sequence

FHHS

You want to allow your users to download files from a server running the IP protocol. You want to protect access to the files by requiring user authentication to access specific directories on the server. Which IP protocol should you implement to provide this capability?

FTP

You want to allow your users to download files from a server running the TCP

FTP

You want to allow your users to download files from a server running the TCP/IP protocol. You want to require user authentication to gain access to specific directories on the server. Which TCP/IP protocol should you implement to provide this capability? HTML FTP IP HTTP TFTP TCP

FTP Explanation You should implement the File Transfer Protocol (FTP). It enables file transfers and supports user authentication. The Trivial File Transfer Protocol (TFTP) enables file transfer, but does not support user authentication.

You want to transfer a file from a UNIX server to a Windows 2000 computer. Which of the following utilities could you use to do this? Select all that apply. Netstat TFTP FTP Tracert Telnet NBTSTAT

FTP & TFTP Explanation UNIX computers use TCP/IP, as do Windows 2000 computers. Therefore, the TCP/IP utilities FTP and TFTP will both allow you to transfer files.

Which of the following is likely to be located in a DMZ?

FTP server

You have two switches connected as shown in the Exhibit. You would like to configure rapid spanning tree on switch A. On which ports would you use portfast command?

Fa0/1 and Fa0/2

What are (2) biometric devices?

Face scanner /// Retina scanner

You are moving a client to a new location within an Ethernet network. Previous to the move, the client system did not have any difficulty accessing the network. During the relocation, you attach a patch cable from the client system to the wall jack and from the patch panel to the switch. Once connected you do not get a link light on the network card or the switch. You swap out the cable running between the patch panel and the switch with a known working one but you can still not connect. Which of the following might you suspect as the problem?

Failed patch cable between the client system and the wall jack

You are moving a client to a new location within an Ethernet network. Previous to the move, the client system did not have any difficulty accessing the network. During the relocation, you attach a patch cable from the client system to the wall jack and from the patch panel to the switch. Once connected you do not get a link light on the network card or the switch. You swap out the cable running between the patch panel and the switch with a known working one but you can still not connect. Which of the following might you suspect as the problem?

Failed patch cable between the client system and the wall jack.

Which of the following is the best device to deploy to protect your private network from a public untrusted network?

Firewall

You are the administrator of your company's network. You want to prevent unauthorized access to your intranet from the Internet. Which of the following should you implement?

Firewall

After installing some software a few days ago your DVD drive tray randomly began to open and close. Today, you were called into our boss's office to discuss why you are calling 900 numbers while at work. Which type f malware would create these symptoms?

Grayware

You are using a crimper to attach an RJ-45 connector to a Cat 6 UTP cable. You need to use the T568A standard to connect the individual wires to the connector. Which wire should be connected to pin 1?

Green with white

Which of the following is true of a wireless network SSID?

Groups wireless devices together into the same logical network

You have been given a laptop to use for work

Host-based

As a security precaution, you have implemented IPsec that is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?

Host based IDS

You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-bases attacks. What solution should you use?

Host based firewall

You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. What solution should you use?

Host-based firewall

You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use?

Host-based firewall

Which organization is responsible for allocating public IP addresses? IANA CompTIA IEEE IETF

IANA Explanation The Internet Assigned Numbers Authority (IANA) is responsible for allocating IP addresses used on the Internet. When you want to obtain a public IP address, you would typically get the address from your ISP, which has received it from a Regional Internet Registry (RIR), which has been assigned a block of addresses from IANA. IANA is operated by the Internet Corporation for Assigned Names and Numbers (ICANN), so you might also see that ICANN is responsible for assigning public IP addresses. The IETF is an organization that is responsible for settings standards used on the Internet. For example, the IETF has defined the standards for NAT as well as other protocols. The IEEE is an organization that sets networking standards such as for Ethernet or wireless networking. CompTIA is a professional organization that represents computing technology companies and individuals.

Which of the following protocols allows hosts to exchange messages to indicate problems with packet delivery? IP TCP ARP DHCP IGMP ICMP

ICMP Explanation The Internet Control Message Protocol (ICMP) allows hosts to exchange messages to indicate the status of a packet as it travels through the network.

You have a network that occupies both floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the second floor directly above the wiring closet that holds the demarc. Which of the following terms describes the closet on the second floor? Vertical cross connect Demarc extension MDF IDF Horizontal cross connect

IDF Explanation An intermediate distribution frame (IDF) is a smaller wiring distribution point within a building. IDFs are typically located on each floor directly above the MDF, although additional IDFs can be added on each floor as necessary. The main distribution frame (MDF) is the main wiring point for a building. The MDF is typically located on the bottom floor or basement. The LEC typically installs the demarc to the MDF. A vertical cross connect connects the MDF on the main floor to IDFs on upper floors. Cabling runs vertically (up and down) between the MDF and the IDFs. A horizontal cross connect connects IDFs on the same floor. Cabling runs horizontally (sideways) between the IDFs. A demarc extension extends the demarcation point from its original location to another location within the building.

What security mechanism can be used to detect attacks originating on the Internet or from within an internal trusted subnet?

IDS

Which protocol does an IP host use to inform a router that it wants to receive specific multicast frames?

IGMP

Which protocol does an IP host use to inform a router that it wants to receive specific multicast frames? SNMP IP IGMP ICMP MGP

IGMP Explanation IP hosts use the IGMP or Internet Group Management Protocol to inform multicast-enabled routers that they want to receive specific multicast frames.

Which command would you use on a switch to enable management from a remote network?

IP default-gateway 192.168.10.185

You need to configure a Cisco RFC 1542 compliant router to forward any recieved DHCP frames to the appropriate subnet. The address of the remote DHCP server is 172.16.30.1. Which of the following commands would be used to configure the router?

IP helper-address 172.16.30.1

You have a private network connected to the internet. Your routers will not share routing information about your private network with internet routers. Which of the following best describes the type of routing protocol you would use?

IPG

You are connected about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action when poosible to stop or prevent the attacks. Which tool should you use?

IPS

Which of the following are security devices that perform stageful inspections of packet data, looking for patterns that indicate malicious code? select two

IPS IDS

What security protocols establish a secure connection and encrypt data for a VPN? (3)

IPSec, PPTP, L2TP

Which of the following is the best countermeasure against man-in-the middle attacks?

IPsec

Which of the following network layer protocols provides authentications and encryptions services for IP based network traffic?

IPsec

Which of the following is the best countermeasure against man-in-the middle attacks?

IPsec Use IPsec to encrypt data in a VPN tunnel as it passes between two communication partners

Which of the following network technologies is packaged as part of a BRI plan?

ISDN

Which of the following WAN technologies provides digital dial-up connections on two 64 Kbps data channels?

ISDN BRI

Which of the following Internet access technologies support simultaneous voice and data traffic over the same physical line? (Select two.)

ISDN BRI ADSL

You were hired by a small start-up company. the company is in a small office and has several remote employees. You ave been asked to find a business service that would accommodate the curren size of the company but would also be able to scale as the company grows. The service needs to provide adequate storage, as well as additional computing power. Which cloud serve model should you use?

IaaS

Which TCP/IP utility gives you the following output? Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : testout.com IP Address. . . . . . . : 192.168.1.111 Subnet Mask. . . . . . . . : 255.255.255.0 Default Gateway . . . . . : 192.168.1.1

Ipconfig

Which TCP/IP utility gives you the following output? Ethernet adapter Local Area Connection:

Ipconfig

You have been called in to troubleshoot a connectivity problem on a newly installed Windows Server 2003 system.The system is operating satisfactorily and is able to communicate with other systems on the local network.However it is unable to access any systems on other segments of the corporate network. You suspect that the default gateway parameter for the system has not been configured,or may be configured incorrectly.Which of the following utilities are you most likely to use to view the default gateway information for the system?

Ipconfig

You have been called in to troubleshoot a connectivity problem on a newly installed windows Server 2003 system. The system is operating satisfactorily and is able to communicate with other systems on the local network. However it is unable to access any systems on other segments of the corporate network. You suspect that the default gateway parameter for the system has not been configured, or may be configured incorrectly. Which of the following utilitis are you most likely to use to view the default gate way information for the system

Ipconfig

You want to be able to view the DNS server address that a computer is using. Which of the following utilities would you use

Ipconfig ifconfig

A switch running STP is in the listening state. A message destined for a different network segment arrives at the switch. Which of the following best describes what the switch will do?

It does not record the address or segment information. It does not forward the message

Which of the following is true about the MAC address? (Select two)

It is typically represented by hexadecimal numbers. It is a 48-bit address

Match each network enumeration technique on the left with its corresponding description on the fish.

Identifying phone number with modems War dialing Scanning for wireless access points Wardriving Identifying operating system type and version number Banner grabbing Identifying services that can pass through a firewall Firewalking

Which of the following attacks tries to associate an incorrect MAC address with a know IP address?

ARP poisoning

Which of the following attacks tries to associate an incorrect MAC address with a known IP address?

ARP poisoning ARP spoofing/poisoning associates the attacker's MAC address with the IP address of victim devices. When computers send an ARP request to get the MAC address of a known IP address, the attacker's system responds with its MAC address.

A router is configured with the login, no password condition for console access. Which of the following statements is true about access via a Telnet or SSH session?

Access is denied

While browsing the Internet, you notice that the browser displays pop-ups that are targeted towards recent keyword searches you have performed. What is this an example of?

Adware

While browsing the internet, you notice that the browser displays ads that are targeted towards recent keyword searches you have performed. What is this an example of?

Adware

You are concerned about protecting your network from network-based attacks from the internet. Specifically, you are concerned about zero day attacks (attacks that have not yet been identified or that do not have prescribed protections.) Which type of device should you use?

Anomaly based IDS

What does a tarpit specifically do to detect and prevent intrusion into your network?

Answer connection requests in such a way that the attacking computer is stuck for a period of time

Which of the following measures are you most likely to implement to protect against a worm or Trojan horse?

Anti-virus Software

Which of the following statements about the use of anti-virus software is correct?

Anti-virus software should be configured to download updated virus definition files assoon as they become available.soon as they become

You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?

Application-level

You have just purchased a new network device and are getting ready to connect it to your network. Which of the following should you do to increase its security? select two

Apply all patches and updates Change default account password

Which of the following tools would you use to view the MAC addresses associated with IP addresses that the local workstation has contacted recently?

Arp

Which TCP/IP utility gives you the following output? Interface:192.168.1.111

Arp -a

RADIUS is primarily used for what purpose?

Authenticating remote clients before access to the network is granted

What are the most common network traffic packets captured and used in a replay attack?

Authentication

What are the most common network traffic packets captured and used in a replay attack? DNS query File transfer Authentication Session termination

Authentication

What is the primary countermeasure to social engineering?

Awareness

You have just connected four switches as shown in the Exhibit. Assuming the default switch configuration, which switch will become the root bridge?

B

While developing a network application, a programmer adds functionally that allows her to access the running program, without authentication, to capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application. What type of security weakness does this represent?

Backdoor

Netbus and Back orifice are remote control tools. The allow you to connect to a remote system over a network and operate it as if you were sitting at its local keyboard. Unfortunately these two programs are also examples of what type of security concern?

Backdoor Trojans

Which of the following is an important aspect of evidence gathering?

Backing up all logs files and audit trails

Which of the following is a rating of the amount of data that can be sent over a network in a period of time?

Bandwidth

Which of the following features are common functions

Bandwith shaping Spam Filtering

Your anti-virus software has detected malware on your system. However, the anti-virus software is unable to remove it, and when you try to delete the files, you can'y because they are in use. What should you try first?

Boot into Safe Mode and try removing the malware

A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computer represent?

Botnet

A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computers represent?

Botnet A botnet refers to a collection of zombie computers which are commanded from a central control infrastructure to propagate spam or to collect usernames and passwords to access secure information.

Which three of the following devices operate at the Data Link layer of the OSI model? Routers Bridges Switches Repeaters Network interface cards (NICs) Hubs

Bridges, Switches & NICs Explanation Network interface cards (NICs), bridges, and switches all operate at the OSI Data Link layer. They use the physical device address (MAC address) to identify packets. Hubs and repeaters operate at the Physical layer they simply repeat packets without regard to addresses. Routers function at the Network layer they examine the logical device and network address to perform routing tasks.

An attacker is conducting passive reconnaissance on a targeted company. Which of the following could he be doing? (#2)

Browsing the organization's website.

A programmer that fails to check the length of input before processing leaves his codevulnerable to what form of common attack?

Buffer overflow

Which of the following attacks is a form of software exploitation...input variable is designed to handle?

Buffer overflow

Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?

Buffer overflow A buffer overflow occurs when software code receives too much input than it was designed to handle and when the programmer of that code failed to include input validation checks. When a buffer overflow occurs, the extra data is pushed into the execution stack and processed with security context of the system itself. In other words, a buffer overflow attack often allows the attacker to perform any operation on a system.

You are building a wireless network within and between two buildings. The buildings are separated by more then 3000 feet. The wireless network should meet the following requirements....

Building 1-location A Right-facing directional Antenna/WPA2 with CCMP Building 1-location B Omni directional Antenna/WPA2 with CCMP Building 1-location C Left-facing directional Antenna/WPA2 with CCMP Building 1-location D Right-Facing Parabolic Antenna/WPA2 with CCMP Building 2-location A Omni Directional/WEP with Open authentication Building 2-location B Left-facing Parabolic Antenna/WPA2 with CCMP

Which of the following topologies connects all devices to a trunk cable? Tree Bus Star Ring

Bus Explanation The bus topology connects all devices to a trunk cable.

Which of the following physical topologies are used with Ethernet networks? (Select two.) Mesh Star Bus Ring

Bus & Star Explanation Ethernet networks use either a physical bus or physical star topology. Hubs can also be cascaded to form a tree topology.

In business continuity planning, what is the primary focus of the scope?

Business processes

In business continuity planning, what is the primary focus of the scope?

Business processes Company assets are the focus of risk assessment for security policy development, not BCP. Human life and safety are considerations for emergency response, but are not the focus of the BCP scope. Recovery time objective is a consideration in the development of emergency response, not an aspect of BCP scope.

The phone line to one office is not working. You have identified the location of the phone line in a 66 block in the wiring closet. Which tool would you use to connect to the phone line at the punchdown block to see if you can make or receive calls?

Butt set.

Which of the following statements accurately describes how a modem works? (Select two)

It modulates digital data from the PC into analog data and transmits it on a telephone network. It demodulates analog data from a telephone network into digital PC data.

Which of the following statements accurately describes how a modem works? (Select two.) It modulates digital data from the PC into analog data and transmits it on a telephone network. It communicates over a telephone network using digital signals. It transmits digital signals over ordinary telephone copper wiring at a rate up to 128 Kbps. It demodulates analog data from a telephone network into digital PC data. It demodulates analog PC data into digital data that can be transmitted through a telephone network. It modulates digital data from a telephone network into analog data that a PC can use.

It modulates digital data from the PC into analog data and transmits it on a telephone network. It demodulates analog data from a telephone network into digital PC data. Explanation Modem is shorthand for modulator/demodulator. Its job is to convert (or modulate) digital data from a PC into analog telephone signals and transmit them through a telephone network. It also receives analog data from the telephone network and converts (or demodulates) it into digital PC data.

Which of the following best describes spyware?

It monitors the actions you take on your machine and sends the information back to its originating source.

Which of the following best describes spyware?

It monitors the actions you take on your machine and sends the information back to itsoriginating source.

Which three of the following are characteristics of ISDN?

It provides enough bandwidth to transmit data at much higher speeds than standard modems and analog lines It is a dial-up service that uses existing copper wires for the local loop It lets you transmit voice, video, and data over the same lines.

Which four of the following are the responsibility of the WAN service provider?

CO DCE Local loop PSE

Arrange the computer components listed on the left in order of decreasing volatility on the right.

CPU registers and caches System RAM Paging file Hard Disk File system backup on an external USB drive

Arrange the computer components listed on the left in order of decreasing volatility on the right.

CPU registers and caches System RAMWhich of the following is an important aspect of evidence gathering? Paging file Hard disk File system backup on an external USB drive

All of the 802.11 standards for the wireless networking support which type of communication path sharing technology?

CSMA/CA

What must you install between networks and a T1 line for your networks to use the T1 line?

CSU/DSU

Which of the following devices is used on a WAN to convert synchronous serial signals into digital signals?

CSU/DSU

You are making Ethernet drop cables using Cat5e cable and RJ45 connectors. You need to remove the plastic coating over the cable to expose the individual wires. What tool should you use?

Cable Stripper

Which of the following services are available regardless of whether the telephone company network is available?

Cable modem

You are making Ethernet drop cables using Cat5e cable and RJ45 connectors. You need to remove the plastic coating over the cable to expose the individual wires. Which tool should you use? Snips Punchdown tool Butt set Cable stripper

Cable stripper Explanation Use a cable stripper to remove the plastic covering for a cable. Note: When making drop cables or using punchdown blocks, do not remove the plastic covering for individual wires. Use snips to cut cables. Use a punchdown tool to push wires into 66 or 110 blocks and cut wires at the same time. Use a butt set to connect to phone lines to monitor, make, or answer phone calls.

You've just finished installing a wireless access point from a client. Which action best protects the access point from unauthorized configuration settings?

Changing the administrative password

Which wireless technology is used to enable 802.11a-ht and 802.11g-ht networks to emulate 802.11n network speeds?

Channel bonding

Which of the following would indicate when a system case cover is removed?

Chassis intrustion detection

You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this?

Client-side scripts JavaScript is an example of client-side scripting, where the client system runs the scripts that are embedded in Web pages. When pages download, the scripts are executed. ActiveX runs executable code within a browser, but ActiveX controls are not written using the JavaScript language. Server-side scripts execute on the server, and modify the Web pages served to clients based on the results of the scripts. The Common Gateway Interface (CGI) is scripting language that is often used to capture data from forms in a Web page and pass the data to an external program. CGI runs on the server to process Web form data.

You are reviewing the output of the show interfaces command for the Gi0/1 interface on a switch. You notice significant number of CRC errors displayed. What are the most likely causes? select two

Collisions EMI or cross-talk on the cable connected to the interface

Consider the network shown in the exhibit. When you run the show interface command on switch1, you observe a significant number of runts on the Gio/1 interface. What does this statistic indicate?

Collisions are occurring.

Which of the following is not a reason to use subnets on a network? Combine different media type on to the same subnet. Extend the network. Improve security. Isolate network problems.

Combine different media type on to the same subnet. Explanation Subnets cannot be used to combine networks of different media type on to the same subnet. Each network with a distinct media type has its own subnet. Subnets can be used to combine networks with different media types within the same internetwork.

Match each switch management method on left with its corresponding characteristics on the right. Each method may be used once, more than once, or not at all.

Commonly sold at retail stores Unmanaged switch Provide port security features. Managed switch Support VLANs Managed switch Provide very few configuration options Unmanaged switch Can be configured over a network connection Managed switch Can be configured over a dedicated communication channel Managed switch

You have just started a new job as a network... To improve the safety of your organization, you decide... How should you get them?

Download them from the chemical manufacturers' websites

When you browse to a website, a pop-up window tells you that your computer has been infected with a virus...spyware on your system.

Drive-by download

You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this?

Connect one server through a different ISP to the Internet. If the ISP connection goes down, then the website is unavailable. Connecting one server to a different ISP, or both servers to two ISPs, will provide redundancy for the connection.

• You notice that a router/firewall/content filter UTM device has been implemented in the server closet to protect the internal network from external attacks. Which securityrelated recommendations should you make to this client? (Select two.)

Control access to the work area with locking doors and proximity readers. //Relocate the switch to the locked server closet.

Which of the following applications typically use 802.1x authentication? (Select two.)

Controlling access through a switch Controlling access through a wireless access point

Which two of the following are included as part of Data Link layer specifications? Composition of electrical signals as they pass through the transmission medium. Controlling how messages are propagated through the network. Synchronizing individual bits as they are transmitted through the network. Identifying physical network devices.

Controlling how messages are propagated through the network. Identifying physical network devices. Explanation The Data Link layer controls identifying devices on a network as well as how messages travel through the network (the logical topology). The other functions listed here are performed by the Physical layer.

Match the Cisco device password type on the left with its function on the right

Controls the ability to log on through a LAN or WAN interface configured on the device VTY Controls the ability to switch configuration modes EXEC Controls the ability to connect to the device using a direct connection Console

you have a network configured to use the OSPF routing protocol. Which of the following describes the state when all OSPF routers have learned about all other routes in the network.

Convergence

Which of the following is a text file provided by a website to a client that is stored on a user's hard drive in order to track and record information about the user?

Cookie

What is the basic purpose of the OSI Physical layer? Defines basic physical structures, such as disks. Coordinates rules for managing network servers. Coordinates rules for routing packets. Coordinates rules for transmitting bits.

Coordinates rules for transmitting bits. Explanation The OSI Physical layer coordinates rules for transmitting bits.

Which of the following is an example of privilege escalation?

Creeping privilieges

You need to attach an RJ-45 connector to the end of a Cat 6 UTP cable. Which tool should you use?

Crimper

You are building network cables and attaching RJ45 connectors to each end. Which tool do you need for this task?

Crimping tool

You want to connect the LAN port on a router to the uplink port on a switch. The switch does not support auto-MDI. Which type of cable should you use?

Crossover

You want to connect the LAN port on a router to the uplink port on a switch. The switch does not support auto-MDI. Which type of cable should you use? Crossover Rollover Straight-through Loopback

Crossover Explanation Use a crossover cable to connect a workstation or a router to the uplink port on a switch. Use a straight-through cable to connect the router to a regular switch port. Use a rollover cable to connect a workstation to the console port of a router. Use a loopback plug to allow a device to communicate with itself through its own network adapter.

You need to transfer data from one laptop to another and would like to use an Ethernet cable. You do not have a hub or a switch. Which type of cable should you use? Loopback Crossover Straight-through Rollover

Crossover Explanation Use a crossover cable to connect two devices together in a back-to-back configuration. Use a straight-through cable to connect a workstation to a hub or switch port. Use a rollover cable to connect a workstation to the console port of a router or a switch. Use a loopback plug to allow a device to communicate with itself through its own network adapter.

You have two switches that you need to connect using their uplink ports. The switches do not support auto-MDI. Which type of cable should you use? Straight-through Loopback Crossover Rollover

Crossover Explanation Use a crossover cable to connect two switches through their uplink ports, or to connect the two switches through regular ports. Use a straight-through cable to connect the uplink port on one switch to a regular port on another switch. Use a rollover cable to connect a workstation to the console port of the switch. Use a loopback plug connected to a single port for troubleshooting.

You have decided to implement Gigabit Ethernet on your network. Each switch port is connected to a single device. Following the installation, you find one device connected to a switch that is only running at 100 Mbps. Which of the following are likely causes?

Crosstalk.

Dumpster diving is a low-tech means of gathering information that may be useful in gaining unauthorized access, or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving?

Establish and enforce a document destruction policy

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attacks?

DDoS

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This isan example of which kind of attack?an example of which kind of attack

DDoS

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?

DDoS A DDoS attack is when multiple PCs attack a victim simultaneously and generate excessive traffic, thereby overloading communication channels, or exploiting software flaws.

Which service can you use on your network to automatically assign IP addresses to hosts and to help prevent the same address from being assigned to two different hosts?

DHCP

You have a TCP/IP network with 50 hosts. There has been inconsistant communication problems between hosts. You run a protocol analyzer and discover that two hosts have the same IP address assigned. Which protocol can you implement on your network to help prevent problems such as this?

DHCP

You have a TCP/IP network with 50 hosts. There have been inconsistent communication problems between hosts. You run a protocol analyzer and discover that two hosts have the same IP address assigned. Which protocol can you implement on your network to help prevent problems such as this? IP TCP ICMP DHCP SNMP IGMP

DHCP Explanation You can use the Dynamic Host Configuration Protocol (DHCP) to set up a DHCP server that will assign IP addresses automatically to network hosts. DHCP servers will not assign the same IP address to two different hosts.

You have a network with 50 workstations. You want to automatically configure workstations with the IP address, subnet mask, and default gateway values. Which device should you use?

DHCP Server.

You have a network with 50 workstations. You want to automatically configure workstations with the IP address, subnet mask, and default gateway values.

DHCP server

A switch is associated with which OSI model layer? Transport Network Data Link Physical

Data Link Explanation Switches are associated with the Data Link layer of the OSI model. Switches examine the device address in the packet and forward messages directly to that device.

Your company purchases a new bridge, which filters packets based on the MAC address of the destination computer. On which layer of the OSI model is this device functioning? Data Link Transport Presentation Session

Data Link Explanation The bridge is operating at the Data Link layer.

Which of the following are functions of the MAC sublayer? (Select two.) Mapping hardware addresses to linklayer addresses Defining a unique hardware address for each device on the network Creating routing tables based on MAC addresses Letting devices on the network have access to the LAN

Defining a unique hardware address for each device on the network Letting devices on the network have access to the LAN Explanation The MAC sublayer defines a unique MAC or datalink address for each device on the network. This address is usually assigned by the manufacturer. The MAC sublayer also provides devices with access to the network media.

You are using a vulnerability scanner that conforms to the OVAL specifications. Which o the following items containing a specific vulnerability or security issue that could be present on a system?

Definition

Which of the following describes the point where the service provider's responsibility ends and the customer's responsibility begins for installing and maintaining wiring and equipment? A Smart jack B tor C Punchdown block D Vertical cross connect E Demarc

Demarc

When conducting a forensic investigation, and assuming that the attack has been stopped, which of the following actions should you perform first?

Document what's on the screen

When conducting a forensic investigation, and assuming that the attack has been stopped, which of the following actions should you perform first?

Document whats on the screen

A switch running STP is in a learning state. A message destined for a different network segment arrives at the switch. Which of the following best describes what the switch will do?

It uses the source MAC address and network segment information to build its bridge database, but does not forward the message

Which of the following cellular types use MIMO to increase 3G data throughput? (Select two.)

LTE HSPA+

You are reviewing the output of the show interfaces command for the Gi0/1 interface on a switch. Which interface statistic displays the number of collisions that occurred after the 64th byte of the frame was transmitted?

Late collisions

You manage a server that runs your company Web site. The Web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that a second server can respond to requests for Web site content. Which solution should you implement?

Load balancing

You have a Web site that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before the performance is negatively impacted. Which tool should you use?

Load tester

Which of the following controls is an example of a physical access control method?

Locks on doors

The UDP transport protocol provides which of the following features? (Select all that apply.) Guaranteed delivery Low overhead Sequence numbers and acknowledgements Connectionless datagram services

Low overhead Connectionless datagram services Explanation UDP is a connectionless protocol used by applications that need low overhead and do not require guaranteed delivery.

Which of the following features on a wireless network allows or rejects client connections based on the hardware address?

MAC address filtering

Match the port security MAC address type on the left with its description on the right

MAC address manually identified as an allowed address SecureConfigured MAC address that has been learned and allowed by the switch SecureDynamic MAC address that is manually configured or dynamically learned that is saved in the config file SecureSticky

Which of the following do switches and wireless access points use to control access through the device?

MAC filtering Both switches and wireless access points are layer 2 devices, meaning they use the MAC address for making forwarding decisions. Both devices typically include some form of security that restricts access based on the MAC address.

which of the following attacks, if successful, causes a switch to function like a hub?

MAC flooding

Which two of the following tasks do routers perform? Control access to the transmission media Identify devices through hardware addresses Maintain information about paths through an internetwork Multiplex signals onto the same transmission media Route data based on logical network addresses Route data based on hardware device addresses

Maintain information about paths through an internetwork Route data based on logical network addresses Explanation Routers build and maintain tables of routes through an internetwork, and deliver data between networks based on logical network addresses.

What is the primary goal of business continuity planning?

Maintaining business operations with reduced or restricted infrastructure capabilities or resources

What is the primary goal of business continuity planning?

Maintaining business operations with reduced or restricted infrastructure capabilities or resources.

You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activities on the disk to see what kind of information it contains. What should you do first?

Make a bit-level copy of the disk

You have been asked to implement a network infrastructure that will accommodate failed connections. Which of the following network typologies provide redundancy for a failed link?

Mesh

You have implemented an ad-hoc wireless network that doesn't employ a wireless access point. Every wireless network card can communicate directly with any other wireless network card on the network. What type of physical network topology has been implemented in this type of network?

Mesh

You want to implement a fault tolerant topology as you interconnect routers on your wide area network. Which of the following would meet your needs?

Mesh

You want to implement a fault tolerant topology as you interconnect routers on your wide area network. Which of the following would meet your needs? Bus Ring Mesh Star

Mesh Explanation A mesh topology has multiple connections at each node, increasing connectivity fault tolerance. None of the other topologies have native fault tolerance built in.

You have been asked to implement a network infrastructure that will accommodate failed connections. Which of the following network topologies provides redundancy for a failed link? Star Mesh Bus Ring

Mesh Explanation In a mesh topology, each network device is interconnected to all other network nodes. This creates multiple data paths and in the event of a failed link, the data has an alternate route to arrive at its destination. The star topology connects network devices to the network with a single patch cable and the failure of a patch cable will make the connected device unavailable. The bus topology has a single point of failure, if there is a break in the network media, the network will be unavailable. A single break in a physical ring topology will disable the network.

You have implemented an adhoc wireless network that doesn't employ a wireless access point. Every wireless network card can communicate directly with any other wireless network card on the network. What type of physical network topology has been implemented in this type of network? Mesh Ring Star Tree Bus

Mesh Explanation This type of network uses a physical mesh topology. The key characteristics of a mesh topology are: • There's no central connecting point. • Any host can communicate directly with any other host on the network. A mesh network, such as this one, is usually impractical on a wired network. Each host would have to have a separate, dedicated network interface and cable for each host on the network. However, a mesh topology can be implemented with relative ease on a wireless network due to the lack of wires.

You have a network that uses a logical bus topology. How do messages travel through the network?

Messages are broadcast to all devices connected to the network

You have a network that uses a logical bus topology. How do messages travel through the network? Messages are broadcast to all devices connected to the network. Messages travel from one device to the next until they reached the destination device. Messages are sent to a central device which then forwards the message to the destination device. Messages are sent directly to the correct destination device.

Messages are broadcast to all devices connected to the network. Explanation Messages sent using a physical bus topology are broadcast to all devices in the network. The device in the middle of the star (typically a hub), receives the message and forwards it on to all other devices.

You have a network that uses a logical ring topology. How do messages travel through the network?

Messages travel from one device to the next until they reached the destination device

Which tool would you use in Windows Vista/7 to manage network connections?

Network and Sharing Center

Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?

Network based firewall

You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part of your security plan, you would like to implement scanning of e-mails for all users. You want to scan the e-mails and prevent any e-mails with malicious attachments from being received by users. Your solution should minimize administration, allowing you to centrally manage the scan settings. Which solution should you use?

Network based firewall A network-based firewall inspects traffic as it flows between networks. For example, you can install a network-based firewall on the edge of your private network that connects to the Internet and scans all incoming e-mail. Scanning e-mail as it arrives at your e-mail server allows you to centralize management and stop malicious e-mails before they arrive at client computers.

You manage a network of multiple subnets connected to the Internet. A user reports that she can't access the Internet. You investigate the problem and find that she can access all hosts on the private network, but no hosts on the Internet. Which of the following is likely the cause of the problem?

Missing default route on a router.

You manage a network with multiple subnets connected to the Internet. A user reports that she can't access the new server used in the accounting department. You check the problem and find out that her computer cannot access any server on the subnet, however the computer does access other computers on other subnets as well as the Internet. Which of the following is most likely the cause of the problem?

Missing route on the default gateway router.

When recovery is being performed due to a disaster, which services are to be stabilized first?

Mission critical The services to be restored first are mission critical services. If mission critical services are not restored within their maximum tolerable downtime, the organization is no longer viable.

To access the Internet through the PSTN, what kind of connectivity device must you use?

Modem

To access the Internet through the Publicly Switched Telephone Network (PSTN), what kind of connectivity device must you use?

Modem

Which of the following protocols is non-routable and requires another protocol to enable internetwork communications?

NetBOIS

Examine the following output: Active Connections Proto Local Address Foreign Address State TCP SERVER1:1036 localhost:4832 TIME_WAIT TCP SERVER1:4798 localhost:1032 TIME_WAIT TCP SERVER1:1258 pool-141-150-16-231.mad.east.ttr:24076 CLOSE_WAIT TCP SERVER1:2150 cpe-66-67-255-118.roc.res.rr.com:14100 ESTABLISHED TCP SERVER1:268 C872c-032.cpe.net.cale.rers.com:46360 ESTABLISHED TCP SERVER1:2995 ip68-97-96-186.ok.ok.cox.net:23135 ESTABLISHED Which of the following utilities produced this output?

Netstat

Examine the following output: Active Connections Proto local address foreign address state Which of the following utilities produced this output?

Netstat

Which TCP/IP utility gives you the following output? Active Connections Proto/ local address/ foreign address/ state

Netstat -a

Which command displays network activity statistics for TCP,UDP, and IP?

Netstat -s

In troubleshooting a router, you want to identify which other devices... Which type of document would most likely have this information?

Network diagram

In troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet addresses of each connected subnet. Which type of document would most likely have this information?

Network diagram.

Which network component connects a device to the transmission media and allows it to send and receive messages?

Network interface card

Which network component connects a device with the transmission media and allows it to send and receive messages? Client Network interface card Peripheral Protocol Server

Network interface card Explanation The network interface card (NIC) allows a device to send and receive messages over the transmission media.

At what OSI layer does a router operate to forward network messages? Network Session Physical Data Link Transport

Network Explanation A router uses the logical network address specified at the Network layer to forward messages to the appropriate LAN segment. A bridge, on the other hand, uses the MAC address and works at the Data Link layer.

You want to identify all devices on a network along with a list of open ports on those devices. You want the results displayed in a graphical diagram. Which tool should you use?

Network Mapper

When configuring an ADSL installation, where should you to install the DSL filters?

On connections leading to an analog phone

You want to be able to access your home computer using Remote Desktop while traveling. You enable Remote Desktop, but you find that you cannot access your computer outside of your home network. What should you do?

Open the firewall port for the Remote Desktop program

You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the Internet. From your work office, you can try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the Internet. Why can't you access the server?

Private addresses are not accessible through the Internet.

You have been hired to troubleshoot a wireless connectivity issue for two separate networks located within a close proximity. Both networks use a WAP from the same manufacturer and all settings, with the exception of SSIDs, remain configured to the default. Which of the following might you suspect as the cause of the connectivity problems?

Overlapping channels

Which of the following associates a port number with a host on a private network? NAT CIDR PAT VLSM

PAT Explanation Port address translation (PAT) associates a port number with the translated address. Use PAT to allow multiple private hosts to share a single public address. Each private host is associated with a unique port number.Technically speaking, NAT translates one address to another. With only NAT, you would have to have a public address for each private host. NAT would associate a single public address with a single private address. Because virtually all NAT routers perform port address translation, most routers that are configured with NAT are really performing PAT. When you use a NAT router, you are normally using PAT and not just NAT. (NAT is typically used synonymously with PAT.) Classless InterDomain Routing (CIDR) allows for non-default subnet masks (variable length subnet mask or VLSM).

Match the authentication factor types on the left with the appropriate authentication factor on the right. Each authentication factor type can be used more than once.

PIN ==> Something you know Smart card ==> Something you have Password ==> Something you know Retina scan ==> Something you are Fingerprint scan ==> Something you are Hardware token ==> Something you have User name ==> Something you know Voice recognition ==> Something you are Wi-Fi triangulation ==> Somewhere you are Typing behaviors ==> Something you do

Which of the following is a mechanism for granting and validating certificates?

PKI Certificates are obtained from a Public Key Infrastructure (PKI). A PKI is a system that provides for a trusted third party to vouch for user identities. A PKI is made up of Certification Authorities (CAs), also called certificate authorities. A CA is an entity trusted to issue, store, and revoke certificates.

Which of the following protocols do e-mail clients use to download messages from a remote mail server?

POP3

Which of the following TCP/IP protocols do email clients use to download messages from a remote mail server? SNMP POP3 SPC FTP SMTP

POP3 Explanation The POP3 protocol is part of the TCP/IP protocol suite and used to retrieve email from a remote server to a local client over a TCP/IP connection. SNMP is a protocol used to monitor network traffic. SMTP is a TCP/IP protocol used to send email. FTP is used to transfer files.

Which of the following describes the lines used in the local loop for dial-up telephone access?

POTS

You are configuring your computer to dial up to the Internet. What protocol should you use?

PPP

Your client has acquired several small companies and would like to connect them together into one network. Not al of the routers are cisco devices and compatibility is a concern. Which WAN encapsulation method should you recommend your client use?

PPP

Which of the following protocols or services is commonly used on cable Internet connections for user authentication?

PPPoE

You have just signed up for Internet access using a local provider that gives you a fiber optic line into your house. From there, the Ethernet and wireless connections are used to create a small network within your home. Which of the following protocols would be used to provide authentication, authorization, and accounting for the Internet connection?

PPPoE

You want to use a protocol that can encapsulate other LAN protocols and carry the data securely over an IP network. Which of the following protocols is suitable for this task?

PPTP

You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose?

PTZ

You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which type of camera should you choose?

PTZ

You have discovered a computer that is connected to your network that was used for an attack. You have disconnected the computer from the network to isolate it from the network and stop the attack. Which should you do next?

Perform a memory dump

Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. What step must be taken to ensure that the information is useful in maintaining a secure environment?

Periodic reviews must be conducted to detect malicious activity or policy violations.

You nee to enable a screen saver password on the Windows 7 workstation in your organization. What CP option should you use to do this?

Personalization

An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information. What kind of exploit has been used in this scenario? (Choose two. Both responses are different names for the same exploit.)

Pharming DNS poisoning

You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use?

Port Scanner

You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug their computers to the free network jacks and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?

Port authentication

You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug their computers to the free network and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?

Port authentication.

You computer has an IP address of 161.13.5.15. Your computer is on a:

Public network

Your computer has an IP address of 161.13.5.15. Your computer is on a: Public network Class C network Private network Multicast network

Public network Explanation Most IP addresses are public IP addresses. However certain ranges have been reserved for private networks. These are: • 10.0.0.0 10.255.255.255 • 172.16.0.0 172.31.255.255 • 192.168.0.0 192.168.255.255 Because your computer's IP address does not fall into these ranges, it is a public IP address.

How can an organization help prevent social engineering attacks?

Publish and enforce clearly written security policies //Educate employees on the risks and countermeasures

When analyzing assets, which analysis method assigns financial values to assets?

Quantitative

You discover that a system on your network has been infected with a worm. What is the best way to prevent the spread of the worm to other systems while you work on removing the worm?

Quarantine the computer

You want to implement 802.1x authentication on your wireless network. Which of the following will be required>

RADIUS

You want to implement 802.1x authentication on your wireless network. Which of the following will be required?

RADIUS

Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access? (Select two.)

RADIUS TACACS+

Which of the following is a platform independent authentication system that maintains a database of user accounts and passwords that centralizes the maintenance of those accounts?

RADIUS The Remote Authentication Dial-In User Service (RADIUS) is an authentication system that allows the centralization of remote user account management.

Which of the following are differences between RADIUS and TACACS+?

RADIUS combines authentication and authorization into a single function; TACACS+ allows these services to be split between different servers.

Which type of device is required to implement port authentication through a switch?

RADIUS server

Which type of device is required to implement port authentication through a switch?

RADIUS server Port authentication is provided by the 802.1x protocol, and allows only authenticated devices to connect to the LAN through the switch. 802.1x requires a RADIUS server (also called an AAA server) to validate the authentication credentials.

You have a small home network connected to the Internet using an RG6 cable. You need to move the router connecting the network to the Internet, but can't find any RG6 cable. Which cable types could you use instead? RG8 or RG58 RG58 or RG59 RG8, RG58, or RG59 RG8 RG59 RG58

RG59 Explanation RG6 has an impedance rating of 75 ohms. When using coaxial cables, it is important to use cables with the same impedance rating. Only RG59 is rated for 75 ohms. RG8 and RG58 are rated for 50 ohms.

Of the following cables, which offer the best protection against EMI? Cat 5e Cat 5 Cat 6e RG6

RG6 Explanation Coaxial cable offers better protection against EMI than twisted pair cables. Coaxial cable has a mesh conductor which provides a ground and protects against EMI. In general, the higher the twisted pair cable standard, the better protection against some forms of EMI (typically crosstalk). For twisted pair, use shielded twisted pair instead of unshielded twisted pair. Use fiber optic for the best protection against EMI.

Which of the following cable classifications are typically used for cable and satellite networking with coaxial cables? (Select two.) RG6 RG8 RG58 RG59

RG6 & RG59 Explanation Both RG6 and RG59 can be used for cable and satellite networking applications, although RG6 has less signal loss than RG59, and is a better choice for networking applications, especially where longer distances (over a few feet) are involved. Both RG6 and RG59 have an impedance rating of 75 ohms. RG8 and RG58 have an impedance rating of 50 ohms and were used with 10 Mbps Ethernet.

F-type connectors are typically used with cables using which of the following standards? (Select two.) RG58 Cat 6e Cat 5e RG6 Cat 5 RG59

RG6 & RG59 Explanation F-type connectors are used with coaxial cable, and are typically used for cable TV and satellite installations using RG6 or RG59 cables. RG58 cables typically use BNC connectors and cables are used for 10Base2 Ethernet. Cat 5, 5e, and 6e cables use RJ45 connectors.

Which of the following protocols has a limit of 15 hops between any two networks? BGP EIGRP OSPF RIP ISIS

RIP Explanation RIP networks are limited in size to a maximum of 15 hops between any two networks. A network with a hop count of 16 indicates an unreachable network. The other routing protocols do not use the hop count as the metric. EIGRP uses bandwidth and delay for the metric. OSPF and ISIS use a relative link cost. BGP uses paths, rules, and polocies for the metric.

What is the main difference between RIP and RIPv2? RIP has a limit of 15 hops, while RIPv2 increases the hop count limit. RIP is a distance vector protocol, while RIPv2 is a link state protocol. RIP is a classful protocol, while RIPv2 is a classless protocol. RIP use the hop count for the metric, while RIPv2 uses a relative link cost.

RIP is a classful protocol, while RIPv2 is a classless protocol. Explanation RIP v1 is a classful protocol, meaning that the subnet mask is not included in routing updates. With RIP, only the default subnet mask is used to identify networks. RIP v2 is a classless protocol, meaning that the subnet mask is included in routing updates. RIPv2 supports variable length subnet masks (VLSM). Both RIP and RIPv1 are distance vector protocols and use the hop count for the metric. RIP and RIPv2 have a limit of 15 hops between any two networks.

Which of the following statements about RIP is true? RIP uses hop counts as the cost metric. RIP is the routing protocol used on the Internet. RIP is suitable for large networks. RIP is a link state routing protocol.

RIP uses hop counts as the cost metric. Explanation RIP is a distance vector routing protocol. As such, it is susceptible to the count-to-infinity problem. RIP uses the hop count as the cost metric. Because it has a limitation of 15 hops in one route, it is not suited for large networks.

Which kind of connector do you use to connect a modem to a standard telephone line?

RJ-11

Which type of connector do you use to connect a modem to a standard telephone line?

RJ-11

Which of the following standards is typically used in a rollover cable?

RJ-232

Which connector is used with unshielded twisted pair (UTP) cable?

RJ-45

Which of the following are requirements of the 1000BaseT Ethernet standards?(3 answers)

RJ-45 connectors The cable length must be less than or equal to 100m CAT 5e cabling

Which of the following are requirements of the 1000BaseT Ethernet standards? (Select three.) SC or ST connectors RJ45 connectors Fiber optic cable CAT 5 cabling The cable length must be less than or equal to 100m The cable length must be less than or equal to 1000m

RJ45 connectors CAT 5 cabling The cable length must be less than or equal to 100m Explanation Gigabit Ethernet (1000BaseT) has similar requirements to 100BaseT with connectors, cabling, and distances. The network cards are simply designed to transfer data ten times as fast.

Which of the following standards is typically used in a rollover cable? RS-232 RG-58 RG-6 R-J11

RS-232 Explanation A rollover cable has a serial connector on one end and an RJ-45 connector on the other end. RS-232 is the standard for serial communications. RJ-11 connectors are used for analog telephone lines. RG-6 and RG-58 are coaxial cable standards.

You need to configure spanning tree on a Cisco switch. You'd like to use a protocol that confirms to the 802.1w standards. Which protocol should you use?

Rapid PVST+

You need to find out what kind of laws might apply to the design and operation of your network. Which type of document would you consult?

Regulation.

Which three of the following functions are performed by the OSI Transport layer? Reliable message delivery Format packets for delivery through the media Data segmentation and reassembly End-to-end flow control Path identification and selection Control media access, logical topology, and device identification Consistent data formatting between dissimilar systems

Reliable message delivery, Data segmentation and reassembly, & End-to-end flow control Explanation The Transport layer is responsible for taking upperlayer data, breaking it into segments, and providing for reliable communications through end-to-end flow control and error correction and detection. Transmitting messages through the media is performed at the Physical layer. Media access, logical topology, and device identification occurs at the Data Link layer. Path identification and selection is a function of the Network layer. Data formatting is performed at the Presentation layer.

Which of the following topologies connects each device to a neighboring device? Bus Tree Ring Star

Ring Explanation In ring topologies, each device is connected to a neighboring device, until a ring is formed.

In which of the following topologies does each device on the network act as a repeater, sending the signal to the next device? Bus Tree Star Ring

Ring Explanation In ring topologies, each device on the network acts as a repeater to send the signal to the next device.

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. What type of security risk is this?

Rogue access point

You have purchased a new router that you need to configure. You need to connect a workstation to the router's console port to complete the configuration task. Which type of cable would you most likely use?

Rollover

You have purchased a new router that you need to configure. You need to connect a workstation to the router's console port to complete the configuration tasks. Which type of cable would you most likely use? RG6 Straight-through Crossover Rollover

Rollover Explanation Use a rollover cable to connect a workstation to the console port of a router or a switch. The rollover cable has an RJ45 connector on one end to connect to the console port, and a serial connector on the other end to connect to the serial port of the workstation. You then run a terminal emulation program on the workstation to connect to the console of the router or switch to perform configuration and management tasks. Use a straight-through or crossover Ethernet cable to connect devices using the Ethernet RJ45 ports. An RG6 cable is a coaxial cable.

You have heard about a new malware program that presents itself to users as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to various operating system components. The program then tracks system activity and allows an attacker to remotely gain administrator access to the computer. Which of the following term best describes this software?

Rootkit

Which of the following connectors usually require polishing as part of the assembly process? (Select two.) BNC SC ST IDC AUI

SC & ST Explanation The fiber optic cable assembly process is more complex than other assemblies. It is necessary to polish the exposed fiber tip to ensure that light is passed on from one cable to the next with no dispersion.

Which of the following is an example of smart technology embedded within networked devices associated with automated factory equipment?

SCADA systems

Which of the following protocols are used by VoIP to set up, maintain, and terminate a phone call?

SIP

Which of the following protocols is used by VoIP to set up, maintain, and terminate a phone call? TLS SIP NTP RTP SSH

SIP Explanation The Session Initiation Protocol (SIP) is used to set up, maintain, teardown, and redirect the call. The Real-Time Transport Protocol (RTP) contains the actual voice data. SSH is used for secure remote administration of a network device. TLS is used to add security to other protocols. NTP is used for synchronizing clocks on network devices.

Which of the following protocols are used with VoIP? (Select two.) SNMP SIP SMTP RTP NTP

SIP & RTP Explanation Voice over IP (VoIP) uses the following protocols: • Real-Time Transport Protocol (RTP) packets contain the actual voice data. • Session Initiation Protocol (SIP) is used to set up, maintain, teardown, and redirect the call. NTP is used for synchronizing time between devices. SNMP is used by devices for sending configuration information. SMTP is used for sending email.

You've used your Windows workstation to map a drive to a shared folder on a Windows server. Which protocol was used to access the share?

SMB

What protocol sends email to a mail server? SNMP POP3 SMTP FTP TFTP

SMTP Explanation SMTP sends email to a mail server.

Your company has just acquired another company in the same city. You are given the task of integrating the two email systems so that messages can be exchanged between the email servers. However, each network uses an email package from a different vendor. Which TCP/IP protocol will enable messages to be exchanged between systems? IMAP4 SMTP ICMP POP3 FTP

SMTP Explanation The Simple Mail Transfer Protocol (SMTP) specifies how messages are exchanged between email servers. POP3 and IMAP4 are used by email clients to download email messages from email servers. FTP is a file transfer protocol. ICMP is used in ping and traceroute for communicating network communication information.

Which of the following is an WAN technology that allows for interoperability of vendor hardware for fiber optic networking?

SONET

Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet?

SSH

Which of the following network services or protocols uses TCP/IP port 22

SSH

Which of the following network services or protocols uses TCP/IP port 22?

SSH

A switch receives a frame addressed to the MAC address FF:FF:FF:FF:FF:FF. What will the switch do with the frame?

Send it out all ports except for the port it was received on

An 8-port switch receives a frame on port number 1. The frame is addressed to an unknown device. What will the switch do?

Send the frame out ports 2-8

An 8-port switch receives a frame on port number 1. The frame is addressed to an unknown device. What will the switch do? Send the frame out the destination port. Drop the frame. Send the frame out ports 2-8. Send the frame out all 8 ports.

Send the frame out ports 2-8. Explanation Because the switch does not know the port that is used to reach the destination device, it will send the frame out all ports except for the port on which the frame was received. After the switch learns the port that is used to reach the destination device, it will send the frame out only that port.

A healthcare organization provides mobile clinics throughout the world and needs to transfer patient statistical data to a central database via the Internet. Which network technology should you select to ensure network connectivity for any clinic located anywhere in the world, even remote areas?

Satellite

A healthcare organization provides mobile clinics throughout the world. Which network technology should you select to transfer patient statistical data to a central database via the Internet to ensure network connectivity for any clinic located anywhere in the world, even remote areas?

Satellite

Which of the following is the most susceptible to interference related to atmospheric conditions?

Satellite

You have installed anti-virus software on the computers on your network. You update thedefinition and engine files, and configure the software to update those files every day. What else should you do to protect your systems from malware?(Select two.)

Schedule regular full system scans. Educate users about malware.

Which of the following connectors is typically used on one end of a rollover cable? ST BNC F-type Serial LC SC

Serial Explanation A rollover cable has a serial connector on one end and an RJ45 connector on the other end. Alternatively, it might have an RJ45 connector on both ends, and a serial converter is used to convert from the RJ45 connector to a serial connector. BNC and F-type connectors are used with coaxial cables. ST, SC, and LC connectors are used with fiber optic cables.

Which of the following protocols is used during the call control process of multimedia communications?

Session Initiation Protocol

Mobile devices in your organization us the access point shown in the figure below to connect to your wireless network. what should you do. select two

Set the channel used by access pint B to 8 Set the access point B to sue 802.11n wireless network

You want to implement an Ethernet network at very long distances using fiber optic cables. Which standard and cable type would you choose?(2 answers)

Single Mode Fiber 1000BaseLX

Users report that the Internet is no longer accessible. You suspect that the line connecting your building to the Internet is not working properly. Which of the following allows the service provider to remotely test the local loop

Smart jack.

Users report that the Internet is no longer accessible. You suspect that the line connecting your building to the Internet is not working properly. Which of the following allows the service provider to remotely test the local loop?

Smart jack.

Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?

Smurf

Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?

Smurf Smurf is a form of denial of service attack which uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network.

Which of the following are denial of service attacks? (Select two.)

Smurf Fraggle

Which type of social engineering attack uses peer pressure to persuade someone to help an attacker?

Social validation

Which type of malicious activity can be described as numerous unwanted and unsolicited email messages sent to a wide range of victims?

Spamming

Which of the following features dynamically places switch ports in blocking or forwarding states?

Spanning tree

You manage a network that uses multiple switches. You want to provide muliple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support?

Spanning tree

You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active patch between any two switches?

Spanning tree

Match each Interoperability Agreement document on the left with the appropriate description on the right. Each document may be used once, more than once, or not at all.

Specifies exactly which... - SLA Creates an agreement... - BPO Provides a summary of... - MOU Documents how the... - ISA Defines how disputes... - SLA Specifies a present... - BPO

You are configuring the DHCP Relay Agent role service on a Windows server. Which of the following is a required step for the configuration?

Specify which server network interface the agent listens on for DHCP messages.

One method of preventing routing loops is to not send information about a route back to the router from which the information came. What is this technique called?

Split horizon

A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received in the Internet-facing interface. This is an example of what form of attack? (#1)

Spoofing

Which of the following best describes the purpose of using subnets?

Subnets divide an IP network address into multiple network addresses.

Which of the following best describes the purpose of using subnets? Subnets let you connect a private network to the Internet. Subnets place each device within its own collision domain. Subnets combine multiple IP network addresses into one network address. Subnets divide an IP network address into multiple network addresses.

Subnets divide an IP network address into multiple network addresses. Explanation Subnets divide an IP network address into multiple network addresses. This allows you to have several smaller networks while using only one network address.

You manage a subnet that uses the following subnet address: 198.162.1.0/23. Which of the following best describes how addressing is configured for the subnet? Supernetting Private Subnetting Classful

Supernetting Explanation The subnet address 198.162.1.0/23 is an example of a supernetted address. With supernetting, multiple smaller subnets are combined into a single larger subnet. Supernetting is performed by taking the default subnet mask and making it smaller (using less bits). For this address, the default subnet mask uses 24 bits (255.255.255.0). With supernetting, the mask is altered to use only 23 bits (255.255.254.0) to combine multiple subnets together. Subnetting is the process of dividing a larger network into smaller networks. With the subnet address in this example, a subnetted address would use a larger subnet mask (using more bits). A subnetted address might use 25 bits (255.255.255.128) or more to subdivide the network into multiple smaller subnets. Sometimes the term subnetting can be used to refer to both subnetting and supernetting, but in this example, supernetting better describes what is being done. Classful addressing uses the default subnet mask based on the address class. If classful addressing were used, the subnet would use a 24 bit mask. Private addresses are within the following ranges: • 10.0.0.1 to 10.255.255.254 • 172.16.0.1 to 172.31.255.254 • 192.168.0.1 to 192.168.255.254

You manage a subnet that uses the following subnet address: 198.162.1.0/23. Which of the following best describes how addressing is configured for the subnet?

Supernetting.

A VPN is used for what purpose?

Support secured communications over an untrusted network

A VPN is used primarily for what purpose?

Support secured communications over an untrusted network.

Which of the following are characteristics of MPLS?

Supports variable-length data units. Adds labels to data units.

Which of the following is the least effective power loss protection for computer systems?

Sure protector

Which of the following LAN devices receives a signal on one port, and the forwards that signal only to the port where the destination device is connected?

Switch

You want to reduce collisions by creating separate collision domains and virtual LANs. Which of the following devices should you choose?

Switch

What device is used to create a physical star topology? Switch Firewall Bridge Router

Switch Explanation A physical star topology uses a switch or a hub. Routers are used to connect multiple subnets together. A firewall is a router that performs filtering on packets or other information contained in network communications.

Which of the following devices operate at OSI model layer 2? (Select two.) Network interface card Firewall Switch Hub Repeater Router

Switch & Network interface card Explanation A network interface card and a switch operate at layer 2 (Data Link) of the OSI model. Layer 2 includes protocols that define the MAC address. The MAC address is burned into the network interface card, and a switch uses the MAC address to make forwarding decisions. A hub or a repeater operate at layer 1; they regenerate a signal without looking at layer 2 or layer 3 information. A router operates at layer 3, using the IP address to make forwarding decisions. A firewall operates at layer 3 or higher, using packet or data contents for making filtering decisions.

When configuring VLANs on a switch, what is used to identify VLAN membership of a device?

Switch port

Which of the following statements accurately describes a VLAN ID?

Switches append a VLAN ID to the header of each frame to identify the virtual network to which it belongs.

Which of the following protocols can be used to centralize remote access authentication?

TACACS

Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access?

TACACS+ RADIUS

Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access? select two

TACACS+ RADIUS

You have a small wireless network that uses multiple access points. The network currently uses WPA. You want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop?

TKIP encryption Preshared key

Which of the following statements about DSCP are true? select two

The DiffServ field is used to add precedence values Classification occurs at layer 3

You have a small network connected to the Internet as shown in the Exhibit. You need to configure the default gateway address on Wrk1 so that it can communicate with the hosts on the Internet. Which address would you use for the default gateway address?

The IP address assigned to Fa0/0 on Router 1

You are a security consultant and an organization has hired you to review their security measures. They are chiefly concerned that they could become the victims of a social engineering attack. What should you recommend they do to mitigate the risk?

Teach users how to recognize and respond to social engineering attacks

Which of the following Denial of Service (DoS) attacks does the victim's system rebuild invalid UDP packets, causing the system to crash or reboot?

Teardrop

What is the primary purpose of penetration testing?

Test the effectiveness of your security perimeter

Consider the network shown in the exhibit. You have been experiencing intermittent connectivity issues with switch2. To check the status of the interfaces you run the following commands: What is the issue with this network?

The device connected to the Fa0/1 interface has auto-negotiation disabled.

A network is connected following the IEEE 802.3 specifications. Which of the following best describes when a device can transmit messages?

The device listens to determine if the transmission media is free.

A network is connected following the IEEE 802.3 specifications. Which of the following best describes when a device can transmit messages? The device is notified of its turn to send messages. The device requests permission from a controlling device. The device with the token can use the transmission media. The device transmits whenever it is ready. The device listens to determine if the transmission media is free.

The device listens to determine if the transmission media is free. Explanation The IEEE 802.3 committee describes the CSMA/CD media access method. Devices listen to the network to determine if the transmission media is free before transmitting.

Consider the network shown in the exhibit. You have been experiencing intermittent connectivity issues with switch2. To check the status of the interfaces, you run the following commands: Switch2#show interfaces fa0/1 status

The devices connected to fa0/1 interface has auto negotiation disabled

Which of the following describe the EDGE cellular technology? (select two.)

The first Internet compatible technology Offers speeds of 400-1,000 Kbps

What information does the next hop entry in a routing table identify?

The first router in the path to the destination network.

What information does the next hop entry in a routing table identify? The first router in the path to the destination network. The number of routers that the packet must go through to reach the destination network. The last router in the path to the destination network. A backup router that is used for forwarding packets addressed to unknown networks.

The first router in the path to the destination network. Explanation The next hop router is the first (or next) router in the path to the destination network. Each router looks at the destination network in the packet, then consults the routing table to identify the next hop router to the destination network. The hop count identifies the number of routers in the path to the destination network. A default gateway router is a router that is used for packets used to external networks. Most routers do not have a default gateway setting, but instead use a default route setting which identifies a next hop router for all unknown networks.

Which of the following are true using multiple VLANS on a single switch? select two

The number of broadcast domains increases The number of collision domains remain the same

What device sends signals from a computer onto a network? Router Transceiver Cable Gateway

Transceiver Explanation A transceiver (short for transmitter/receiver) sends signals to and receives signals from the network. It translates the parallel data stream of the computer to the serial data stream of the network and vice versa. Most transceivers are now built into network interface cards (NICs).

Purchasing insurance is what type of response to risk?

Transference

Purchasing insurance is what type of response to risk?

Transference An organization can transfer risk through the purchase of insurance. When calculating the cost of insurance and the deductible, balance the cost against the expected loss from the incident.

Match each WIFI jamming attach on the left with its corresponding description on the right.

Transmits radio signals at random amplitudes and frequencies/ Random noise jamming Transmits pulses of radio signals at random amplitudes and frequencies/Random pulse jamming Repeatedly transmits high-intensity, short-duration RF burst at a rapid pace/ Spark jamming

Which OSI Model layer is responsible for guaranteeing reliable message delivery?

Transport

Which OSI model layer is responsible for guaranteeing reliable message delivery? Transport Application Data Link Session

Transport Explanation The Transport layer is responsible for connection services that provide reliable message delivery through error detection and correction mechanisms. Specifically, the TCP protocol provides these services. The Application layer integrates network functionality into the host operating system, and enables network services. The Session layer's primary function is managing the sessions in which data is transferred. The Data Link layer defines the rules and procedures for hosts as they access the Physical layer.

Which security protocols use RSA encryption to secure communications over an untrusted network? (Select two.)

Transport Layer Security Secure Sockets Layer

Which of the following are characteristics of SONET?

Transport protocol used for other traffic types. Dual counter-rotating fiber optic rings.

What is a program that appears to be legitimate application, utility, game, or screensaver and that performs malicious activities surreptitiously?

Trojan Horse

You are installing a satellite connection so your home office can connect to the Internet. Which of the following statement is true?

The satellite dish must be pointed in the correct direction for communicating with the satellite

You need to provide DHCP and file share services to a physical network. These services should be deployed using virtualization. Which type of virtualization should you implement? Virtual networks Network as a Service (NaaS) Virtual servers Virtual desktops

Virtual servers Explanation Server virtualization runs multiple instances of a server operating system on a single physical computer. With server virtualization, you can migrate servers on older hardware to newer computers, or add virtual servers to computers with extra unused hardware resources. Virtual desktops do not provide DHCP services. Virtual networks allow virtual servers and desktops to communicate with each other, and they can also allow communication (via the host operating system) to network devices out on the physical network. Network as a Service (NaaS) servers and desktops that are all virtualized and managed by a contracted third-party.

You need to provide DHCP and file sharing services to a physical network. These services should be deployed using virtualization. Which type of virtualization should you implement?

Virtual servers.

Which component is most likely to allow physical and virtual machines to communicate with each other?

Virtual switch

Which component is most likely to allow physical and virtual machines to communicate with each other? Host operating system Virtual desktop Virtual switch VHD

Virtual switch Explanation Virtual switches allow multiple virtual servers and/or desktops to communicate on virtual network segments and/or the physical network. Virtual switches are often configured in the hypervisor. A virtual hard disk (VHD) is a file that is created within the host operating system and that simulates a hard disk for the virtual machine. A physical machine (also known as the host operating system) has the actual hardware in place on the machine, such as the hard disk drive(s), optical drive, RAM, motherboard, etc. A virtual desktop is a virtual machine in a software implementation of a computer that executes programs like a physical machine.

Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients?

WEP, WPA Personal, and WPA2 Personal

Which of the following wireless security methods uses common shared key configured on the wireless access point and all wireless clients?

WEP, WPA Personal, and WPA2 Personal

What is the risk associated with smart technology used in network devices such as smart refrigerators, environmental controls, or industrial equipment?

They are vulnerable to exploits due to weaker security.

Which of the following are characteristics of an MT-RJ fiber optic connector? (Select two.) They are used with multifiber fiber optic ribbon cables. They use a nickel-plated housing. They can be used with multimode fiber optic cables. They use a keyed bayonet. They must never be used with singlemode fiber-optic cables. They use metal guide pins to ensure accurate alignment.

They can be used with multimode fiber optic cables. They use metal guide pins to ensure accurate alignment. Explanation MTRJ connectors can be used with either multimode or single-mode fiber optic cabling. The connector is made from plastic and uses metal guide pins to ensure it is properly aligned in the jack.

You have a WAN link that connects two sites. The WAN link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link. Which tool should you use?

Throughput tester.

When using Kerberos authentication, which of the following terms is used to describe the token that verifies the identity of the user to the target system?

Ticket The tokens used in Kerberos authentication are known as tickets. These tickets perform a number of functions including notifying the network service of the user who has been granted access, and authenticating the identity of the person when they attempt to use that network service.

What purpose does a wireless site survey serve? select two

To Identify existing or potential sources of interference To identify the coverage area and preferred placement of access points.

Which of the following are good reasons to enable NAT?

To translate between Internet IP addresses and the IP addresses on your private network

Which of the following is an example of three-factor authentication?

Token device, keystroke analysis, cognitive question

Which of the following is an example of three-factor authentication?

Token device, keystroke analysis, cognitive question Three-factor authentication uses three items for authentication, one each from each of the authentication types: • Type I (something you know, such as a password, PIN, pass phrase, or cognitive question) • Type II (something you have, such as a smart card, token device, or photo ID) • Type III (something you are, such as fingerprints, retina scans, voice recognition, or keyboard dynamics)

You need to trace the route a Cat 6 UTP cable takes through the ceiling and walls of your building. Which tool should you use?

Tone probe

You manage a server that runs your company Web site. The Web site includes streaming video that shows features of some of your products. The link connecting your server to the Internet charges based on bandwidth use. When the bandwidth spikes, so does your bill. You would like to implement a solution to prevent the amount of traffic sent over the WAN link from exceeding a specific level. Which solution should you implement?

Traffic shaper

You have just installed anti-virus software on all computers on your company networks. Which additional actions should you take yo help protect systems from malicious software? (2)

Train users to scan removable storage devices before copying files. // Train users to update the virus definition files frequently

You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature allows the switches to pass VLAN traffic between the switches?

Trunking

What is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment but which actively prevents re-entrance through the exit portal?

Turnstiles Turnstiles allow easy egress from a secured environment but actively prevent re-entrance through the exit portal. Turnstiles are a common exit portal used in conjunction with entrance portal mantraps. A turnstile cannot be used to enter into a secured facility as it only functions in one direction.

Which type of biometric authentication uses the ridges of your skin?

fingerprint

What provides security for wireless networks?

WPA2

You need to add security for your wireless network. You would like to use the most secure method. Which method should you implement.

WPA2

You need to add security for your wireless network. You would like to use the most secure method. Which method should you implement?

WPA2

Which TCP/IP utility gives you the following output? Ethernet adapter Local Area Connection: connection-specific dns suffix . :testout.com

ipconfig

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. What should you do? Manually reconfigure the default route to point to the new next hop router. Stop and restart the RIP protocol on the router. Wait for convergence to take place. Force RIP to perform an immediate update.

Wait for convergence to take place. Explanation When using a routing protocol, changes in routing information take some time to be propagated to all routers on the network. The term convergence is used to describe the condition when all routers have the same (or correct) routing information. Static routes in the routing table must be updated manually. Restarting RIP might actually increase the time required for changes to be learned. Forcing an update (if the router supports it) is not a requirement as the periodic sharing of routes will eventually update the routing table entry.

Which of the following are characteristics of Teredo tunneling?

Works through NAT dual stack hosts tunnel endpoints configured on hosts

Install a network virus detection software solution.

You have worked as the network administrator for a company for seven months. One day all picture files on the server become corrupted. You discover that a user downloaded a virus from the Internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss is adamant that this situation does not reoccur. What should you do?

You are implementing a DHCP server for your segment. Your segment's IP address is 192.168.1.0. Your default gateway address is 192.168.1.254. Your DNS server address is 192.168.1.1. Your default gateway is configured as a NAT router to translate addresses between network segments. YOu configured the 03 Router option on your DHCP server so it can deliver the IP address of the default gateway to workstations. After configuring your workstations to get their IP address information dynamically, your users complain that they are unable to access web sites on the Internet. How can you resolve this problem?

You must configure your DHCP server with an option that delivers the IP address of the DNS server (Option 06).

You are talking with a customer support technician on the telephone. The technician recommends downloading a particular driver from Internet. When you try to connect to the Internet using your modem, you can't What is the problem?

You need to hang up

Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack?

Zero knowledge team A zero knowledge team is a penetration testing team which most closely simulates a real-world hacker attack as they must perform all of the initial blind reconnaissance.

Which TCP/IP utility gives you the following output? interface: 192.168.4.101 on interface 0x3 internet address physical address type 192.168.1.23 00-d1-b6-b7-c2-af dynamic

arp

Which of the following tools would you use to view the MAC addresses associated with IP addresses that the local workstation has contacted recently?

arp

Which TCP/IP utility gives you the following output? Interface: 192.168.4.101 on Interface 0x2 Internet Address Physical Address Type 192.168.1.102 00-60-08-bd-62-5a dynamic

arp-a

Which TCP/IP utility gives you the following output? Interface: 192.168.4.101 on Interface 0x3 Internet Address Physical Address Type 192.168.1.23 00-d1-b6-b7-c2-af dynamic

arp.

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. the router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. what should you do.

wait for convergence to take place.

Which of the following utilities would you use to view the routing table?

route.

you are troubleshooting physical layer issues with Gi0/1 interface in a router. you need to view and analyze the number of collisions detected on the interface

show interfaces Gi0/1

You are troubleshooting physical layer issues with the G0/1 interface on a router. You suspect a duplex mismatch error has occurred and need to determine the duplex settings configured on the interface. Which commands should you use?

show interfaces gi0/1 show interfaces gi0/1 status

The network board in a workstation is currently configured as follows:

show running-config interface show interface

Which feature prevents switching loops and ensures there is only a single active path between any two switches?

spanning trees

While troubleshooting a problem on a Linux system, you run a utility that generates the following output: 5 s3232.gw.seat.someisp.net (63.201.72.9) 38.433 ms 38.713 ms 39.085 ms

traceroute

While working on a Linux server, you are unable to connect to Windows Server 2003 system across the Internet. You are able to ping the default gateway on your own network, so you suspect the problem lies outside the local network. Which utility would you use to trace the route a packet takes as it crosses the network?

traceroute.

Examine the following output: 4 22 ms 21 ms 22 ms sttlawa01gr02.bb.ispxy.com [154.11.10.62] 5 39 ms 39 ms 65 ms plalca01gr00.bb.ispxy.com [154.11.12.11] 6 39 ms 39 ms 39 ms Rwest.placa01gr00.bb.ispxy.com [154.11.3.14] 7 40 ms 39 ms 46 ms svl-core-03.inet.ispoxy.net [205.171.206.29] 8 75 ms 117 ms 63 ms dia-core-01.inet.ispxy.net [205.151.142.1] Which of the following produced this output?

tracert.

Which TCP/IP utility gives you the following output? 2 14 ms <10 ms 14 ms Loopback0.GWI.SLT1.ALTER.NET [137.39.2.123] 3 14 ms <10 ms 13 ms 122.at-6-0-0.XR1.SLT4.ALTER.NET [152.63.91.86] 4 <10 ms 14 ms <10 ms 0.so-0-1-0.TL1.SLT4.ALTER.NET [152.63.1.210] 5 41 ms 41 ms 41 ms 0.so-7-0-0.TL1.PQR3.ALTER.NET [152.63.32.41] 6 42 ms 41 ms 41 ms 0.so.6-0-0.XL1.SEA1.ALTER.NET [152.63.38.82] 7 41 ms 41 ms 41 ms PQS6-0.GW11.SEA1.ALTER.NET [152.63.107.17]

tracert.

You are the network administrator of a branch office of your company. The branch office network is part of a WAN that covers most of the United States. The office has two Windows 2000 servers, two UNIX severs, one Windows NT server, 90 Windows 98 clients, 40 Windows 2000 Professional clients, and five Macintosh clients. Users have been complaining that they are unable to access resources over the WAN at the main headquarters. You suspect that one of the routers between your office and the main headquarters is not working properly. What TCP/IP utility can you use to see if a router is not working properly?

tracert.

Which protocol is used for securely browsing a website?

HTTPS

Network Signaling is a function of which later of the OSI Model?

Physical Layer

Match each decimal value on the left with the corresponding hex value on the right. not all will be used.

11-17 B-11 D-13 F-15 C-12 10-16

While viewing the stats of the interfaces on a Cisco with, you see an abnormally large number of CRC errors on on interface. This interface is connected to a user's workstation located in a cubicle on the 2nd floor. What could be causing this to happen?

A strong EMI emitter near the cable run connected to that interface

You need to replace a fiber optic cable that is connecting two switches together. You inspect the existing fiber cable and determine that is uses LC connectors. You also notice the cable's ferrule has a slight slant to it. Which polish grade should you sue to replace the existing cable?

Angled Physical Contact polish

Which of the following describes the point where the service providers responsibility ends and the customers responsibility begins for installing and maintaining wiring and equipment?

Demarc

Which of the following protocols allows hosts to exchange messages to indicate problems with packet delivery?

ICMP (The Internet Control Message Protocol)

You have a network that occupies both floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the second floor directly above the wiring closet that holds the demarc. Which of the following terms describes the closet on the second floor?

IDF

You want to implement a fault tolerant topology as you interconnect routers on your wide area network. Which of the following would meet your needs?

Mesh

You have a network that uses a logical bus topology. How do messages travel through the network?

Messages are broadcast to all devices connected to the network.

You have a network that uses a logical ring topology. How do messages travel through the network?

Messages travel from one device to the next until they reached the destination device.

Match the description on the left with the appropriate network signal line code on the right.

Non-Return-to-Zero Binary 1s are represented by positive voltage while 0s are represented by negative voltage. There is no zero voltage state between bits. Manchester The transition from one voltage level to another is used to represent binary data Return-to-Zero Inverted A 0 is represented by sending a light pulse. A 1 is represented by sending no light pulse. Return-to-Zero Binary 0s and 1s are transmitted by sending voltage pulses, with the voltage returning to zero between pulses.

Which of the following TCP\IP protocols do e-mail clients use to download messages from a remote mail server?

POP3 (Post Office Protocol 3)

You have been asked to implement a wired network infrastructure that will accommodate failed connections. You don't have a large budget, so you decide to provide redundancy for only a handful of critical devices. Which of the following network topologies should you implement?

Partial Mesh

You have implemented a network where each device provides shared files with all other devices on the network. What type of network do you have?

Peer-to-peer

you need to terminate a Cat 6 UTP with an RJ45 connector. Your organization's IT policy states that all cables connectors must be wired according to TIA568A standards. Match the order.

Pin 1 white with green stripe Pin 2 solid green Pin 3 white with orange stripe Pin 4 solid blue Pin 5 white with blue stripe Pin 6 solid orange Pin 7 white with brown stripe Pin 8 solid brown

You are adding new wires in the office. The office has a false ceiling that holds the lights. You would like to run your Ethernet cable there. What type of cable must you use?

Plenum

Which of the following connectors is used with Ethernet 10BaseT networks?

RJ-45

What type of module might a switch use to allow it to modify the media type supported by a switch port? (Select two)

SFP GBIC

What protocol sends e-mail to a mail server?

SMTP (Simple Mail Transfer Protocol)

Your company just acquired another company in the same city. You are given the task of integrating the two e-mail systems to that messages can be exchanged between the e-mail servers. However, each network uses an e-mail package from a different vendor. Which TCP\IP protocol will enable messages to be exchanged between systems?

SMTP (Simple Mail Transfer Protocol)

Which of the following forms of optical fiber would usually be used to connect two buildings across campus from each other, which are several kilometers apart?

Single mode

You are an application developer and are writing a program to exchange video files through a TCP\IP network. You need to select a transport protocol that will guarantee delivery. Which TCP\IP protocol would you implement that provides this capability?

TCP (Transmission Control Protocol)

Which of the following is true about single mode fiber optic network cabling?

The central core is smaller than that of multimode fiber optic cabling

You are troubleshooting a connectivity problem in which one client system is unable to connect to a server. Both the server and client system are connected to the same ethernet network switch. No other users have complained of a problem, and you suspect that faulty network cabling might be to blame. Which of the following troubleshoot steps are you most likely to perform first.

Use a cable test to test the cable between the computer system and the network switch.

Match each network signaling method on the left with its corresponding definition on the right.

Uses the entire network medium as a single transmission channel-Baseband Combines signals from multiple channels into a single channel.-De-multiplexing Assigns different frequencies to different channels on the same network medium.-Frequency-division multiplexing Divides the transmission medium into several channels.-Broadband Measures the number of times a signal in a communications channel changes state.-Baud rate Measures the number of data bits transmitted in one second in a communication channel.-Bit rate

In which of the following situations might you use an RJ-11 connector?

You want to connect your computer to the internet with a dial-up connection.

Your organization is in the process of negotiating an Interoperability Agreement (IA) with another organization. As a part of this... As a security administrator, which tasks should you complete during this phase? (Select two)

- Identify how data will be shared - Identify how data ownership will be determined

A user named Bob Smith has been assigned... When provisioning Bob's user account in... On first logon, Bob is prompted to change... What should you do to increase the security of Bob's account? (Select two)

- Require stronger initial password when creating user accounts - Train users not to use passwords that are easy to guess

The power supply in a tower server system... Next, you remove the power supply unit from the server and open it... Which safety rules were violated in this scenario? (Select two)

- You should never open a computer power supply - You should unplug a device from the wall outlet before connecting yourself to it with a static wristband

Which three of the following devices operate at the Data Link Layer of the OSI Model?

-Bridges -Network Interface Cards -Switches

Which of the following does a router acting as a firewall use to control packets

ACL

You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the main floor. You need to connect the two wiring closets. Which of the following are typically used to connect the two wiring closets? (Select two.)

-Horizontal Cross connect -25 Pair

Which two of the following are included as part of the Data Link Layer?

-Identifying physical network device -Controlling how messages are propagated through the network

Which of the following are advantages of using fiber optic cabling for a network, as opposed to other types of cabling? (Select two)

-Immunity to electromagnetic interference -Greater cable distances without a repeater

In the OSI Model, which of the following functions are performed at the Application Layer?

-Integration of network functionality into the host operating system -Enabling communication between network clients and services

Which of the following are characteristics of coaxial network cable? (Choose three)

-It uses two concentric metallic conductors. -The ends of the cable must be terminated. -It has a conductor made from copper in the center of the cable.

Which of the following connectors are used with fiber optic cables and include both cables in a single connector? (Select two)

-LC -MT-RJ

The UDP transport protocol provides which of the following features? (Select all that apply)

-Low overhead -Connectionless datagram services

Which of the following cable classifications are typically used for cable and satellite networking with coaxial cables?

-RG-6 -RG-59

Which of the following connector types are used with UTP cables? (Select two)

-RJ45 -RJ11

Which of the following connectors usually require polishing as part of the assembly process? (Select two)

-ST -SC

You've connected a cable certifier to an RJ45 wall jack, and the output shown below is displayed on the device. What does this output indicate? (Select two)

-The cable is functioning correctly -This is a crossover cable

Which of the following are characteristics of an MT-RJ fiber optic connector? (Select two)

-They can be used with multimode fiber optic cables -They use metal guide pins to ensure accurate alignment

Which of the following are characteristics of an LC fiber optic connector? (Choose two)

-They use a housing and latch system similar to an RJ-45 UTP connector -They are half the size of standard connectors

Which of the following IP addresses belong to the Class A network 114.0.0.0? (select three.) Tip: Assume the network is indicated by the default portion of the IP address

1) 114.0.0.15 2) 114.122.66.12 3) 114.58.12.0

Which of the following describes an IPv6 address? (select two)

1) 128-bit address 2) Eight hexadecimal quartets

Which of the following are valid IPv6 addresses? (select two)

1) 141:0:0:0:15:0:0:1 2) 6384:1319:7700:7631:446A:5511:8940:2552

Which of the following are not valid IP addresses? (select three)

1) 145.8.260.7 2) 257.0.122.55 3) 45.22.156.256

Which of the following IP addresses have a default subnet mask of 255.255.0.0 (select three)

1) 168.16.5.1 2) 129.0.0.1 3) 191.168.2.15

Which of the following IP addresses are Class B addresses? (select three)

1) 192.0.0.0 2) 190.65.2.0 3) 132.12.0.0

You have a computer that is connected to the Internet through a NAT router. You want to use a private addressing scheme for your computer. Which of the following IP addresses could you assign to the computer? (select three)

1) 192.168.12.253 2) 192.18.188.67 3) 10.0.12.15

Which of the following is a valid IP address? (select two)

1) 2.2.2.2 2) 172.16.1.26

Which of the following IP addresses are Class C addresses? (select three)

1) 223.16.5.0 2) 222.55.0.0 3) 192.15.5.55

Which IEEE wireless standards specify transmission speeds up to 54 Mbps? (select two)

1) 802.11g 2) 802.11a

What type of cabling can be used for an Ethernet 100Base-T (100 Mbps) network? (select two)

1) Cat 6 UTP 2) Cat 5 UTP

You've just installed a wireless access point (AP) for your organization's network. You know that the radio signals used by the AP extend beyond your organization's building and are concerned that unauthorized users outside may be able to access your internal network. What can you do to protect the wireless network? (select two)

1) Configure the AP to filter out unauthorized MAC addresses 2) Disable DHCP on the AP

Which of the following statements about the Dynamic Host Configuration Protocol (DHCP) are true? (select two)

1) It can deliver a DNS server address in addition to the host IP address 2) A workstation must request addressing information from a DHCP server

Which of the following locations will contribute the greatest amount of interference for a wireless access point? (select two)

1) Near backup generators 2) Near cordless phones

Which tool in Windows would you use to browse all networks and shared folders to which a user has access? (select three)

1) Network 2) Computer 3) Windows Explorer

You are troubleshooting network connections on a Windows workstation and you want to view a list of connections on the computer. How can you do this? (select two)

1) On the Start menu, click Control panel, then click Network and Internet 2) On the Start menu, right-click Network and select Properties

Which of the following are characteristics of the 802.11g wireless standard? (select three)

1) Operates in the 2.4 GHz range 2) Maximum bandwidth of 54 Mbps 3) Backwards compatible with 802.11b devices

Which of the following terms refers to a network resource sharing model that uses access to control lists saved on each computer? (select two)

1) Peer-to-peer 2) Workgroup

Which of the following are used to connect a cable modem to the Internet connection? (select two)

1) RG-6 coaxial cable 2) F-type connectors

Which of the following is true of a network using the 10Base-T standard? (select two)

1) The maximum cable distance is 100 meters 2) The network operates at ten megabits per second

Which of the following is true of a network using the 1000Base-T standard? (select two)

1) The network uses copper UTP cables 2) The network operates at one gigabit per second

Which of the following are security protocols for wireless networks? (select two)

1) WEP 2) WPA

Your network follows the 100BaseTx specifications for Fast Ethernet. What is the maximum cable segment length allowed?

100 meters

Which of the following are performed by the Microsoft Baseline Security Analyzer (MBSA) tool? (select three)

1. Check user accounts for weak passwords 2. Check for missing patches 3. Check for open ports

Which of the following functions can a port scanner provide? (select two)

1. Determining which ports are open on a firewall 2. Discovering unadvertised servers

You want to use a tool to scan a system for vulnerabilities including open ports, running services, and missing patches. Which tool would you use? (select two)

1. Nessus 2. Retina

You would like to implement 10 Gbps Ethernet over a distance of 1 km or greater. Which of the following would be the minimum requirement for the implementation?(2 answers)

10GBaseLR standards Single mode fiber

Which data transmission rate is defined by the IEEE 802.11b wireless standard?

11 Mbps

With an Ethernet 10BaseT network, the maximum cable length between a computer and the hub is:

100 meters

Your network follows the 1000Base-T specifications for Gigabit Ethernet. What is the maximum cable segment length allowed?

100 meters

Your network follows the 100BaseTx specifications for Fast Ethernet. What is the maximum cable segment length allowed? 500 meters 1,000 meters 412 meters 2,000 meters 100 meters

100 meters Explanation Fast Ethernet using twisted pair cables (either 100BaseT4 or 100BaseTx) has a maximum cable segment length of 100 meters. Tip: All Ethernet networks that use twisted pair cable (Ethernet, Fast Ethernet, Gigabit Ethernet) have a distance limitation of 100 meters.

With an Ethernet 10BaseT network, the maximum cable length between a computer and the hub is: 100 meters 100 feet 500 feet 185 meters

100 meters Explanation With an Ethernet 10BaseT network, the maximum cable length between a computer and the hub is 100 meters.

A host has the address 100.55.177.99/16. Which of the following is the broadcast address for the subnet? 255.255.255.0 100.255.255.255 100.55.255.255 100.55.177.255 255.255.0.0

100.55.255.255 Explanation The broadcast address for the subnet is the last address on the subnet. In this example, the address uses 16 bits in the subnet mask (255.255.0.0), meaning that the first two octets indicate the subnet address (100.55.0.0), and the last two octets are used for host addresses. The last possible address on this subnet is 100.55.255.255.

You have been tasked with designing a high-speed Ethernet network. Your client's building already has 150 ohm shielded twisted pair wiring installed. Due to budget constraints, they have asked you to reuse the existing wiring instead of installing new fiber optic cabling. Which Ethernet standard could you implement in this situation?

1000BaseCX

You have been tasked with designing a highspeed Ethernet network. Your client's building already has 150ohm shielded twisted pair (STP) wiring installed. Due to budget constraints, they have asked you to reuse the existing wiring instead of installing new fiberoptic cabling. Which Ethernet standard could you implement in this situation? 1000BaseZX 10BaseFL 1000BaseLX 1000BaseCX 1000BaseT 1000BaseSX

1000BaseCX Explanation The 1000BaseCX standard specifies 150ohm STP cabling. The maximum cable length is 25 meters. The 10BaseFL, 1000BaseSX, 1000BaseLX, and 1000BaseZX standards employ fiberoptic cabling. 1000BaseT uses Category 5 UTP instead of STP cabling.

Which Gigabit Ethernet standard can support long network segments up to a maximum of 5 km when used with fiberoptic cable? 1000BaseSX 1000BaseLX 1000BaseT 1000BaseCX

1000BaseLX Explanation 1000BaseLX supports segment lengths of up to 5 km when used with fiber-optic cable. This maximum segment length is cut to 550 m when fiber-optic cable is used and it operates in half-duplex. 1000BaseSX supports segment lengths of only 550 meters. 1000BaseCX uses copper wire and supports segment lengths of only 25 meters. 1000BaseT uses twisted pair cables.

You want to implement an Ethernet network at very long distances using fiber optic cables. Which standard and cable type would you choose? (Select two.) 1000BaseLX Single mode fiber 1000BaseCX Mutimode fiber 1000BaseSX

1000BaseLX Single mode fiber Explanation Of the standards listed in this question, 1000BaseLX provides the greatest cable length (think of the "L" in 1000BaseLX as "long"). When using long distances for fiber optic, use single mode fiber. Multimode fiber is cheaper but has a shorter maximum distance than single mode fiber. 1000BaseSX is for short fiber optic, and 1000BaseCX uses short copper within a wiring closet.

Which Gigabit Ethernet standard uses multimode fiber-optic cabling and supports network segments up to a maximum of 550 m long?

1000BaseSX

You have been tasked with designing an Ethernet network. Your client needs to implement a very highspeed network backbone between campus buildings; some of which are around 300 m apart. Fiberoptic cabling has already been installed between buildings. Your client has asked that you use the existing cabling that operates in fullduplex. Which Ethernet standard meets these guidelines? (Choose two.) 1000BaseSX 1000BaseT 10GBaseSR 10BaseFL 1000BaseCX

1000BaseSX 10GBaseSR Explanation 10GBaseSR and 1000BaseSX can operate within these parameters. Both will support segment lengths 300 meters long and operate using full-duplex. 10BaseFL isn't a good choice because its data transmission rate is relatively slow. 1000BaseCX and 1000BaseT both use copper wiring.

Which Gigabit Ethernet standard uses fiberoptic cabling and supports network segments up to a maximum of 550 meters long? 1000BaseT 1000BaseZX 1000BaseCX 1000BaseSX

1000BaseSX Explanation The 1000BaseSX standard uses fiberoptic cable with a maximum segment length of 550 meters. However, to implement segments this long, you must use 50 micron, 500MHz/km fiber optic cable. Other types of cable will shorten the maximum segment length. 1000BaseFX also supports lengths up to 550 meters. 1000BaseFX supports distances up to 10 kilometers. 1000BaseZX has a maximum segment length of up to 100 km. 1000BaseCX and 1000BaseT use copper cabling instead of fiberoptic.

Which of the following use the CSMA/CD access method? Select all that apply. Token Ring 1000BaseT 10BaseT FDDI

1000BaseT 10BaseT Explanation CSMA/CD stands for Carrier Sense Multiple Access / Collision Detection. It defines the steps network devices take when two devices attempt to use a data channel simultaneously. Ethernet networks use CSMA/CD, including 10BaseT, 10Base2 and 1000BaseT.

Which of the following Ethernet standards uses fiber optic cabling?(2 answers)

100BaseFX 1000BaseLX

Which of the following Ethernet standards uses fiber optic cabling? (Select two.) 1000BaseCX 100BaseT4 100BaseFX 100BaseTX 1000BaseLX

100BaseFX 1000BaseLX Explanation 100BaseFX and 1000BaseLX are Ethernet standards that use fiberoptic. Following the Ethernet naming conventions: • F designates fiberoptic cables. Ethernet standards with the F designation are 10BaseFL and 100BaseFX. • L designates "long" distances and requires fiberoptic to support the distance. Ethernet standards with the L designation are 10BaseFL, 1000BaseLX, and 10GBaseLR. • S designates "short" distances that use fiberoptic cables. Ethernet standards with the S designation are 1000BaseSX and 10GBaseSR. • T designates twisted pair cables. Ethernet standards with the T designation are 10BaseT, 100BaseTX, 100BaseT4, and 1000BaseT. • C designates copper cables. The 1000BaseCX standard is for fast Ethernet at short distances within wiring closets.

Which of the following use the CSMA/CD access method?(2 answers)

10BaseT 1000BaseT

Which three of the following IP addresses belong to the Class A network 114.0.0.0? (Assume the network is indicated by the default portion of the IP address.) 114.58.12.0 114.122.66.12 114.0.0.15 115.77.89.4 115.88.0.55 115.0.0.66

114.58.12.0 114.122.66.12 114.0.0.15 Explanation With a Class A network, the first octet indicates the network address. All hosts on the network must have the same value in the first octet (114).

Which data transmutation rate is defined by the IEEE 802.11b wireless standard.

11Mbps

What is the maximum data rate of an ISDN BRI line?

128 Kbps

Which three of the following are Class B addresses?

129.0.0.0 190.65.2.0 132.12.0.0

Which of the following IP addresses have a default subnet mask of 255.255.0.0? (Select all that apply.) 129.0.0.1 123.254.19.6 1.6.45.254 168.16.5.1 191.168.2.15 228.62.18.6

129.0.0.1 168.16.5.1 191.168.2.15 Explanation IP addresses are divided into classes. The most common of these are classes A, B, and C. Each address class has a different default subnet mask. To identify the class of an IP address, look at its first octet. • Class A networks use a default subnet mask of 255.0.0.0 and have 0-126 as their first octet. • Class B networks use a default subnet mask of 255.255.0.0 and have 128-191 as their first octet. • Class C networks use a default subnet mask of 255.255.255.0 and have 192-223 as their first octet. In this question, the IP addresses that fall in the Class B IP address range are 191.168.2.15, 129.0.0.1, and 168.16.5.1.

Which of the following IP addresses have a default subnet mask of 255.255.0.0?

129.0.0.1 191.168.2.15 168.16.5.1

A host on the network has an IP address of 129.11.99.78 using the default subnet mask. How would you identify the address and mask using CIDR notation?

129.11.99.78/16

Your network has been assigned the Class B address of 130.15.0.0. Which of the following is not an address you can assign to a node on your network? 130.15.60.0 130.16.61.3 130.15.60.220 130.15.0.1

130.16.61.3 Explanation If you plan to use the Class B address for all nodes on the network, the nodes must all have the same network address. In this case, all IP addresses must begin with 130.15.

Which three of the following IP addresses are Class B addresses? 132.12.0.0 224.15.55.2 64.2.2.64 129.0.0.0 115.33.0.0 195.155.0.0 190.65.2.0

132.12.0.0 129.0.0.0 190.65.2.0 Explanation The following are Class B addresses: 129.0.0.0, 132.12.0.0, and 190.65.2.0. The first octet of Class B addresses is in the range of 128 to 191.

You reconfiguring PuTTY to be used to access the CLI of Cisco switch Which of the following configuration values would PuTTY from connection? (Select two.)

4600 baud Flow contro = RTS/CTS

Which of the following are valid IPv6 IP addresses? Select all that apply. 343F:1EEE:ACDD:2034:1FF3:5012 165.15.78.53.100.1 127.0.0.1 141:0:0:0:15:0:0:1 192.168.2.15 6384:1319:7700:7631:446A:5511:8940:2552

141:0:0:0:15:0:0:1 6384:1319:7700:7631:446A:5511:8940:2552 Explanation An IPv6 IP address is a 128-bit address listed as eight 16-bit hexadecimal sections. Leading zeros can be omitted in each section. Therefore, 6384:1319:7700:7631:446A:5511:8940:2552 and 141:0:0:0:15:0:0:1 are both valid IPv6 IP addresses. A single set of all zero sections can be abbreviated with two colons (::). Therefore, 141::15:0:0:1 would also be a valid address.

What is the speed of an OC-3 connection?

155 mbps

Which port number is used by SNMP

161

Which port number is used by SNMP?

161

Which of the following is the first IP address that can be assigned to hosts on the 166.70.0.0 network using the default subnet mask? 166.71.0.0 166.70.1.0 166.70.0.0 166.70.1.1 166.70.0.1

166.70.0.1 Explanation The first address you can assign to hosts on the 166.70.0.0 network is 166.70.0.1. The network address is a Class B address and uses a default subnet mask of 255.255.0.0. The last two octets are used for host addresses. The host address range is 166.70.0.1 to 166.70.255.254. 166.70.0.0 cannot be used as a host address because it is the network address. 166.70.255.255 cannot be used as a host address because it is the broadcast address.

Which of the following is the last IP address that can be assigned to hosts on the 166.70.0.0 network using the default subnet mask? 166.70.0.255 166.70.0.254 166.71.0.0 166.70.255.255 166.70.255.254

166.70.255.254 Explanation The last address you can assign to hosts on the 166.70.0.0 network is 166.70.255.254. The network address is a Class B address and uses a default subnet mask of 255.255.0.0. The last two octets are used for host addresses. 166.70.0.0 cannot be used as a host address because it is the network address. 166.70.255.255 cannot be used as a host address because it is the broadcast address.

Which of the following IP addresses ranges is reserved for Automatic Private IP Addressing?

169.254.0.1 - 169.254.255.254

Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server?

169.254.0.1 - 169.254.255.254

Which of the following is not one of the ranges of IP addresses defined in the RFC 1918 that are commonly used behind a NAT server?

169.254.0.1 - 169.254.255.254

Which of the following is not one of the ranges of IP addresses defines in RFC 1918 that are commonly used behind a NAT server?

169.254.0.1 - 169.254.255.254

Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server? 192.168.0.1 192.168.255.254 172.16.0.1 172.31.255.254 10.0.0.1 10.255.255.254 169.254.0.1 169.254.255.254

169.254.0.1 169.254.255.254 Explanation 169.254.0.1 169.254.255.254 is the range of IP addresses assigned to Windows DHCP clients if a DHCP server does not assign the client an IP address. This range is known as the Automatic Private IP Addressing (APIPA) range. The other three ranges listed in this question are defined as the private IP addresses from RFC 1918 which are commonly used behind a NAT server.

Which of the following IP address ranges is reserved for Automatic Private IP Addressing? 192.168.0.1 192.168.254.255 169.254.0.1 169.254.255.254 169.192.0.0 169.192.254.255 192.168.0.0 192.168.255.254 169.168.0.1 169.168.255.255

169.254.0.1 169.254.255.254 Explanation The Internet Assigned Numbers Authority (IANA) has reserved 169.254.0.1 through 169.254.255.254 for Automatic Private IP Addressing (APIPA). APIPA also sets the subnet mask on the network to 255.255.0.0.

Which of the following is a valid IP (version 4) address? (Select two.) 172.16.1.26 192.168.1.512 1.254.1.1024 254.7.1.417 10.384.0.3 256.0.0.1 2.2.2.2

172.16.1.26 2.2.2.2 Explanation A valid IPv4 address consists of 4 8bit (1 byte) numbers separated by periods. For example, 10.0.0.65. Because they are 8 bits long, these numbers are frequently called octets. Even though we typically express these numbers using decimal notation, it's important to remember that these numbers are binary numbers. The lowest value one of these numbers can have is 00000000. The decimal equivalent for this number is simply 0. The highest value one these numbers can take is 11111111. The decimal equivalent of this number is 255. Therefore, in decimal notation, each octet must contain a number between 0 and 255inclusively.

You've decided to use a subnet mask of 255.255.192.0 on the 172.17.0.0 network to create four separate subnets. Which network IDs will be assigned to these subnets in this configuration? (selec two)

172.17.128.0 172.17.0.0

You have a computer that is connected to the Internet through a NAT router. You want to use a private addressing scheme for your computer. Which of the following IP addresses could you assign to the computer? (Select all that apply.) 172.18.188.67 192.168.12.253 10.0.12.15 32.188.99.10 224.15.166.12 240.12.188.1 127.0.0.1

172.18.188.67 192.168.12.253 10.0.12.15 Explanation Of the addresses listed here, the following are in the private IP address ranges: • 10.0.12.15 (private range = 10.0.0.0 to 10.255.255.255) • 172.18.188.67 (private range = 172.16.0.0 to 172.31.255.255) • 192.168.12.253 (private range = 192.168.0.0 to 192.168.255.255)

Your network has been assigned the Class B network address of 179.113.0.0. Which three of the following addresses can be assigned to hosts on your network? 179.113.89.0 179.113.0.0 180.113.0.67 179.114.88.0 179.113.0.118 179.112.95.64 179.113.65.12

179.113.89.0 179.113.0.118 179.113.65.12 Explanation All hosts on this network must share the first two octets of the IP address (179.113). You cannot assign 179.113.0.0 to a host because this address indicates the address of the network.

Which of the following is a vaild IP (version 4) address? (Select 2)

2.2.2.2 172.16.1.26

Which of the following are frequencies defined by 802.11 committees for wireless networking. select two

2.4GHz 5.57GHz

Your network has been assigned the Class C network address of 200.78.151.0. Which three of the following addresses can be assigned to hosts on your network? 200.78.151.0 200.78.151.111 200.78.151.257 200.78.151.12 200.78.152.14 200.78.151.252 200.78.151.255

200.78.151.111 200.78.151.12 200.78.151.252 Explanation All hosts on this network must share the first three octets of the IP address (200.78.151). Youcannot assign 200.78.151.0 to a host because this address indicates the address of the network. You cannot assign 200.78.151.255 because this address is reserved for the broadcast address.

You are planning a network for an educational campus. Due to the size of the buildings and the distance between them, you have elected to use 10BaseFL hubs, cabling, and network interface cards. What is the maximum length for the network cable between a workstation and a hub?

2000 meters

You are planning a network for an educational campus. Due to the size of the buildings and the distance between them, you have elected to use 10BaseFL hubs, cabling, and network interface cards. What is the maximum length for the network cable between a workstation and a hub? 550 meters 1000 meters 220 meters 100 meters 412 meters 2000 meters

2000 meters Explanation The maximum length for a 10BaseFL network segment is 2000 meters (2 km). Because a 10baseFL network uses a physical star topology, a segment is defined as one of the arms of the star, (between the hub and a host). That means the fiberoptic cable between the hub and a workstation can be up to 2000 meters long. 100BaseFX supports up to 412 meters. 1000BaseSX and 1000BaseLX support up to 550 meters. 100 meters is the maximum twisted pair cable length.

Consider the following output from a dig command run on a Linux system. ; <<>> DiG 8 .2 <<>> westsimlll.com ;;res options :init recurs defnam dnsrch ;;got answer : ;;->>HEADER<< -opcode :QUERY , status : NOERROR , id :4 ;;flags : qr rd ra ; QUERY :l , ANSWER :l , AUTHORITY :2, ADDITIONAL :0 ;;QUERY SECTION : ;; westsimlll.com , type= A , class= IN ;;ANSWER SECTION : westsimlll .com . 7h33m IN A 76 .141 .43 .129 ;;AUTHORITY SECTION : westsimlll .com . 7h33m INNS dnsl .deriatctlll .com. westsimlll.com. 7h33m INNS dns2.de riatct222.com . ;;Total query time : 78 msec ;;FROM: localhost .localdomain to SERVER :default -- 202 .64 .49 .150 ;;WHEN: Tue Feb 16 23 :21 :24 2005 ;;MSG SIZE sent : 30 rcvd :l03 What is the IP address of the DNS server that performed this name resolution? A. 202.64.49.150 B. 76.141.43.129 C. 192.168.1.100 D. 16.23.21.24

202.64.49.150

Which of the following is the last IP address that can be assigned to hosts on the 211.70.0.0 network using the default subnet mask? 211.70.0.255 211.70.255.255 211.70.0.254 211.71.0.0 211.70.255.254

211.70.0.254 Explanation The last address you can assign to hosts on the 211.70.0.0 network is 211.70.0.254. The network address is a Class C address and uses a default subnet mask of 255.255.255.0. The last octet is used for host addresses. 211.70.0.0 cannot be used as a host address because it isthe network address. 211.70.0.255 cannot be used as a host address because it is the broadcast address.

To access your company's internet network from home, you use Secure SHell (SSH). The admin has recently implemented a firewall at the network perimeter and disabled as many ports as possible. Which port needs to remain open so you can still work from home?

22

Which three of the following IP addresses are Class C addresses? 222.55.0.0 240.0.0.0 189.189.5.2 192.15.5.55 125.166.11.0 223.16.5.0

222.55.0.0 192.15.5.55 223.16.5.0 Explanation The following are Class C addresses: 192.15.5.55, 222.55.0.0, and 223.16.5.0. The first octet of Class C addresses is in the range of 192 to 223.

You are configuring a network firewall to allow SMTP outbound e-mail traffic, and POP3 inbound e-mail traffic. What (2) IP ports should you open in the firewall?

25 for SMTP// 110 for POP3

You are configuring the IP address for a host and have been asked to use the address 192.160.99.110/16. What subnet mask value would you use? 255.0.0.0 255.255.0.0 255.255.252.0 255.255.255.0

255.255.0.0 Explanation With CIDR notation, the number of bits in the subnet mask is indicated by the /16 following the IP address. A mask that uses 16 bits is written 255.255.0.0 in decimal format. Each octet in the mask uses 8 bits, so a mask with 16 bits uses two full octets. Use /8 for the mask 255.0.0.0 and /24 for the mask 255.255.255.0. In this example, a /24 mask would be the default subnet mask, but the address is using a nondefault mask of 255.255.0.0.

What is the network address and subnet mask used by APIPA? (Select two.) 255.0.0.0 255.255.255.0 169.0.250.0 255.255.0.0 169.254.0.0 169.255.0.0

255.255.0.0 169.254.0.0 Explanation Automatic Private IP Addressing (APIPA) uses a network address of 169.254.0.0 with the default Class B subnet mask of 255.255.0.0. Host addresses will be within the range of169.254.0.1 and 169.254.255.254.

What is the default subnet mask for the IP address 203.111.3.3?

255.255.255.0

What is the default subnet mask for the IP address 203.111.3.3? 255.0.0.0 255.255.255.255 255.255.0.0 255.255.255.0

255.255.255.0 Explanation IP addresses are divided into classes. The most common of these are classes A, B, and C. Each address class has a different default subnet mask. To identify the class of an IP address, look at its first octet. • Class A networks use a default subnet mask of 255.0.0.0 and have 0-126 as their first octet. • Class B networks use a default subnet mask of 255.255.0.0 and have 128-191 as their first octet. • Class C networks use a default subnet mask of 255.255.255.0 and have 192-223 as their first octet. In this question, the IP address falls in the Class C range and therefore has a default subnet mask of 255.255.255.0.

Which of the following cellular network types does NOT provide Internet connectivity?

2G

Drag the cellular network specification on the left to its corresponding mobile technology generation on the right

2G - GSM CDMA 3G - LTE HSPA+ 4G - WiMAX

To increase security on your company's internal network, the admin has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform secure credit car transactions. Which port needs to be enabled to allow secure transactions?

443

To increase security on your company's internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions?

443

You manage a network with two locations: Portland and Seattle. Both locations are connected to the Internet. All computers in both locations are configured to use IPv6. You would like to implement an IPv6 solution to meet the following requirements: Hosts in each location should be able to use IPv6 to communicate with hosts in the other location through the IPv4 Internet. You want to use a site-to-site tunneling method instead of a host-to-host tunneling method. Which IPv6 solution should you use?

6-to-4

If the SONET (OC-1) base rate is 51.84 Mbps, how much data can the Optical Carrier level 12 (OC-12) transfer in one second?

622.06 Mb

If the SONET (OC-1) base data rate is 51.84 Mbps, how much data can the Optical Carrier level 12 (OC-12) transfer in one second?

622.08 Mb

You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4GHz. Which 802.11 stand will work best in this situation?

802.11a

Which IEEE wireless standard specify transmission speeds up to 54Mbps? select two

802.11a 802.11g

You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solutions? select two

802.1a authentications Remediation servers

You want to increase security of your network by allowing only authenticated users to be able to access network devices through a switch. Which of the following should you implement?

802.1x

You want to increase the security of your network by allowing only authenticated users to be able to access network devices through a switch. Which of the following should you implement?

802.1x 802.1x authentication is an authentication method used on a LAN to allow or deny access based on a port or connection to the network. 802.1x is used for port authentication on switches and authentication to wireless access points. 802.1x requires an authentication server for validating user credentials. This server is typically a RADIUS server. Authenticated users are allowed full access to the network; unauthenticated users only have access to the RADIUS server.

You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solution? (Select two.)

802.1x authentication Remediation servers

select the statement that best describes a broadcast storm.

A Broadcast storm occurs when there are so many broadcast messages on the network that they approach or exceed the network bandwidth..

Which two of the following statements about the Dynamic Host Configuration Protocol (DHCP) are true? It can deliver other configuration information in addition to IP addresses. It cannot be configured to assign the same IP address to the same host each time it boots. A DHCP server assigns addresses to requesting hosts. It is used only to deliver IP addresses to hosts.

A DHCP server assigns addresses to requesting hosts. It can deliver other configuration information in addition to IP addresses. Explanation DHCP servers deliver IP addresses as well as other host configuration information to network hosts. DHCP can be configured to assign any available address to a host, or it can assign a specific address to a specific host.

Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?

ACL

Which of the following activities are typically associated with a penetration test? (Select two.)

Attempting social engineering Running a port scanner

In virtualization, what is the role of the hypervisor? A hypervisor is a software implementation of a computer that executes programs like a physical machine. A hypervisor allows virtual machines to interact with the hardware without going through the host operating system. A hypervisor has the actual hardware in place on the machine, such as the hard disk drive(s), optical drive, RAM, and motherboard. A hypervisor is created within the host operating system and simulates a hard disk for the virtual machine.

A hypervisor allows virtual machines to interact with the hardware without going through the host operating system. Explanation A hypervisor is a thin layer of software that resides between the virtual operating system(s) and the hardware. A hypervisor allows virtual machines to interact with the hardware without going through the host operating system. A hypervisor manages access to system resources such as: • CPU • Storage • RAM A physical machine (also known as the host operating system) has the actual hardware in place on the machine, such as the hard disk drive(s), optical drive, RAM, motherboard, etc. A virtual machine is a software implementation of a computer that executes programs like a physical machine. The virtual machine(s) appear to be a self-contained and autonomous system(s). A virtual hard disk (VHD) is a file that is created within the host operating system and that simulates a hard disk for the virtual machine.

Which of the following is the strongest form of multi-factor authentications?

A password, a biometric scan, and a token device

Which of the following activities are typically associated with penetration testing? (select two)

Attempting social engineering Running a port scanner

While viewing the status of the interfaces on a Cisco switch, you see an abnormally large number of CRC errors on one interface. This interface is connected to a user's workstation located in a cubicle on the 2nd floor. What could be causing this to happen?

A strong EMI emitter near the cable run connected to that interface.

Which of the following is an example of two-factor authentication?

A token device and a PIN Two-factor authentication uses two different types of authentication (i.e. a combination of Type I, Type II, and Type III authentication). Of the examples listed here, a token device (Type II) combined with a PIN (Type I) is the only example of two-factor authentication.

Which of the following is an example of two-factor authentications?

A token device and a pin

Which of the following is an example of an internal threat?

A user accidentally deletes the new product designs

What is the main difference between a worm and a virus?

A worm can replicate itself and does not need a host for distribution. Both viruses and worms can cause damage to data and systems, and both spread from system to system, although a worm can spread itself while a virus attaches itself to a host for distribution.

You are designing a wireless network implementation for a small business. The business deals with sensitive customer information, so data emanation must be reduced as mush as possible. the floor plan of the office is shown below...

A-Direciton B-Direction C-Omni-Direction D-Direciton E-Direciton F-Direciton G-Direciton

Which of the following is a valid MAC address? 95ABC2F4.ABC5.569D.43BF AB.07.CF.62.16.BD FABC.875E.9BG6 145.65.254.10

AB.07.CF.62.16.BD Explanation MAC addresses are comprised of 12 hexadecimal digits (ranging from 09 and AF). They are typically represented as a three sets of four hexadecimal digits or six sets of two hexadecimal digits separated with periods. Regardless of the grouping and separator values, look for 12 hex digits for a valid MAC address.

Which of the following is a valid MAC address? 95ABC2F4.ABC5.569D.43BF FABC.875E.9BG6 AB.07.CF.62.16.BD 145.65.254.10

AB.07.CF.62.16.BD MAC addresses are comprised of 12 hexadecimal digits (ranging from 0-9 and A-F). They are typically represented as a three sets of four hexadecimal digits or six sets of two hexadecimal digits separated with periods. Regardless of the grouping and separator values, look for 12 hex digits for a valid MAC address.

A SYN attack or a SYN flood exploits or alters which element of the TCP three-way handshake?

ACK

Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?

ACL When you configure a router as a firewall, you configure the access control list (ACL) with statements that identify traffic characteristics, such as the direction of traffic (inbound or outbound), the source or destination IP address, and the port number. ACL statements include an action to either allow or deny the traffic specified by the ACL statement.

You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the following components will be part of your design? select two

AES encryption 802.1x

IPsec is implemented through two separate protocols. What are these protocols called? select two

AH ESP

A host wants to send a message to another host with the IP address 115.99.80.157. IP does not know the hardware address of the destination device. Which protocol can be used to discover the MAC address?

ARP

A host wants to send a message to another host with the IP address 115.99.80.157. IP does not know the hardware address of the destination device. Which protocol can be used to discover the MAC address? DNS IGMP BOOTP DHCP ARP ICMP

ARP Explanation Hosts use the Address Resolution Protocol (ARP) to discover the hardware address of a host.

Which of the following attacks tried to associate an incorrect MAC address with a known IP address?

ARP Poisoning

Which exploit seeks to maliciously re-associate the IP address of a legitimate network host with the MAC address of the attacker's computer?

ARP poisoning

A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to a wireless network and then uses NMAP to probe various network hosts to see which operating system they are running. Which process did the administrator use in the penetration test in this scenario?

Active fingerprinting

A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to the wireless network and then uses NMAP to probe various network hosts to see which operating system they are running. Which process did the administrator use in the penetration test in this scenario?

Active fingerprinting Active fingerprinting is a form of system enumeration that is designed to gain as much information about a specific computer as possible. It identifies operating systems based upon ICMP message quoting characteristics. Portions of an original ICMP request are repeated (or quoted) within the response, and each operating system quotes this information back in a slightly different manner. Active fingerprinting can determine the operating system and even the patch level.

Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do to help reduce problems?

Add a separate A/C unit in the server room

During a network infrastructure upgrade, you have replaced two 10 Mbps hubs with switches and upgraded from Category 3 UTP cable to Category 5e. During the process, you accidentally cut the Cat 5e patch cable that stretches from the network printer to the upgraded switch. What is the impact on the network?

All network nodes, with exception of the printer, will be available.

Which of the following is a characteristic of static routing when compared to dynamic routing?

All routers must be manually updated on the router.

Which of the following is a characteristic of static routing when compared to dynamic routing? All routes must be manually updated on the router. Routers use the hop count to identify the distance to a destination network. Routers can only use static routing when not connected to the Internet. Routers send packets for destination networks to the next hop router.

All routes must be manually updated on the router. Explanation Static routing requires that entries in the routing table are configured manually. Network entries remain in the routing table until manually removed. When changes to the network occur, static entries must be added or removed. The next hop router is used with most routes to identify the next router in the path to the destination, regardless of whether the route is a static or dynamically-learned route. The hop count can be used by static or dynamic routes, depending on the routing protocol used. Static routing can be used for private and public networks, whether connected to the Internet or not.

Which of the following best describes the ping of death?

An ICMP packet that is larger than 65,536 bytes

Community cloud

Allows cloud services to be shared by several organizations

Which of the following best describes the Ping of Death exploit?

An ICMP packet larger than 65,536 bytes?

You provide Internet access for a local school

Application Level

Which of the following firewall types can be a proxy between servers and clients?(Select two)

Application layer firewall AND Circuit proxy filtering firewall

You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?

Application level

You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?

Application level

You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem?

Application log.

Match the network function or device on the left with the OSI model layer it is associated with on the right.

Application-HTTP Presentation-ASCII Session-Session ID Number Transport-Port Numbers Network-Router Data Link-Switch Physical-Wireless Access Point

Which of the following statements about ESD is NOT correct?

ESD is much more likely to occur when the relative humidity is above 50%

Which of the following routing protocols uses paths, rules, and policies instead of a metric for making routing decisions?

BGP

After an intrusion has occurred and the intruder has been removed from the system, which of the following is the best next step or action to take?

Back up all logs and audits regarding the incident

Developers in your company have created a Web application that interfaces with a database server. During development, programmers created a special user account that bypasses the normal security. What is this an example of?

Backdoor

You are concerned about the amount of traffic that passed though a router... Which document would help in identifying past average network traffic?

Baseline

When duplicating a drive for forensic investigative purposes, which of the following copying methods is most appropriate?

Bit-level cloning

You want a security solution that protects the entire hard drive, preventing access even when it is moved to anther system. which solution would you choose?

BitLocker

Which of the following functions are performed by proxies?(Select two)

Block employees from accessing certain Web sites AND Cache web pages

A switch running STP is a backup bridge. What state is it in?

Blocking

You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standard could the network be using. select two

Bluetooth 802.11b

Which of the following is a valid MAC address?

C0-34-FF-15-01-8E

Which of the following is a valid MAC address?

C0-34-FF-15-01-8E A MAC or hardware address is a unique identifier hard coded on every network adapter card. A valid MAC address has a total of 12 hexadecimal numbers. Hexadecimal numbers contain the numbers 0 to 9 and letters A to F. Valid values in a MAC address range anywhere from 00 to FF. Note that one of the answers would be valid MAC address except it uses a G value, which is beyond the range of a hexadecimal number.

Which of the following is a valid MAC address? 73-99-12-61-15 192.168.12.15 34-9A-86-1G-B3-24 C0-34-FF-15-01-8E 255.255.255.0 83-5A-5B-0B-31-55-F1

C0-34-FF-15-01-8E Explanation A MAC or hardware address is a unique identifier hard coded on every network adapter card. A valid MAC address has a total of 12 hexadecimal numbers. Hexadecimal numbers contain the numbers 0 to 9 and the letters A to F. Valid values in a MAC address range anywhere from 00 to FF. Note that one of the answers would be a valid MAC address except it uses a G value, which is beyond the range of a hexadecimal number.

You are working on upgrading the network in an older building. Over the years, the building has had several types of networking cable installed. The network must support 1000 Mbps Ethernet. You would like to minimize the cost of the upgrade by replacing cables only if necessary. Which types of cable must be replaced to support the required network speed? (Select two.) Cat 3 Cat 4 Cat 5 Cat 5e Cat 6 Cat 6e

Cat 3 & Cat 4 Explanation 1000 Mbps Ethernet (Gigabit Ethernet) requires at least Cat 5 cables. While Cat 5 supports 1000 Mbps, it can have poor performance during high-data transfers. Whenever possible, it is best to use a higher grade cable (Cat 5e or Cat 6) if you want 1000 Mbps data transmission. Cat 3 only supports 10 Mbps Ethernet. Cat 5e or Cat 6 is required for 10 Gbps Ethernet.

Which of the following cable types often includes a solid plastic core? Cat 3 Cat 6 Cat 5e Cat 5

Cat 6 Explanation Cat 6 cables include a solid plastic core that keeps the twisted pairs separated and prevents the cable from being bent too tightly.

Which of the following are advantages of virtualization? select two

Centralized administration Easy migration of systems to different hardware

You manage a network that uses 1000BaseT Ethernet. You find that one device communicates on the network at only 100 Mbps. Which tool should you use to test the drop cable and the connection to the network?

Certifier

You manage a network that uses 1000BaseT Ethernet. You find that one device communicates on the network at only 100 Mbps. Which tool should you use to test the drop cable and the connection to the network?

Certifier.

You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this?

Chain of custody

You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this?

Chain of custody

What is the most important element related to evidence in addition to the evidence itself?

Chain of custody document

You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device?

Change management

You recently installed a new all-in-one security appliance in a remote office

Change the default Configure the device's authentication

You recently installed a new all-in-one security appliance in a remote office. You are in the process of configuring the device. You need to: • Increase the security of the device. • Enable remote management from the main office. • Allow users to be managed through Active Directory. You want to configure the device so you can access it from the main office. You also want to make sure the device is as secure as possible. Which of the following tasks should you carry out? (Select two.)

Change the default username and password. Configure the device's authentication type to use Active Directory.

You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?

Circuit-level

Which type of network establishes a dedicated physical connection between two hosts who need to communicate on the network, not allowing any other host to use the medium until the communication is complete?

Circuit-switched

Consider the following IP addresses. 1. 124.77.8.5 2. 131.11.0.9 3. 190.66.250.10 4. 196.5.89.44 Which list represents the IP address class of each listed IP address? Class A, Class B, Class B, Class C Class B, Class B, Class C, Class D Class B, Class B, Class C, Class C Class A, Class B, Class C, Class C Class A, Class B, Class C, Class C Class B, Class C, Class C, Class D

Class A, Class B, Class B, Class C Explanation The IP addresses listed are of the following classes: Class A, Class B, Class B, Class C. You can identify the IP address class by memorizing the range of values for the first octet. • 0-126 = Class A • 128-191 = Class B • 192-223 = Class C • 223-239 = Class D • 240-255 = Class E

Which of the following fire extinguisher types is best used for electrical fires that might result when working with computer components?

Class C

You manage a server that uses an IP address of 192.168.255.188 with a mask of 255.255.0.0 Which of the following describes the address type?

Classless

You manage a server that uses an IP address of 192.168.255.188 with a mask of 255.255.0.0. Which of the following describes the address type? Classless Classful Multicast Public Broadcast

Classless Explanation Because the IP address is not using the default subnet mask, it is using classless addressing. Classless addressing modifies the length of the subnet mask, using a custom mask value instead of the default subnet mask. Classful addressing uses the default subnet mask. Devices that only support classful addressing assume the subnet mask based on the IP address class. A broadcast address is an address that is sent to all hosts. Broadcast addresses are the last possible address on a subnet. A multicast address is an address that identifies a group of computers. Members of the group share the same multicast address. Multicast addresses are in the range of 224.0.0.0 to 239.255.255.255. A public address is an address that is registered for use on the Internet.

Which of the following terms are often synonymous with or made possible with CIDR? (Select two.) NAT Classless VLSM OSPF Classful

Classless VLSM Explanation Classless InterDomain Routing (CIDR) allows for non-default subnet masks (variable length subnet mask or VLSM). Routers use the following information to identify networks: • The beginning network address in the range • The number of bits used in the subnet mask For example, the subnet 199.70.0.0 with a mask of 255.255.0.0 is represented as 199.70.0.0/16 (with 16 being the number of 1 bits in the subnet mask). Classful addresses rely on the IP address class to identify the subnet mask. Network Address Translation (NAT) allows you to connect a private network to the Internet without obtaining registered addresses for every host. Private addresses are translated to the public address of the NAT router. OSPF is a routing protocol that supports CIDR features.

You have implemented a network where hosts are assigned specific roles, such as for file sharing and printing. Other hosts access those resources but do not host services of their own. What type of network do you have? Client/server Peer-to-peer Intranet Extranet

Client/server Explanation In a client/server network, hosts have specific roles. For example, some hosts are assigned server roles which allows them to provide network resources to other hosts. Other hosts are assigned client roles which allows them to consume network resources. In a peer-to-peer network, each host can provide network resources to other hosts or access resources located on other hosts, and each host is in charge of controlling access to those resources. An intranet is a private network that uses Internet technologies. Services on an intranet are only available to hosts that are connected to the private network. An extranet is a private network that uses Internet technologies, but whose resources are made available to external (but trusted) users. For example, you might create a Web site on a private network that only users from a partner company can access.

when designing a firewall, what is the recommended approach

Close all ports, open only ports required

When designing a firewall, what is the recommended approach for opening and closing ports?

Close all ports; open only ports required by applications inside the DMZ

When designing a firewall, what is the recommended approach for opening and closing ports?

Close all ports; open only ports required by applications inside the DMZ.

Which of the following network strategies connects multiple servers together such that if one server fails, the other immediately take over its tasks, preventing a disruption in service?

Clustering

Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service?

Clustering Clustering connects multiple servers together using special software.

Which type of Internet service uses the DOCSIS specification?

Coaxial cable

Match each third-party integration phase on the left with the tasks that need to be completed during that phase on the right. Each phase may be used once, more than once, or not at all.

Communicate vulnerability assessment... - Ongoing operations Disable VPN configurations... - Off-boarding Compare your organization's... - Onboarding Disable the domain... - Off-boarding Identify how privacy... - Onboarding Draft an ISA... - Onboarding Conduct regular security... - Ongoing operations

As a victim of a Smurf attack, what protection measure is the most effective during the attack?

Communication with our upstream provider

Match each wireless term or concept on the left with its associated description on the right

Compares the level of the WIFI signal to the level of background radio signals/ Signal to Noise ratio Checks channel utilization and identifies sources of RF inference/ Spectrum analysis Identifies how strong a radio signal is at the receiver/Received Signal Level Identifies the number of useful bits delivered from the senders to the receiver/ Causes multiple copies of the same radio signal to be received by the receiving antenna/ Bounce Degrades wireless network performance/ Device saturation

What does an IDS that uses signature recognition use for identifying attacks?

Comparison to a database of know attacks

Match each switch management method on left with its corresponding characteristics on the right. Each method may be used once, more than once, or not at all.

Competes with normal network traffic for bandwidth. In-band Management Uses a dedicated communication channel. Out-of-band management Must be encrypted to protect communications from sniffing. In-band management Does not compete with normal network traffic for bandwidth. Out-of-band management Affected by network outages. In-band management

You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do? (Select two. Each response is a complete solution.)

Conduct a site survey. Check the MAC addresses of devices connected to your wired switch.

You want to make sure that the correct ports on a firewall have been opened or closed. Which document should you check?

Configuration documentation

You want to make sure that the correct ports on a firewall have been opened or closed. Which document should you check?

Configuration documentation.

Besides protecting a computer from under voltages, a typical UPS also performs which two actions?

Conditions the power signal AND protects from over voltages

You are concerned that the wireless access points may have been deployed within your organization without authorizations. What should you do. select two

Conduct a site survey Check the MAC addresses on devices connected to your wired switch

Your organizations uses a time-keeping application that only runs on Windows 2000. Because of this, there are several Windows 2000 workstations on your network. Last week you noticed unusual activity.... Which solution should you implement to protect the network....

Configure VLAN membership so that the Windows 2000 workstations are on their own VLAN

Your company has decided to temporarily partner with a third-party organization for an upcoming project. This requires your company's network and the third-party's network to be connected via a dedicated WAN connection. what should you do to allow routing information to the exchange?

Configure a border router to use route redistribution.

Following Windows installation, you enabled the built-in Admin account . You remove the password for this account, You enable remote Desktop on your computer using the default settings.. From home, you try to access your computer using Remote Desktop using the Admin account but you are unable to log on. What should you do?

Configure a password for the Admin account

You have just connected four switches as shown in the Exhibit. Assuming the default switch configuration, how can your force Switch C to become a root bridge?

Configure a priority number of 4096 for switch C

You have configured a wireless access point to create a small network. For security, you have disabled SSID broadcast. From a client computer, you try to browse to find the access point. You see some other wireless networks in the area, but cannot see your network to connect to it. What should you do?

Configure a profile on the wireless client.

You want to configure your computer so that a password is required before the operating system will load. What should you do?

Configure a user password in the BIOS

You are the wireless network Admin for your organization. As the size of the organization has grown, you've decided to upgrade your wireless network to use 802.11x authentication instead of pre-shared keys. What should you do

Configure all wireless access points with client certs. Configure the RADIUS server with a server cert.

A security administrator logs on to a Windows server on her organization's... What type of scan was conducted in this scenario?

Credentialed scan

You are the network administrator for a city library. Thought the library are several groups of computers that provide public access to the internet..... The library computers are in croups of four. each group of four computers is connected to a hub that is connected to the library network... What can you do?

Configure port security on the switch

You have three switches configured as shown in the Exhibit. How can you guarantee that switch C becomes the root bridge?

Configure switch C with a lower priority value

A salesperson in your organization spent most of her time traveling between customers sites. After a customer visit, she must complete various managerial tasks, such as updating your organizations order database. Because she rarely... many of the things... Which key step should you take when implementing this configurations? select two

Configure the VPN connection to us IPsec Configure the browser to sent HTTPS requests through the VPN connection

You need to enable hosts on your network to find the IP address of logical names such as srv1.myserver.com Which device would you use?

DNS server

You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the following would be a required part of your configurations?

Configure the remote access server as RADIUS clients

You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the following would be a required part of your configuration?

Configure the remote access servers as RADIUS clients.

You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the following would be a required part of your configuration?

Configure the remote access servers as RADIUS clients. When configuring a RADIUS solution, configure a single server as a RADIUS server. Then configure all remote access servers as RADIUS clients.

To tightly control the anti-malware settings on your computer, you elect to update the signature file manually. Even though you vigilantly update the signature file, the machine becomes infected with a new type of malware. Which of the following actions would best prevent this scenario from occurring again?

Configure the software to automatically download the virus definition files as soon as they become available.

What does the ip address dhcp command all you to do?

Configures the switch to obtain an IP address from a DHCP server

You want to create a rollover cable that has an RJ-45 connector on both ends. How should you connect the wires within the connectors?

Connect pin 1 to pin 8, pin 2 to pin 7, pin 3 to pin 6, and pin 4 to pin 5

You want to create a rollover cable that has an RJ45 connector on both ends. How should you connect the wires within the connectors? Connect pin 1 to pin 8, pin 2 to pin 7, pin 3 to pin 6, and pin 4 to pin 5. Use the T568A standard on one end and the T568B standard on the other end. Connect each pin on one end to the same pin on the other end (i.e. pin 1 with pin 1, pin 2 with pin 2, etc.). Connect pin 1 with pin 3 and pin 2 to pin 6.

Connect pin 1 to pin 8, pin 2 to pin 7, pin 3 to pin 6, and pin 4 to pin 5. Explanation When terminated with an RJ45 connector on both ends, the wires within the connectors are rolled over to the opposite connector as follows: • Pin 1 is connected to pin 8 • Pin 2 is connected to pin 7 • Pin 3 is connected to pin 6 • Pin 4 is connected to pin 5 A crossover cable uses the T568A standard on one end and the T568B standard on the other end. The crossover cable connects pin 1 with pin 3 and pin 2 to pin 6. Connecting each pin to the same pin on the other end creates a straight-through cable.

Which of the following tasks is associated with the Session layer? Connection establishment Acknowledgement coordination Transmission synchronization Host ID number assignment

Connection establishment Explanation Connection establishment is controlled through Session layer protocols.

You have recently discovered that a network attack has compromised your database server. In the process, customer credit card numbers might have been taken by an attacker. You have stopped the attack and put measures in place to prevent the same incident from occurring in the future. What else might you be legally required to do?

Contact your customers to let them know of the security breach

You have recently discovered that a network attack has compromised your database server. In the process, customer credit card numbers might have been taken by an attacker. You have stopped the attack and put measures in place to prevent the same incident from occurring in the future. What else might you be legally required to do?

Contact your customers to let them know of the security breach.

Which of the following prevents access based on website rating and classifications?

Content filter

Which of the following prevents access based on website ratings

Content filter

You have a website that uses multiple servers for different types of transactions. For example, one server is responsible for static web content, while another is responsible for secure transactions. You would like to implement a devices to speed up access to your web content..... Which type of device should you choose?

Content switch

You are an application developer. You use a hypervisor with multiple virtual machines installed to test your applications on various operating system versions and editions. Currently, all of your testing virtual machines are connected to the production network through the hypervisor's network interface. However, you are concerned that the latest application you are working on could adversely impact other network hosts if errors exist in the code. To prevent this, you decide to isolate the virtual machines from the production network. However, they still need to be able to communicate directly with each other. What should you do?

Create a new virtual switch configured for host-only (internal) networking. Connect the virtual network interfaces in the virtual machines to the virtual switch.

You want to store your computer-generated audit logs in case they are needed in the future for examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future?

Create a hash of each log.

You are responsible for maintaining Windows workstation operating systems in your organization. Recently, an update from Microsoft was automatically installed on your workstations that caused an in-house application to stop working. To keep this from happening again, you decide to test all updates on a virtual machine before allowing them to be installed on production workstations. Currently, none of your testing virtual machines have a network connection. However, they need to be able to connect to the update servers at Microsoft to download and install updates.

Create a new virtual switch configured for bridged (external) networking Connect the virtual network interfaces in the virtual machine to the virtual switch

Which of the following measures will make your wireless network less visible to the casual attacker performing war driving?

Disable SSID broadcast

A user reports that she can't connect to the internet. After some investigation, you find the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point. What should you do next?

Create an action plan.

A user reports that she cant connect to the internet. After some investigation, you find the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point. What should you do next?

Create an action plan.

Which of the following is a common form of social engineering attack?

Hoax virus information e-mails.

Which of the following statements about ESD is not correct?

ESD is much more likely to occur when the relative humidity is above 50%

Which of the following are common forms of social engineering attack?

Hoax virus information emails

You have a network with 50 workstations. You want to automatically configure workstations with the IP address, subnet mask, and default gateway values. Which device should you use? DNS server Gateway Router DHCP server

DHCP server Explanation Use a DHCP server to deliver configuration information to hosts automatically. Using DHCP is easier than configuring each host manually. Use a gateway to provide access to a different network, or to a network using a different protocol. Use a router to connect multiple subnets. Use a DNS server to provide name resolution, for example to get the IP address associated with a logical host name.

A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organizations firewall. As a result, the switch drops the DHCP message from that server. Which security feature was enabled on the switch to accomplish this?

DHCP snooping

A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organization's firewall. As a result, the switch drops the DHCP message from that server. Which security feature was enabled on the switch to accomplish this?

DHCP snooping DHCP snooping filters out untrusted DHCP messages. An untrusted DHCP message is received from outside the network or firewall. DHCP snooping acts like a firewall between DHCP clients and your DHCP servers.

Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted Internet?

DMZ A DMZ or demilitarized zone is a network placed between a private secured network and the untrusted Internet to grant external users access to internally controlled services. The DMZ serves as a buffer network.

You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. Which protocol should you implement?

DNS

You want to implement name resolution on the Linux workstations in your company. Which protocol will you use to do this?

DNS

You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. Which protocol should you implement? Telnet ARP DHCP DNS

DNS Explanation DNS is a system that is distributed throughout the internetwork to provide address/name resolution. For example, the name www.mydomain.com would be identified with a specific IP address. ARP is a protocol for finding the IP address from a known MAC address. DHCP is a protocol used to assign IP addresses to hosts. Telnet is a remote management utility.

Which type of Denial of Service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses?

DNS poisoning

Which WAN connection types use digital communications over public telephones?

DSL ISDN

Breaks data into pieces and ends the pieces access multiple frequencies in a defined range

DSSS

which of the following services automatically creates and deletes host records wen an ip address lease is created or released?

DYNAMIC DNS

Your company purchase a new bridge, which filters packets based on the MAC address of the destination computer. On which layer of the OSI Model is this device functioning?

Data Link

Which of the following describes the point where the service provider's responsibility ends and the customer's responsibility begins for installing and maintaining wiring and equipment? Smart jack Punchdown block IDF Demarc Vertical cross connect

Demarc Explanation When you contract with a local exchange carrier (LEC) for data or telephone services, they install a physical cable and a termination jack onto your premises. The demarcation point (demarc) is the line that marks the boundary between the telco equipment and the private network or telephone system. Typically, the LEC is responsible for all equipment on one side of the demarc, and the customer is responsible for all equipment on the other side of the demarc. A smart jack is a special loopback plug installed at the demarcation point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc. A punchdown block is a block used to connect individual copper wires together. While the demarc might terminate in a punchdown block, punchdown blocks are used within other locations at the customer site. An intermediate distribution frame (IDF) is a smaller wiring distribution point within a building. IDFs are typically located on each floor directly above the main distribution frame (MDF), although additional IDFs can be added on each floor as necessary. A vertical cross connect connects the IDF to the MDF on a different floor.

You have a network that occupies the top floor of a three story building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. What would you use to relocate the WAN line into a wiring closet on your floor? Horizontal cross connect Demarc extension 66 block Smart jack 110 block

Demarc extension Explanation A demarc extension extends the demarcation point from its original location to another location within the building. The demarc extension typically consists of a single wire bundle that attaches to the existing demarc and supplies a termination point to a different location. You might need a demarc extension if your network occupies an upper floor of a building. The LEC will typically install the demarc into the MDF on the bottom floor, and you will need to install an extension to place the demarc into the IDF on your floor. A horizontal cross connect connects IDFs on the same floor. Cabling runs horizontally (sideways) between the IDFs. A smart jack is a special loopback plug installed at the demarcation point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc. Use 66 and 110 blocks to connect individual wires within a wiring closet. These blocks can be used to connect devices to the WAN service wiring, but are not typically used for installing a demarc extension.

Which of the following is not a valid response to a risk discovered during a risk analysis?

Denial

Which of the following can be used to stop piggybacking that has been occurring at the front entrance where employees should swipe their smart cards to gain entry?

Deploy a man trap

Match the Etherchannel protocol on the left with its characteristics on the right.

Desirable mode places the port in a negotiating state. Port Aggregation Protocol (PAgP) Based on the 802.3ad standard link Aggregation control protocol(LACP) Passive mode places the port into a passive negotiation state. link aggregation control protocol (LACP) Auto mode places the port into a passive negotiating state. Port Aggregation Protocol (PAgP) Active more places the port in a negotiating state. link Aggregation control protocol(LACP)

You have just installed a packet-filtering firewall on your network

Destination address Port number Source address

You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall? Select all that apply.

Destination address of a packet Port number Source address of a packet

A service Level Agreement (SLA) defines the relationship between, and the contractual responsibilities of, providers and recipients of service. Which of the following characteristics are most important when designing an SLA? select two

Detailed provider responsibilities for all continuity and disaster recovery mechanisms. Clear and detailed descriptions of penalties if the level of service is not provided

Users report that the network is down. After some investigation, you determine that a specific router is configured such that a routing loop exists. What should you do next?

Determine if escalation is needed

Users report that the network is down. After some investigation, you determine that a specific router is configured such that a routing loop exists. What should you do next?

Determine if escalation is needed.

A user reports that she can't connect to a server on your network. You check the problem and find out that all users are having the same problem. What should you do next?

Determine what has changed.

A user reports that she cant connect to a server on your network. You check the problem and find out that all users are having the same problem. What should you do next?

Determine what has changed.

You have a network using a full physical mesh topology. The link between device A and device B is broken. Which of the following best describes what happens to network communications?

Device A will be able to communicate with all other devices

Which of the following statements describe how VLANs effect broadcast traffic within an internetwork?

Devices on the same VLAN have the same subnet address Broadcast traffic is transmitted only within a VLAN

Which of the following best describes the concept of VLAN?

Devices on the same network logically grouped as if they were on separate networks

On your way into the back entrance of the building at work one morning, a man dressed as a plumber asks you to let him in so he can "fix the restroom." What should you do?

Direct him to the front entrance and instruct him to check in with the receptionist.

One of the Windows 7 workstations you manage has four user accounts defined on it. Two of the users are limited users while the third (your account) is an administrative user. The fourth account is the Guest user account, which has been enabled to allow management employees convenient workstation access. Each limited and administrative user has been assigned a strong password. File and folder permissions have been assigned to prevent users from accessing each other's files. Autorun has been disabled on the system. What should you to increqase the security of his system?

Disable the Guest account

Which of the following measures will make your wireless network inviable to the casual attacker performing war driving?

Disable the SSID broadcast

Which of the following actions should you take to reduce the attack surface of a server?

Disable unused services

Which of the following actions should you take to reduce the attack surface of a server?

Disable unused services.

During a recent site survey, you find a rogue wireless access point on your network. Which of the following actions should you take first to protect your network, while still preserving evidence?

Disconnect the access point from the network

If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?

Disconnect the intruder

If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?

Disconnect the intruder.

You manage the website for your company. The Web1 server hosts... Which component is a single point of failure for the website?

Disk controller

Which of the following enterprise wireless deployment models uses access points with enough intelligence to allow for the creation of quest WLANs for keeping public wireless traffic separated from private traffic?

Distributed wireless mesh infrastructure

Which of the following are true for the IS-IS routing protocol? select two

Divides large networks into areas Supports IPv6 routing

When you browse to a website, a pop-up window tells you that your computer has been infected with a virus. You click on the window to see what the problem is. Later, you find out that the window has installed spyware on your system. What type of attack has occurred?

Drive-by download Drive-by downloads can occur in a few different ways: • Through social engineering, the user is tricked into downloading the software. • By exploiting a browser or operating system bug, a site is able to install software without the user's knowledge or consent.

What security measures encrypts the entire contents of a hard drive?

DriveLock

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. There is no default route configured on the router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet? Drop the packet. Send the packet to both networks 192.168.3.0 and 192.168.4.0 to the next hop router. Hold the packet in cache until a matching route is learned or configured. Send the packet out both of its directly connected networks as a broadcast frame.

Drop the packet. Explanation If a packet does not match any route in a routing table, the router will simply drop the packet. In this example, the router does not know about the destination network, and also is not configured with a default route. With a default route, the router will forward the packet to the next hop router specified by the default route.

A user reports that network access from her workstation is very slow. The problem does not seem to be affecting any other users. Which of the following conditions is the most likely cause?

Duplex mismatch

You want to connect your small company network to the Internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connection to internal hosts. What type of NAT should you implement?

Dynamic

A network switch is configured to perform the following validation checks on its ports: • All ARP requests and responses are intercepted. • Each intercepted request is verified to ensure that it has a valid IP-to-MAC address binding. • If the packet has a valid binding, the switch forwards the packet to the appropriate destination. • If the packet has an invalid binding, the switch drops the ARP packet. What security feature was enabled on the switch to accomplish this?

Dynamic ARP Inspection

You have been contracted by a firm to implement a new remote access solution based on a Windows Server 2003 system. The customer wants to purchase and install a smartcard system to provide a high level of security to the implementation. Which of the following authentication protocols are you most likely to recommend to the client?

EAP

You want to implement an authentication method that uses public and private key pairs. Which authentication methods should you use?

EAP

Which remote access authentication protocol allows for the use of smart cards for authentication?

EAP Extensible Authentication Protocol (EAP) is a set of interface standards that allows you to use various authentication methods including smartcards, biometrics, and digital certificates.

You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use?

EAP Public and private key pairs are used by certificates for authentication and encryption. Extensible Authentication Protocol (EAP) allows the client and server to negotiate the characteristics of authentication. EAP is used to allow authentication using smart cards, biometrics (user physical characteristics), and certificate-based authentication.

What security solutions would prevent a user from reading a file which she did not create?

EFS

Which of the following routing protocols is classified as a balance hybrid routing protocol?

EIGRP

Which of the following routing protocols is classified as a balanced hybrid routing protocol? EIGRP OSPF ISIS RIP

EIGRP Explanation EIGRP is a hybrid routing protocol developed by Cisco for routing within an AS. RIP is a distance vector protocol, while OSPF and ISIS are link state protocols.

You are troubleshooting a client connectivity problem on an Ethernet network. The client system has intermittent connectivity to the network. You discover that the UTP patch cable is run 75 feet from the wall outlet, passes through the ceiling and over several florescent light fixtures before reaching the client system. Which of the following may be a cause of the connectivity problem?

EMI interfaace.

You have a cable Internet connection at home. The installer had connected the router near the outside wall of your house with RG-6 cable. You move the cable router a distance of 50 meters using RG-8 cables and special connector adapters. Which condition are you most likely to experience?

Echo.

Which technologies are used by the 802.11ac standard to increase network bandwidth? select two

Eight MIMO radio streams 80MHz donned channels

Which of the following are characteristics of TACACS +?

Encrypts the entire packet, not just authentication packets

You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. Which of the following will help reduce the effects of a broadcast storm?

Enable spanning tree on the switches

In the OSI model, which of the following functions are performed at the Application layer? (Select all that apply.) Data translation Enabling communication between network clients and services Conversation identification Integration of network functionality into the host operating system

Enabling communication between network clients and services Integration of network functionality into the host operating system Explanation The Application layer enables network services, and integrates network functionality into the host operating system. Applications actually run above the OSI Application layer. Conversation identification is accomplished at the Session layer through connection or transaction ID numbers. Data translation is performed at the Presentation layer.

In the OSI model, which of the following functions are performed at the Presentation layer? (Select two.) Maintain separate client connections Handle general network access, flow control, and error recovery Encrypt and compress data Transmit data frames Specify data format (such as file formats) Provide network services

Encrypt and compress data Specify data format (such as file formats) Explanation The Presentation layer encrypts data, changes and converts character sets, and compresses data. File formats (such as .jpg, .wmv, and .wav) are part of the Presentation layer. The Application layer provides network services. The Session layer maintains separate client connections through session IDs, and maintains those sessions. Flow control and error detection are provided at both the Transport layer and the Data Link layer. Transmitting frames happens at the Physical layer.

Which of the following features is supplied by WPA2 on a wireless network?

Encryption

You need to configure the FastEthernet 0/1 interface on a switch to automatically detect the appropriate link speed and duplex setting by negotiating with the device connected to the other end of the link. Drag the command on the left to the appropriate configuration step on the right to accomplish this. Not all of the commands may be required.

Enter global configuration mode: conf t Enter interface configuration mode: int fa0/1 Set the speed of the interface: speed auto Set the duplex setting for the interface: duplex auto

The Data Link Layer of the OSI model is comprised of two sublayers. What are they? (Select two.) LLC DLC LAT MAC SAN

Explanation The Data Link layer is split into the following sublayers: • Logical Link Control (LLC) Sublayer Provides the operating system link to the device driver. • Media Access Control (MAC) Sublayer Translates generic network requests into device specific terms.

You have just signed up for a broadband home Internet service that uses coaxial cable. Which connector type will you most likely use?

F-type

You have just signed up for a broadband home Internet service that uses coaxial cable. Which connector type will you most likely use?

F-type

You have just signed up for a broadband home Internet services that uses coaxial cable. Which connector type will you most likely use?

F-type

Upon conducting a visual inspection of the server room, you see that a switch displays LED collision lights that are continually lit. You check the LED on the corresponding workstation and see that it is flashing rapidly even though it is not sending or receiving network traffic at that time. What is the cause of the network collision?

Faulty network card.

Which component of a Change and Configuration Management policy identifies technical and budgetary considerations associated with a proposed change and also identifies any potential impacts to the network?

Feasibility anaylsis

Which network type uses light pulses to transmit data?

Fiber optic

Ethernet 100BaseFX networks use what type of cabling? Unshielded twisted pair Fiber optic Shielded twisted pair Coaxial

Fiber optic Explanation Ethernet 100BaseFX networks use fiber optic cabling.

Ethernet 100BaseFX networks use what type of cabling?

Fiber-optic

What type of security measures is a form of biometrics?

Fingerprint scanner

Which of the following identifies an operating system or network service based upon it response to ICMP messages?

Fingerprinting

You are the network administrator for a small organization. Recently, you contracted with an ISP to connect your organization's network to the Internet to provide users with Internet access. Since doing so, it has come to your attention that an intruder has invaded your network from the Internet on three separate occasions. What type of network hardware should you implement to prevent this from happening again?

Firewall

You are the administrator of your company's network. You want to prevent unauthorized access to your intranet from the Internet. Which of the following should you implement? Proxy server Packet Internet Groper ICS Firewall

Firewall Explanation A firewall allows you to filter unwanted traffic from the Internet to your network. Packet Internet Groper is better known by its acronym, PING, a TCP/IP command. A proxy server caches web pages. ICS allows you to connect a small network to the Internet through a single connection.

Which of the following is the best device to deploy to protect your private network from a public untrusted network? Firewall Gateway Hub Router

Firewall Explanation A firewall is the best device to deploy to protect your private network from a public untrusted network. Firewalls are used to control traffic entering and leaving your trusted network environment. Firewalls can manage traffic based on source or destination IP address, port number, service protocol, application or service type, user account, and even traffic content. Routers offer some packet based access control, but not as extensive as that of a full-fledged firewall. Hubs and gateways are not sufficient for managing the interface between a trusted and an untrusted network.

You are the network administrator for a small organization. Recently, you contracted with an ISP to connect your organization's network to the Internet to provide users with Internet access. Since doing so, it has come to your attention that an intruder has invaded your network from the Internet on three separate occasions. What type of network hardware should you implement to prevent this from happening again? Proxy server Switch Hub Firewall CSU/DSU Router

Firewall Explanation The role of a firewall is to provide a barrier between an organization's network and a public network, such as the Internet. Its job is to prevent unauthorized access into the organization's private network. To do this, the firewall examines incoming packets and determines whether they should be allowed to enter based on a set of rules defined by the network administrator.

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The router is also configured with a static route of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet? Send the packet out both of its directly connected networks to the next hop router. Send the packet out both of its directly connected networks as a broadcast frame. Forward the packet to the next hop router specified by the route to network 0.0.0.0. Drop the packet.

Forward the packet to the next hop router specified by the route to network 0.0.0.0. Explanation A route of 0.0.0.0 with a mask of 0.0.0.0 identifies a default route. The default route is used when no other route is a better match. Packets that match no other networks are sent to the next hop router specified by default route.

What type of virtualization completely simulates a real physical host? Full virtualization Semi-virtualization Paravirtualization Partial virtualization

Full virtualization Explanation In full virtualization, the virtual machine completely simulates a real physical host. This allows most operating systems and applications to run within the virtual machine without being modified in any way. In partial virtualization, only some of the components of the virtual machine are virtualized. Be aware of the following: •The operating system uses some virtual components and some real physical hardware components in the actual device where the hypervisor • The operating system or application must be modified to run in a partial virtualization environment. In paravirtualization, the hardware is not virtualized. Be aware of the following: • All of the guest operating systems running on the hypervisor directly access various hardware resources in the physical device; components are not virtual. • The guest operating systems run in isolated domains on the same physical hardware. • The operating system or application must be modified before they can run in a paravirtualization environment.

Match the network Access Protection (NAP) component on the left with is description on the right.

Generates a stament of Health (SoH) that reports the client configuration for health requirements. NAP Client Runs the System Health Validator (SHV) NAP Server Is the connection point for clients to the network Enforcement Server (ES) Contain resources accessible to non-compliant computers on the limited-access network. Remediation Server

Which protocol is used on the World Wide Web to transmit Web pages to Web browsers?

HTTP

Which protocol is used on the World Wide Web to transmit Web pages to Web browsers? SMTP HTML HTTP NNTP

HTTP Explanation HTTP or HyperText Transfer Protocol is used by Web servers and browsers to transmit Web pages on the Internet. This is often confused with HTML or HyperText Markup Language which is the markup language used to create Web content.

What TCP/IP protocol is a secure form of HTTP that uses SSL as a sublayer for security?

HTTPS

Which of the following fire extinguisher types poses a safety risk to users in the area?(Select two)

Halon AND CO2

Match each physical security control on the left with an appropriate example of that control on the right. Each security control may be used once, more than once, or not at all.

Hardened carrier Protected cable distribution Biometric authentication Door locks Barricades Perimeter barrier Emergency escape plans Safety Alarmed carrier Protected cable distribution Antipassback system Physical access control Emergency lighting Safety Exterior floodlights Perimeter barrier

Which method can be used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence?

Hashing

Which method can be used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence?

Hashing Hashing is the method used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence.

You need to implement a wireless network between two buildings on a college campus. A wired network has already been implemented within each building. the buildings are 100 meters apart. select two

High-gain Parabolic

You are adding a new rack to your data center... The only space you have available in the data center is on the... To protect against failures, you also plan to install a UPS in the rack along... There are problems with this plan. What should you do?

Hire an electrician to install a wall outlet near the new rack

Which of the following is a common form of social engineering attack?

Hoax virus information e-mails

Which of the following terms describes a Windows operating system patch that corrects a specific problem and is release on a short-term, periodic basis (typically monthly)? A. Targeted software patch B. Hotfix C. Kernel fix kit D. Service pack

Hotfix Explanation: A hotfix is an operating system patch that corrects a specific known problem. Microsoft typically releases hotfixes monthly. Service packs include a collection of hotfixes and other system updates. Service packs are not released as Often, but contain all hotfixes released to that time.

You have been hired to design a wireless network for a SOHO environment. Which of the following questions should you ask? select three

How many devices will need to be supported Is the business expected to grow in size in the future What type of data will be transmitted on the network

An access point that conforms to the IEEE 802.11b standard acts most closely to what other networking device?

Hub

Which of the flowing devices does not segment the network ?

Hub

Which of the following hardware devices regenerates a signal out all connected ports without examining the frame or packet contents?

Hub

An access point that conforms to the IEEE 802.11b standard acts most closely to what other networking device? Router Gateway Hub Terminal Patch bay

Hub Explanation An access point functions like a hub by connecting multiple wireless hosts to a wired Ethernet network.

You have a private network connected to the Internet. Your routers will not share routing information about your private network with Internet routers. Which of the following best describes the type of routing protocol you would use? Static Link state IGP Dynamic Distance vector BGP

IGP Explanation You would use an Interior Gateway Protocol (IGP) on routers within your network. Routing protocols can be classified based on whether they are routing traffic within or between autonomous systems: An Interior Gateway Protocol (IGP) routes traffic within an AS; an Exterior Gateway Protocol (EGP) routes traffic between ASs. Link state and distance vector describe how routing protocols share routing information. The network size might determine which protocol is best for your network. Static routing uses manually defined routes in the routing table, while dynamic routing uses a protocol so routers learn and share routes with other routers. You can use either static or dynamic routing (or both) on a private network.

Match the default administrative distance with the route type.

IGRP/100 RIP/120 Static Route/1 EIGRP internal route/90 OSPF/110 EIGRP Summary Route/5 Connected Interface/0 EIGRP external Route/170

Which of the following protocols is used by an e-mail client to retrieve messages from an e-mail server and gives users the option to keep mail messages on the server?

IMAP

You are asked to recommend an email retrieval protocol for a company's sales team. The sales team needs to access email from various locations and possibly different computers. The sales team does not want to worry about transferring email messages or files back and forth between these computers. Which email protocol was designed for this purpose? IMAP SMTP MFTP POP4 POP3

IMAP Explanation The Internet Message Access Protocol (IMAP) is an email retrieval protocol designed to enable users to access their email from various locations without the need to transfer messages or files back and forth between computers. Messages remain on the remote mail server and are not automatically downloaded to a client system. POP3 is an email retrieval protocol that downloads and then deletes messages from a mail server. POP3 is well suited for reading email offline; however, you need to go online when you want to receive and send new messages. Once your new messages have been downloaded to your computer you can log off to read them. This option is often used when email is received over a dialup connection.

Which of the following protocols stores email on the mail server and gives users a choice to download mail or keep it on the server? (Select 2) POP3 SMTP NTP IMAP4

IMAP4 & POP3 Explanation IMAP4 allows a mail server to hold messages for a client. POP3 is a simpler protocol than IMAP4 that downloads email messages and deletes them from the server by default, but most newer POP3 clients provide an option to leave mail on the server after download. SMTP allows a user to send email to a server. The NTP protocol synchronizes the clocks of all computers on a network.

You want to use your Windows workstation to browse the web sites on the Internet. You use a broadband DSL connection to access the Internet. Which network protocol must be installed on your workstation to do this?

IP

You have a small network with a single subnet connected to the Internet as shown in the Exhibit. The router has been assigned the two addresses shown. You need to manually configure the workstation to connect to the network. The workstation should use RouterA as the default gateway, and DNS1 as the DNS server address. From the drop-down lists, select the appropriate paramteres to configure the workstation's TCP/IP settings.

IP Address: 192.168.12.46 Subnet Mask: 255.255.255.240 Default Gateway: 192.168.12.34 DNS Server: 192.162.1.22

You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?

IP address

You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?

IP address A router acting as a firewall at layer 3 is capable of making forwarding decisions based on the IP address.

A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the router back online. After doing some research, you find that the most likely cause of the problem is a bug in the router's software. A new patch is available from the manufacturer that is supposed to eliminate the problem. What should you do next?

Identify possible effects of the solution.

A user reports that he can't connect to a specific Web site. You go to the user's computer and reproduce the problem. What should you do next?

Identify the affected areas of the network.

A user reports that he cant connect to a specific Web site. You go to the user's computer and reproduce the problem. What should you do next?

Identify the affected areas of the network.

Two employees cannot access any sites outside of the local network, but can still access internal files on other internal subnets. Other employees are not experiencing the same problem. You suspect the issues may have something to do with the proxy server on your network and the settings in Internet Explorer. What should you do?

Identify the proxy server nae and port number in Internet Options.

A user is unable to connect to the network. You investigate the problem and determine that the network adapter is defective. You replace the network adapter and verify that it works. What should you do next?

Identify the results and effects of the solution

A user is unable to connect to the network. You investigate the problem and determine that the network adapter is defective. You replace the network adapter and verity that it works. What should you do next?

Identify the results and effects of the solution

A workstation is connected to a switch on the Gi0/2 interface using a straight through cable. The Ethernet interface in the workstation has been manually configured to use a 100 Mbps link speed and full duplexing. Which of the following are true in this scenario? (Select three.)

If the link speed is 1000 Mbps or faster, full-duplex is used. If the link speed is 10 Mbps or 100 Mbps, half-duplex is used. The switch attempts to sense the link speed. If it can't, the slowest link speed supported on the interface is selected.

Under which of the following circumstances might you implement BGP on your company network and share routes with Internet routers? If the network is connected to the Internet using multiple ISPs. If the network has over 15 areas and uses IPv6. If the network is connected to the Internet using public addressing. If the network has over 15 hops.

If the network is connected to the Internet using multiple ISPs. Explanation Very large networks can use BGP internally, but typically only share routes on the Internet if the AS has two (or more) connections to the Internet through different ISPs. If your network has over 15 hops, use a routing protocol other than RIP. Use OSPF or ISIS to divide your network into areas. Private networks that use public IP addresses do not need to share routes with Internet routers; it is typically the responsibility of the ISP to configure routes into the private network, even when public addressing is being used. A single route out of the private network is all that is required if the network has a single connection to the Internet.

You work in an office that uses linux server, netware servers, and windows nt 4.0 severs. The network uses both the TCP/IP and IPX,SPX protocols. The linux server is used as an FTP server. Today you have received several calls from people who are unable to contact the linux server at its known IP address. You are sitting at the Linux server and want to check its IP address. Which command should you use?

Ifconfig

Which of the following are advantages of using fiber optic cabling for a network, as opposed to other types of cabling? (Select two.) Immunity to electromagnetic interference Lower installation cost Greater cable distances without a repeater Faster installation

Immunity to electromagnetic interference Greater cable distances without a repeater Explanation Compared to other types of cabling, fiber optic cabling allows greater cable distances without a repeater and is immune to electromagnetic interference. However, installation costs more and takes longer.

Which of the following is not a form of social engineering?

Impersonating a user by logging on with stolen credentials

The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for patrons. The owner has asked that you implement security controls such that only paying patrons are allowed to use the wireless network. She wants them to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at check-in, they should then be allowed full access to the Internet. If a patron does not provide the correct code, they should not be allowed to access the Internet. Under no circumstances should patrons be able to access the internal hotel network where sensitive data is stored. What should you do?

Implement a guest network

You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around the facility you note the following: When you enter thefacility a receptionist greets you and escorts you through a locked door to the work area where the office manager sits. The office manager informs you that the orgnaizations servers are kept in a locked closet. An access card is required to enter the server closet She infroms you that the server backups are configured to run each night. A rotation of tapes are used as the backup media You notice the orgnaiation's network switch is kept in the server closet You notice that the router/firewall/content filter all in one device has been implemented in the server closet to protect the internal network from external attacks. The office manager information you that her desktop system will no longer boot and asks you to repair or replace it, recovering as much data as possible in the rpocess. You carry the workstation to our car and bring it back to your office to work on it. What securityrelated recommendations should you make to the client?

Implement a hardware checkout policy

• The office manager informs you that her desktop system will no longer boot and asks you to repair or replace it, recovering as much data as possible in the process. You carry the workstation out to your car and bring it back to your office to work on it. What securityrelated recommendations should you make to this client?

Implement a hardware checkout policy

You want to be able to monitor and filter VM-to-VM traffic within a virtual network. What should you do?

Implement a virtual firewall within the hypervisor.

You recently created a new network segment for Development. Because the hosts are now on a different network segment, they no longer contact the DHCP server. Both network segments are connected via a Cisco router. Which of the following would be the best action to tack in order to fix the problem

Implement an IP Helper address on the router

As you are helping a user with a computer problem you notice that she has written her password on a note stuck to her computer monitor. You check the password policy of your company and find that the following settings are currently required: • Minimum password length = 10 • Minimum password age = 4 • Maximum password age = 30 • Password history = 6 • Require complex passwords that include numbers and symbols • Account lockout clipping level = 3 Which of the following is the best action to take to make remembering passwords easier so that she no longer has to write the password down?

Implement end-user training. Instruct users on the importance of security and teach them how to create and remember complex passwords. Making any other changes would violate the security policy and reduce the overall security of the passwords. References

Over the last month you have noticed a significant increase in the occurrence of inappropriate activities performed by employees. What is the best first response step to take in order to improve or maintain the security level of the environment?

Improve and hold new awareness sessions

You need to place a wireless access point in your two-story building? While trying to avoid interference, which of the following is the best location for the access point?

In the top floor

You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet This workstation can communicate with some hosts on private network, but not with other host. You run IPCONFIG/ALL and see the following: Ethernet adapter Local Area Connection : Connection- specific DNS Suffix . : mydomain . local Description . . . Broadcom network adapter Physical Address . : 00 - AA-BB-CC-74-EF DHCP Enabled . . . . . . . No Autoconfiguration Enabled . Yes IPv4 Address 192 . 168 . 1 . 102(Preferred) Subnet Mask . 255 . 255 . 0 . 0 Default Gateway : 192 . 168 . 1.1 DNS Servers . . 192 . 168 . 2 . 20 192.168.1.27

Incorrect Subnet mask

You manage a local area network with several switches. A new employee has started today so you connect her workstation to a switch port. Which of the following is the most likely cause of the problem?

Incorrect VLAN assignment

You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation can communicate with some hosts on the private network, but not with other hosts. you run ifconfig /all and see the following. Ethernet adapter Local Area Connection : Connection- specific DNS Suffix . : mydomain . local Description . .Broadcom network adapter Physical Address . : 00 - AA-BB-CC-74-EF DHCP Enabled . . . . . . . No Autoconfiguration Enabled . Yes IPv4 Address 192 . 168 . 1 . 102(Preferred) Subnet Mask . 255 . 255 . 255 . 0 Default Gateway : 192 . 168 .2.1 DNS Servers . . 192 . 168 . 2 . 20 What is the most likely cause of the problem?

Incorrect default gateway

You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0 subnet which uses the default subnet mask. This workstation cannot communicate with any other hosts on private network. You run IPCONFIG/ALL and see the following: Ethernet adapter Local Area Connection : Connection- specific DNS Suffix . : mydomain . local Description . . . Broadcom network adapter Physical Address . : 00 - AA-BB-CC-74-EF DHCP Enabled . . . . . . . No Autoconfiguration Enabled . Yes IPv4 Address 192 . 168 . 1 . 102(Preferred) Subnet Mask . 255 . 255 . 225 . 0 Default Gateway : 192 . 168 . 1.1 DNS Servers . . 192 . 168 . 2 . 20

Incorrect ip address

You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0 subnet which uses the default subnet mask. This workstation cannot communicate with any other hosts on private network. You run IPCONFIG/ALL and see the following: Ethernet adapter Local Area Connection : Connection- specific DNS Suffix . : mydomain . local Description . . . Broadcom network adapter Physical Address . : 00 - AA-BB-CC-74-EF DHCP Enabled . . . . . . . No Autoconfiguration Enabled . .: Yes IPv4 Address 192 .... :168 . 1 . 102(Preferred) Subnet Mask ..........: 255 . 255 . 225 . 0 Default Gateway ...: 192 . 168 . 1.1 DNS Servers . ......: 192 . 168 . 2 . 20

Incorrect ip address

You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet This workstation can communicate with some hosts on private network, but not with other host. You run IPCONFIG/ALL and see the following: Ethernet adapter Local Area Connection : Connection- specific DNS Suffix . : mydomain . local Description . . . Broadcom network adapter Physical Address . : 00 - AA-BB-CC-74-EF DHCP Enabled . . . . . . . No Autoconfiguration Enabled . Yes IPv4 Address 192 . 168 . 1 . 102(Preferred) Subnet Mask . 255 . 255 . 0 . 0 Default Gateway : 192 . 168 . 1.1 DNS Servers . . 192 . 168 . 2 . 20 192.168.1.27

Incorrect subnet mask

What is the purpose of using Ethernet bonding? (Select two.)

Increases network performance. Provides a failover solution for network adapters

Match each type of access point on the left with the wireless network architecture that they are commonly used in on the right

Independent access point infrastructure/ Intelligent AP Hub-and-spoke infrastructure/ Lightweight AP Distributed wireless mesh infrastructure/ Intelligent AP

You have decided to perform a double blind penetration test. Which of the following actions would you perform first?

Inform senior management

Which of the following strategies are used to prevent duplicate IP addresses being used on a network?

Install a DHCP server on the network. Use Automatic Private IP Addressing.

Which actions allow you to access the Internet on your laptop via a cellular network?

Install a cellular USB adapter in a open port on the laptop

You have worked as a network Admin for a company for seven months. One day all picture files on the server become corrupted. You discover that a user downloaded a virus from the internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss adam at that this situation does not occur. What should you do?

Install a network virus detection software solution.

You have worked as the network administrator for a company for seven months. One day all picture files on the server become corrupted. You discover that a user downloaded a virus from the Internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss is adamant that this situation does not reoccur. What should you do?

Install a network virus detection software solution.

Your company leases a very fast Internet connection and pays for it based on usage. You have been asked by the company president to reduce Internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection, without decreasing performance. What is the best way to do this?

Install a proxy server

You would like to control Internet access based on users, time of day, and Web sites visited. How can you do this?

Install a proxy server. Allow Internet access only through the proxy server.

What 2 actions taken directly improves system security on Windows systems?

Install anti-virus software. // Enable the Windows firewall

Users are complaining that sometimes network communications are slow. You use a protocol analyzer and find that packets are being corrupted as they pass through a switch. You also notice that this only seems to happen when the elevator is running. What should you do?

Install shielded cables near the elevator

You are setting up a small network in your office with one Windows server and 50 Windows workstation. You want to spend as little time as possible configuring the workstations with IP addressing information. What should you do?

Install the DHCP service on your server

You manage the information systems for a large manufacturing firm. Supervisory control and data acquistion (SCADA) devices are used on the manfucaturing floor to manager your organization's automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?

Install the latest firmware updates from the device manufacturer Verify that your network's existing security infrastrucutre is working properly.

While using a web-based order form, an attacker enters an unusually large value in the Quantity field. The value entered is large enough to exceed the maximum value supported by the variable type used to store the quantity in the web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number. As a result, the web application processes the order as a return instead of a purchase, and the attacker's account is refunded a large sum of money. What type of attack has occurred in this scenario?

Integer overflow

While using a web-based order form...The value entered is large enough to exceed the maximum value...A large sum of money. What type of attack has occurred in this scenario?

Integer overflow

Hybrid Cloud

Integrates one cloud service with other cloud services

Which of the following are characteristics of coaxial network cable? (Choose three.) It uses two concentric conductors made from plastic or glass which conduct light signals. It has a conductor made from copper in the center of the cable. It is composed of four pairs of 22-gauge copper wire. The conductors within the cable are twisted around each other to eliminate crosstalk. It uses two concentric metallic conductors. The ends of the cable must be terminated. It uses RJ45 connectors

It has a conductor made from copper in the center of the cable. It uses two concentric metallic conductors. The ends of the cable must be terminated. Explanation Coaxial cable is composed of a central copper conductor surrounded by an insulator which is then surrounded by a second metallic mesh conductor. The name coaxial is derived from the fact that both of these conductors share a common axis. When using coaxial cable, both ends of the cable must be terminated.

You have installed anti-malware software that checks for viruses in email attachments. Yu configure the software to quarantine any files with problems. You receive an email w/ an important attachment, but the attachment is not there. Instead, you see a message that the file has been quarantined by the anti-malware software. hat has happened to the file?

It has been moved to a folder on our computer.

Which of the following is not a primary characteristic of a worm?

It infects the MBR of a hard drive A worm does not infect an MBR like a virus, a worm does not require a host file or drive element. A worm is a self-contained, executable software package. It is able to self-replicate and actively seeks to spread itself to other networked systems.

Which of the following is true about the MAC address? (Select two.) It is typically represented by octets of decimal numbers between 0255. It is a 32-bit address. It is a 64-bit address. It is a 48-bit address. It is typically represented by hexadecimal numbers.

It is a 48-bit address. It is typically represented by hexadecimal numbers. Explanation The MAC address identifies the physical address of the network adapter. The MAC address is a 12-digit (48-bit) hexadecimal number (each number ranges from 09 or AF). The address is often written as 00B0D006BCAC or 00B0.D006.BCAC, although dashes, periods, and colons can be used to divide the MAC address parts. An IPv4 address is 32bits and uses octets of decimal numbers between 0255. An IPv6 address is a 64-bit address that uses 32 hexadecimal numbers.

Your company uses VoIP for phone calls. Recently, employees have been complaining about phone calls with unusual sound effects. Which type of problem is occurring on the VoIP system?

Jitter

Which of the following is the most important thing to do to prevent console access to a network switch?

Keep the switch in a room that uses a cipher lock.

Which of the following is the most important thing to do to prevent console access to a network switch?

Keep the switch in a room that uses a cipher lock.

When using 110 blocks for connecting Cat5 and higher data cables, which recommendation should you follow? Keep wire pairs twisted up to within one-half of an inch of the connector. Use C5 connectors. Connect wires using the T568B standard. Connect wires using the T568A standard.

Keep wire pairs twisted up to within one-half of an inch of the connector. Explanation When using for Cat5 (or higher) wiring, be sure to preserve the twists in each wire pair to within one-half of an inch of the connecting block. Use C4 connectors to connect four pairs of wires. When connecting data wires on a 110 block, you typically connect wires in the following order: • White wire with a blue stripe, followed by the solid blue wire. • White wire with an orange stripe, followed by the solid orange wire. • White wire with a green stripe, followed by the solid green wire. • White wire with a brown stripe, followed by the solid brown wire. T568A and T568B are used to connect wires within an RJ45 connector when making drop cables.

Which of the following authentication methods uses tickets to provide single sign-on?

Kerberos

Which of the following protocols can your portable computer use to connect to your company's network via a virtual tunnel through the internet? select two

L2TP PPTP

What is the connection order used by two TCP/IP routers to open a session with PPP including authentications?

LCP, authentications, NCP

At which OSI model layer does a media converter operate? Layer 1 Layer 2 Layer 3 Layer 4

Layer 1 Explanation A media converter operates at the OSI model layer 1 (Physical layer). The media converter translates frames into bits and transmits them on the transmission medium. At layer 2, the MAC address is added to make the data into a frame. At layer 3, the IP address is added to the packet. A media converter does not alter or use the MAC address or the IP address.

The chain of custody is used for what purposes?

Listing people coming into contact with evidence

Which of the following attacks, if successful, causes a switch to function like a hub?

MAC flooding MAC flooding overloads the switch's MAC forwarding table to make the switch function like a hub. The attacker floods the switch with packets, each containing different source MAC addresses. The flood of packets fills up the forwarding table and consumes so much of the memory in the switch that it causes the switch to enter a state called failopen mode, in which all incoming packets are broadcast out all ports (as with a hub), instead of just to the correct ports as per normal operation.

Which of the following terms identifies the wiring closet in the basement or a ground floor that typically includes the demarcation point? Smart jack IDF 110 block Horizontal cross connect MDF

MDF Explanation The main distribution frame (MDF) is the main wiring point for a building. The MDF is typically located on the bottom floor or basement. The LEC typically installs the demarc to the MDF. An intermediate distribution frame (IDF) is a smaller wiring distribution point within a building. IDFs are typically located on each floor directly above the MDF, although additional IDFs can be added on each floor as necessary. A horizontal cross connect connects wiring closets on the same floor. A smart jack is a special loopback plug installed at the demarcation point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc. Use 66 and 110 blocks to connect individual wires within a wiring closet.

Which protocol doies VoIP use to interface with the PSTN?

MGCP

Which of the following technologies uses variable-length packets and adds labels to packets as they enter the WAN cloud, with the labels being used to switch packets and prioritize traffic?

MPLS

Which of the following authentication protocols uses a three-way handshake to authenticate users to the network? (Choose two.)

MS-CHAP CHAP

Which of the following connectors are used with fiber optic cables and include both cables in a single connector? (Select two.) SC BNC ST MTRJ LC

MTRJ LC Explanation Both the LC and MTRJ connectors have both fiber optic cables in a single connector. ST and SC connectors hold a single strand of fiber optic cable. A cable using either connector has two connectors on each end. A BNC connector is used with coaxial cable.

What are the most common means of virus distribution? (2)

Malicious web sites // email

A user reports that her machine is behaving erratically. She suspects something is wrong because lately a firewall alert keeps indicating programs are trying to access the Internet, and several files have disappeared or have been renamed. What do you suspect is causing these problems?

Malware infection

Match each wireless device on the left with is corresponding characteristics on the right.

Manages all of the Apps that are connected to it/ Wireless controller Suppors 30 to 50 wireless clients per access point/ Wireless controller Profides NAT routing and an ethernet switch in one device/ SOHO wireless router Supports a maximum of 5-10 wireless clients/ SOHO wireless router Pushes wireless configurations settings to connected access points/ Wireless controller

You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks. The next hop router for the default has changed. You need to make the change with the least amount of effort possible. What should you do?

Manually reconfigure the default route to point to the new next hop router.

You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks. The next hop router for the default route has changed. You need to make the change with the least amount of effort possible. What should you do? Manually reconfigure the default route to point to the new next hop router. Stop and restart the RIP protocol on the router. Force RIP to perform an immediate update. Wait for network convergence to take place.

Manually reconfigure the default route to point to the new next hop router. Explanation With a static route, when changes to the network occur, routing table entries must be modified, added, or removed manually. In this example, the default route was configured manually, so must be manually updated. When using a routing protocol, routing changes are made automatically by routers sharing routing information. To make a change for a dynamic route, simply wait for convergence to occur (the term convergence describes the condition when all routers have the same routing information).

Which business document is a contract that defines a set of terms that will govern future agreements between two parties?

Master Service Agreement

Which of the following tests can be performed by a TDR

Measure the length of a cable. Identify the location of a fault on a cable.

Which of the following tests can be performed by a TDR?

Measure the length of a cable. Identify the location of a fault on a cable.

You have a server that has a 100BaseFX network interface card that you need to connect to a switch. The switch only has 100BaseTX switch ports. Which device should you use? Gateway Bridge Media converter Hub Repeater

Media converter Explanation Use a media converter to convert from one media type to another media type within the same architecture. Use a bridge to connect two devices that use different network architectures, for example to connect a wired network to wireless clients. A hub or a repeater connect devices using the same media type.

You have a network that uses a logical ring topology. How do messages travel through the network? Messages are sent directly to the destination device only. Messages are sent to a central device which then forwards the message to the destination device. Messages travel from one device to the next until they reached the destination device. Messages are sent to all devices connected to the network.

Messages travel from one device to the next until they reached the destination device. Explanation In a logical ring topology, messages travel to each device in turn. If the message is not intended for that device, the message is forwarded to the next device on the network.

Which of the following geographic network types are typically managed by a city as a public utility?

Metropolitan Area Network (MAN)

You are configuring the local security policy of a Windows system. You want to prevent users from reusing old passwords. You want to force them to use a new password 5 days before changing it again. which policies should you configure? (2)

Minimum password age// Enforce password History

You are configuring the local security policy of a Windows system. You want to require users to create passwords that are at least 10 characters long. You also want to prevent logon after three unsuccessful logon attempts. Which (2) policies should you configure?

Minimum password length // Account lockout threshold

You have a special server at work with a custom application installed. Connections to the server that use custom application must use IPv6. The server is currently running IPv4. You are the only person who connects to the server, and you always use your laptop for the connection. Your laptop supports both IPv4 and IPv6. The rest of your company network runs only IPv4. You need a cost effective solution to allow your laptop to connect to the server. Your solution must also support communication through NAT servers. Which method should you use?

Miredo

You connect a packet sniffer to a switch to monitor frames on your local area network. However, the packet sniffer is only able to see broadcast frames and frames addressed specifically to the host device. Which feature should you enable on the switch so you can see frames from all devices connected to the switch?

Mirroring.

You decide to use a packet sniffer to identify the type of traffic sent to the router. You run the packet sniffing software on a device which is connected to a hub with three other computers. The hub is connected to the same switch that is connected to the router. When you run the software, you only see frames addressed to the four workstations but not to the router. Which feature should you configure?

Mirroring.

Which of the following activities are considered passive in regards to the functioning of anintrusion detection system? (Select two.)

Monitoring the audit trails on a server Listening to network traffic

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with a user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?

Move the router to a secure server room

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration from your notebook computer using an SSH client with the user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?

Move the router to a secure server room

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with a user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?

Move the router to a secure server room.

Which of the following functions are performed at the Physical layer of the OSI model? Data translation Movement of data across network cables Conversation identification Enablement of network services Provision of an environment in which to run network applications

Movement of data across network cables Explanation The Physical layer is concerned with how to transmit data and how to connect network hosts.

Match the wireless networking term or concept on the left with its appropriate description on the right.

Moving an wireless device/Roaming Used by Cisco wireless equipment/ LWAPP Specifies the number of clients/ Device density Automatically partitions a single/ VLAN pooling Graphically displays wireless/ Heat map Connects tow wired networks/ Wireless bridge Identifies how strong/ The number of useful bits/ Goodput

A video conference call consisting of multiple participants uses

Multicast

Which of the following address types is shared by multiple hosts, and is used to form groups of computers that should receive the same data stream?

Multicast

Which type of address is the IP address is the IP address 232.111.255.250?

Multicast

Which of the following address types is shared by multiple hosts, and is used to form groups of computers that should receive the same data stream? Simplex Half-duplex Multicast Unicast Broadcast

Multicast Explanation A multicast address is an address that identifies a group of computers. Members of the group share the same multicast address. A unicast address is an address that identifies a single host. A broadcast address is an address that is sent to all hosts. Broadcast traffic is typically only forwarded within (but not between) a subnet. Simplex communication uses a single channel for both sending and receiving. Half-duplex uses a separate channel for sending and receiving, but the channels are shared by multiple devices and can only be used by a single device at a time.

Which type of address is the IP address 232.111.255.250? Multicast Unicast Private Broadcast

Multicast Explanation The address 232.111.255.250 is a multicast address. A multicast address is an address that identifies a group of computers. Members of the group share the same multicast address. Multicast addresses are in the range of 224.0.0.0 to 239.255.255.255. A unicast address is an address that identifies a single host. A broadcast address is an address that is sent to all hosts. Broadcast addresses are the last possible address on a subnet (typically ending in 255). The private IPv4 address ranges are: • 10.0.0.1 to 10.255.255.254 • 172.16.0.1 to 172.31.255.254 • 192.168.0.1 to 192.168.255.254

PPP supports authentications, compressions, and multiple network-layer protocols. Which of the following correctly sequences these functions when a PP link is established?

Negotiate compression settings, perform authentications, negotiate network layer protocols.

Which type of switch optimizes network performance by using ASIC to perform switching at wire speed?

Multilayer switch

You want to measure the voltage, amps, and ohms of various devices. Which tool should you use?

Multimeter.

Which of the following best describes one-factor authentication?

Multiple authentication credentials may be required, but they are all of the same type One-factor authentication uses credentials of only one type, but may require multiple methods within the same type. For example, you might log on with just a password, or with a password along with answering a cognitive question (such as your mother's maiden name). One-factor authentication that uses multiple credentials of the same type is also sometimes called strong authentication.

What key advantage does a virtual router have over a physical router?

Multiple networks can be connected to a single interface.

Which of the following is a feature of MS-CHAP v2 that is not included in CHAP?

Mutual authentication

Which of the following features of MS-CHAP v2 that is not included in CHAP?

Mutual authentications

Members off the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use?

NAC

Members of the Sales team use laptops to connect to the company network. While traveling, they connect their laptops to the Internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use?

NAC Network Access Control (NAC) controls access to the network by not allowing computers to access network resources unless they meet certain predefined security requirements

The outside sales reps from your company use notebook computers, tablets, and phones to connect to the internal company network. While traveling, they connect their devices to the Internet using airport and hotel networks. You are concerned that these devices will pick up viruses that could spread to your private network. You would like to implement a solution that prevents devices from connecting to your network unless antivirus software and the latest operating system patches have been installed. When a host tries to connect to the network, the host should be scanned to verify its health. If the host is not healthy, then it should be placed on a quarantine network where it can be remediated. Once healthy, the host can then connect to the production network. Which solution should you use?

NAC Network Access Control (NAC) prevents devices from accessing network resources unless they meet certain predefined security requirements.

You manage a network with three dedicated storage devices, as shown in the diagram. Users on the network see only a single file server. Which network-based storage technology is being used?

NAS with Clustering.

Which of the following network devices or services prevents the use of IPsec in most cases?

NAT

Which of the following networking devices or services prevents the use of IPsec in most cases?

NAT IPsec cannot typically be used when static IP addresses are not used by both communication partners. NAT proxy performs network address translation on all communications. For this reason, the IP address seen for a system outside of the proxied network is not the real IP address of that system. This prevents the use of IPsec.

Which of the following protocols is used by PPP to enable support for multiple network-layer protocols?

NCP

Which of the following best describes the condition where a signal sent on one wire is received on another wire within the same connector?

NEXT.

You have a large TCP/IP network and want to keep hosts' real time clock synchronized. What protocol should you use? SMTP NNTP SAP NTP SNMP

NTP Explanation The network time protocol (NTP) lets you keep clocks synchronized.

You have a large TCP\IP network and want to keep hosts' real time clock synchronized. What protocol should you use?

NTP (Network Time Protocol)

You administer a NetBIOS-based network that uses the TCP/IP protocol.You are trying to troubleshoot a computer that is unable t ocontact a server by its Net BIOS name.Which command can you use to check the connection?

Nbstat

Which TCP/IP utility gives you the following output? Local Area Connection: Node IpAddress:

Nbstat -c

Which TCP/IP utililty gives you the following output? local area connection: nodebios ipaddress: [192.168.1.111] scope id: []

Nbstat-c

What is the LEAST secure place to locate an access point with an omni-directional antenna when creating a wireless cell?

Near a window

What is the least secure place to locate the access point when creating a wireless network?

Near a window

If an organization shows sufficient due care, which burden is eliminated in the event of a security breach?

Negligence

You are in the process of implementing a Network Access Protection (NAP) infrastructure to increase your networks security. You are currently configuring the remediation network that non-compliant clients will connect to in order to become compliant. the remediation network needs to be isolated from the secure network. Which should you implement to do this?

Network segmentation

You have a network connected using a physical bus topology. One of the cables connecting a workstation to the bus breaks. Which of the following best describes what happens to network communications?

No device will be able to communicate

You are installing networking wiring for a new Ethernet network at your company's main office building. The project specifications call for Category 5 UTP network cabling and RJ-45 wall jacks. Near the end of the project, you run out of wire before the last few runs are complete. You have a spool of Category 3 network cable in storage. Upon investigation, it appears very similar to Category 5 wiring. Should you substitute Category 3 cabling for Category 5 cabling to finish the project?

No, Category 5 cabling has more twists per inch than Category 3 cabling to reduce cross-talk and support higher data rates

You are installing networking wiring for a new Ethernet network at your company's main office building. The project specifications call for Category 5 UTP network cabling and RJ45 wall jacks. Near the end of the project, you run out of wire before the last few runs are complete. You have a spool of Category 3 network cable in storage. Upon investigation, it appears very similar to Category 5 wiring. Should you substitute Category 3 cabling for Category 5 cabling to finish the project? No, the sheath surrounding Category 5 cable is much thicker; creating an extra layer of shielding to reduce crosstalk and support higher data rates. Yes, you can substitute Category 5 wiring with Category 3 wiring, as they are electrically identical. No, Category 5 cabling has more twists per inch than Category 3 cabling to reduce crosstalk and support higher data rates. No, Category 3 cabling doesn't support RJ45 connectors. No, Category 5 cabling uses a thicker copper wire than Category 3 cable; enabling higher data transmission rates.

No, Category 5 cabling has more twists per inch than Category 3 cabling to reduce crosstalk and support higher data rates. Explanation While Category 3 and Category 5 cabling may appear similar physically, they are electrically different. Category 5 cabling is twisted much tighter than Category 3 cabling. This reduces

You are configuring a switch so that you can manage it via PuTTY from the same network segment as the switch. On the switch, you enter the following commands. Switch# config terminal switch(config)#interface Evian 1 switch(config-if)#ip- address 192.168.1.10 225.225.225.0 will this configuration work?

No, the no shutdown command needs to be entered

You are responsible for disposing of several old workstations formerly used by accountants in your organization's Finance department. Before being shipped to a computer recycler, you decide to make sure any old data on the hard drives is erased. To do this, you use the Windows XP Installation CD that came with these systems to delete all partitions from the hard drives. Have you properly prepared these systems for disposal?

No, you should use disk wiping software to fully erase the drives.

Which of the following routing protocols divides the network into areas, with all networks required to have an area 0 (area 0 identifying the backbone area)?

OSPF

Which of the following routing protocols uses relative link cost as a metric?

OSPF

Which of the following routing protocols divides the network into areas, with all networks required to have an area 0 (area 0 identifying the backbone area)? RIP EIGRP ISIS OSPF

OSPF Explanation OSPF divides a large network into areas. Each autonomous system requires an area 0 that identifies the network backbone. All areas are connected to area 0, either directly or indirectly through another area. Routes between areas must pass through area 0. ISIS uses areas but does not have an area 0 requirement. Neither RIP nor EIGRP use areas.

Which of the following routing protocols are classified as link state routing protocols? select two

OSPF IS-IS

Which of the following routing protocols are classified as link state routing protocols? (Select two.) EIGRP OSPF RIP ISIS RIPv2

OSPF & IS-IS Explanation Both OSPF and ISIS are link state protocols. Using the link state method, routers share only their directly connected routes using special packets called link-state advertisements (LSAs) and link-state packets (LSPs). These route advertisements are flooded (forwarded) throughout the network. Routers use this information to build a topology database of the network. RIP and RIPv2 are classified as distance vector protocols. Using the distance vector method, routers share their entire routing table with their immediate neighbors. Routes learned from neighboring routers are added to the routing table, then shared with that router's neighbors. EIGRP is a balanced hybrid protocol. A hybrid method combines characteristics of both the distance vector and link state methods. It shares its full routing table at startup, followed by partial updates when changes occur.

Which of the following best describes OSPF? OSPF is a classful link-state routing protocol. OSPF is a classless distance vector routing protocol. OSPF is a classless link-state routing protocol. OSPF is a classful distance vector routing protocol.

OSPF is a classless link-state routing protocol. Explanation OSPF is a classless link-state routing protocol. RIP version 1 and IGRP are both classful distance vector routing protocols. EIGRP is a hybrid protocol that supports classless addressing.

What are the main differences between the OSPF and IS-IS routing protocols?

OSPF requires an area 0, while IS-IS does not.

What are the main differences between the OSPF and ISIS routing protocols? OSPF is a link state protocol, while ISIS is not. OSPF is a classful protocol, while ISIS is a classless protocol. OSPF requires an area 0, while ISIS does not. OSPF is an IGP routing protocol, while ISIS is a BGP routing protocol.

OSPF requires an area 0, while ISIS does not. Explanation Like OSPF, ISIS uses areas when designing the network. However, ISIS does not require an area 0 like OSPF does. Because ISIS was originally designed for non-IP protocols, it can more easily support IPv6 routing. Both OSPF and ISIS have the following characteristics: • Both are link state protocols. • Both are classless protocols, supporting CIDR and VLSM. • Both are Interior Gateway Protocols (IGPs) that are used within an AS.

Which of the following identifies standards and XML formats for reporting and analyzing system vulnerabilities?

OVAL

You work for a large, multinational organization that has an extensive global network that is interconnected using WAN links and routers.

One of the intermediate routers is an MTU black hole.

You have a web server that will be used for secure transactions for customers who access the website over the internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?

Obtain a certificate from a public PKI

You have a web server that will be used for secure transactions for customers who access the website over the Internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?

Obtain a certificate from a public PKI.

You are setting up a wireless hotspot in a local coffee shop. For best results, you want todisperse the radio signals evenly throughout the coffee shop.Which of the following types of antennas would you use on the AP to provide a 360degree dispersed wave pattern?

Omni-Directional

Two routers with the hose name SLC and PROVO have been configured to connect using PP with CHAP authentication through their BRI0 interfaces. what should you do to correct the problem>

On SLC, change the username password to chocolate

You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?

On a RADIUS server 802.1x authentication uses usernames and passwords, certificates, or devices such as smart cards to authenticate wireless clients. Authentication requests received by the wireless access point are passed to a RADIUS server which validates the logon credentials (such as the username and password).

What is the primary difference between impersonation and masquerading?

One is more active, the other is more passive

Which of the following is NOT an example of a physical barrier access control mechanism?

One time passwords

Match the firewall type on the left with its associated characteristics on the right. Each firewall type may be used once, more than once, or not at all.

Operates at Layer 2 >> Virtual firewall Operates at Layer 3 >> Routed firewall Counts as a hop in the path between hosts >> Routed firewall Does not count as a hop in the path between hosts >> Virtual firewall Each interface connects to a different network >> Routed firewall Each interface connects to the same network segment >> Virtual firewall

You have discovered a computer that is connected to your network that was used for an attack. You have disconnected the computer from the network to isolate it from the network and stop the attack. What should you do next?

Perform a memory dump

You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose?

PTZ A Pan Tilt Zoom (PTZ) camera lets you dynamically move the camera and zoom in on specific areas to monitor (cameras without PTZ capabilities are manually set looking a specific direction). Automatic PTZ mode automatically moves the camera between several preset locations; manual PTZ lets an operator remotely control the position of the camera.

Which of the following best describes the Platform as a Service (PaaS) cloud computing service model?

PaaS delivers everything a developer needs to build an application onto the cloud infrastructure

Match the firewall type on the right with the OSI layers at which it operates. Note: Each OSI Layer can be used once, more than once, or not at all.

Packet Filtering Firewall OSI Layer 3 Circuit-level Proxy OSI Layer 5 Application-level Gateway OSI Layer 7 Routed Firewall OSI Layer 3 Transparent Firewall OSI Layer 2

Match the firewall type on the right

Packet Filtering Firewall- 3 Circuit Level Proxy - 5 Application Level Gateway - 7 Routed Firewall - 3 Transparent Firewall - 2

Which of the following is a firewall function?

Packet filtering

You are concerned about attacks directed against your firewall on your network. You would like to examine the content of individual frames sent to the network. Which tool should you use?

Packet sniffer.

You want to know what protocols are being used on your network. You'd like to monitor network traffic and sort traffic based on protocol. Which tool should you use?

Packet sniffer.

Which type of network divides data to be transmitted into small units and routes these units from the originating system to the destination system, allowing multiple, concurrent communications on the network medium?

Packet-switched

Which type of network divides data to be transmitted into small units and then routes these units from the originating system to the destination system, allowing multiple, concurrent communications on the network medium?

Packet-switched

A Smurf attack requires all but which of the following elements to be implemented?

Padded cell A padded cell is a type of intrusion enticement mechanism similar to a honey pot. A padded cell is a simulated network environment that is created when an intruder is detected. The intruder is transferred into the padded cell where all of its activities are monitored and logged while isolating the intruder from all sensitive information or controls.

A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts. Which process did the administrator use in the penetration test in this scenario?

Passive fingerprinting

A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts. Which process did the administrator use in the penetration test in this scenario?

Passive fingerprinting Passive fingerprinting is a form of system enumeration that is designed to gain as much information about network computers as possible. It passively listens to network traffic generated by network hosts and attempts to identify which operating systems are in use based upon the ICMP message quoting characteristics they use. Portions of original ICMP requests are repeated (or quoted) within each response. Each operating system quotes this information back in a slightly different manner.

Which of the following is the most common form of authentication?

Password Most secure systems require only a username and password to provide users with access to the computing environment. Many forms of online intrusion attacks focus on stealing passwords. This makes using strong passwords very important. Without a strong password policy and properly trained users, the reliability of your security system is greatly diminished.

Which of the following is used to terminate individual wires from a 25 pair or 100 pair cable using female RJ45 ports? 66 block 110 block Patch panel Horizontal cross connect

Patch panel Explanation A patch panel is a device that typically connects individual stranded wires into female RJ45 connectors. For example, you might connect 4 pairs of wires from a punchdown block to a port on the patch panel. On the patch panel, you then connect drop cables (cables with RJ45 connectors) to the patch panel on one end and a computer on the other end. Use 66 and 110 blocks to connect individual wires within a wiring closet. These punchdown blocks connect the individual wires together, but do not terminate in RJ45 connectors. A horizontal cross connect connects IDFs on the same floor.

You have implemented a network where each device provides shared files with all other devices on the network. What type of network do you have? Multiple access Peer-to-peer Polling Client/server

Peer-to-peer Explanation In a peer-to-peer network, each host can provide network resources to other hosts or access resources located on other hosts, and each host is in charge of controlling access to those resources. In a client/server network, hosts have specific roles. For example, some hosts are assigned server roles which allows them to provide network resources to other hosts. Other hosts are assigned client roles which allows them to consume network resources. Polling is a media access method where a single device grants permission to other devices to access the network. Multiple access describes a media access method where each device determines when the medium is free.

What type of network describes a workgroup?

Peer-to-peer network

Which of the following uses hacking techniques to proactively discover internal vulnerabilities?

Penetration testing

You have discovered a computer that is connected to you r network that was used for an attack. You have disconnected the computer from the network to isolate it from the network and stop the attack. Which should you do next?

Perform a memory dump

You have discovered a computer that is connected to your network that was used for an attack. You have disconnected the computer from the network to isolate it from the network and stop the attack. Which should you do next?

Perform a memory dump

An attacker uses an exploit to push a modified hosts file to client systems. This hosts fileredirects traffic from legitimate tax preparation sites to malicious sites to gather personal andredirects traffic from legitimate tax preparation sites to malicious sites to gather personal andfinancial information.financial information. What kind of exploit has been used in this scenario?

Pharming DNS poisining

An attacker is trying to compromise a wireless network that has been secured using WPA2-PSK and AES. She first tried using airsnort to capture packets, but found that she couldn't break the encryption. What attack techniques did the attack us? select two

Pharming Evil twin

An attacker is trying to compromise a wireless network that has been secured using WPA2-PSK and AES. She first tried using AirSnort to capture packets, but found that she couldn't break the encryption. As an alternative, she used software to configure her laptop to function as an access point. She configured the fake access point with the same SSID as the wireless network she is trying to break into. When wireless clients connect to her access point, she presents them with a web page asking them to enter the WPA2 passphrase. When they do, she then uses it to connect a wireless client to the real access point. What attack techniques did the attacker use in this scenario? (Select two.)

Pharming Evil twin • Evil twin: In this exploit, an attacker near a valid wireless access point installs an access point with the same (or similar) SSID. • Pharming: In this exploit, the access point is configured to display a bogus web page that prompts for credentials, allowing the attacker to steal those credentials.

Several users have forwarded you an email stating that your company's health insurance provider has just launched a new web site for all employees to access the site they are told in the email to click a link and provide their personal information. Upon investigation, you discover that your company;s health insurance provider did not send this e-mail. What kind of attack just occurred?

Phishing

Match the social engineering description on the left with the appropriate attack type on the right.

Phishing -An attacker sends an email pretending to be from a trusted organization, asking users to access a website to verify personal information. Whaling -An attacker gathers personal information about the target individual, who is a CEO. Spear phishing -An attacker gathers personal information about the target individual in an organization. Dumpster diving -An attacker searches through an organization's trash for sensitive information. Piggybacking -An attacker enters a secured building by following an authorized employee through a secure door without providing identification. Vishing -An attacker uses a telephone to convince target individuals to reveal their credit card

Match the social engineering description on the left with the appropriate attack type on the right.

Phishing An attacker sends an email pretending to be from a trusted organization, asking users to access a website to verify personal information. Whaling An attacker gathers personal information about the target individual, who is a CEO. Spear phishing An attacker gathers personal information about the target individual in an organization. Dumpster diving An attacker searches through an organization's trash for sensitive information. Piggybacking An attacker enters a secured building by following an authorized employee through a secure door without providing identification. Vishing An attacker uses a telephone to convince target individuals to reveal their credit card information.

What topology is used with 100BaseTX Fast Ethernet networks? (Select two.) Physical star/logical bus Physical star/logical ring Physical star/logical star Physical ring/logical star

Physical star/logical bus Physical star/logical star Explanation 100BaseTX Fast Ethernet networks use a physical star/logical bus topology when a hub is used or a physical star/logical star when a switch is used.

Match the authentication factor types on the left with the appropriate authentication factor on the right.

Pin Something you know Smartcard something you have Password Something you know Retina scan Something you are Fingerprint scan Something you are Hardware token Something you have User name Something you know Voice récognition Something you are WI-FI triangulation Somewhere you are Typing behaviors Something you do

Which pins in an RJ45 connector are used to transmit data when used on a 100BaseT Ethernet network? (Choose two.) Pin 1 Pin 2 Pin 3 Pin 4 Pin 5 Pin 6 Pin 7 Pin 8

Pin 1 & Pin 2 Explanation On a 100BaseT network cable, the RJ45 pinouts are as follows: • Pin 1: Tx+ • Pin 2: Tx- •Pin 3: Rx+ • Pin 4: Unused • Pin 5: Unused • Pin 6: Rx- •Pin 7: Unused • Pin 8: Unused

You work in an office that uses NetWare servers and Wind. nt 4 servers. The network uses both the TCp/Ip and IPX/SPX protocols. You are sitting at a workstation that uses Windows 95 OSR2. an application you are using is unable to contact a Windows NT server named FileSrvr2. What command can you use to determine whether your computer can still contact the server?

Ping

You work in an office that uses NetWare servers and Windows NT 4.0 servers.The network uses both the TCP/IP and IPX/SPX protocols. You are sitting at a workstation that uses Windows 95 OSR2.An application you are using is unable to contact Windows NT server named FileSrv2. Which command can you use to determine whether your computer can still contact the server?

Ping

Which of the following Denial of Service (DoS) attacks uses ICMP packets and will only be successful if the victim has less bandwidth than the attacker?

Ping Flood

Which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building?

Place access points above where most clients are

which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building>

Place access points above where most clients are

Which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building?

Place accès points above where most clients are

You are installing networking cable in the air space between the ceiling and the roof of a building. Which type of cabling should you use?

Plenum

You are adding new wires in your building for some new offices. The building has a false ceiling that holds the lights. You would like to run your Ethernet cables in this area. Which type of cable must you use? Plenum PVC Fiber optic Cat 5e or Cat 6e STP

Plenum Explanation Plenum cable is fire resistant and nontoxic; it must be used when wiring above ceiling tiles. PVC cable cannot be used to wire above ceilings because it is toxic when burned. Cat 5e cables provide better EMI protection than Cat 5 cables, and Cat 6e cables are an improvement over Cat 6 specifications, but neither are a requirement for using in a ceiling area. If the area has a lot of EMI, you might consider using STP or fiber optic cables, but this would not be a requirement just because wires were in a ceiling area. Typically, you can avoid EMI sources by rerouting cables.

Which of the following features is used with digital IP phones to supply power through a switch port? VPN Spanning tree PoE 802.1x Trunking

PoE Explanation Power over Ethernet (PoE) supplies power to end devices through the RJ45 Ethernet switch port. Power to the phone is carried on unused wires within the drop cables. Spanning tree is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet. The spanning tree protocol runs on each switch and is used to select a single path between any two switches. Trunking allows a switch to forward VLAN traffic between switches. 802.1x is an authentication protocol used with port security (or port authentication).

You have site in your network that is connected to multiple other sites. A single virtual circuit is used to connect all other sites. What type of connection is being used?

Point-to-multipoint

You have a series of WAN links that connects to your site to multiple other sites. Each remote site is connected to your site using a dedicated line. What type of connection is being used?

Point-to-point

You have a series of WAN links that connects your site to multiple other sites. Each remote site is connected to your site using a dedicated link What type of connection is being used?

Point-to-point

Listed below are several DNS record types. Match the record the on the left with its function on the right.

Points a hostname to an IPv4 A Provides alternate names to hosts that already have a host record. CNAME Points an IP address to a hostname PTR Points a hostname to an IPv6 address AAAA identifies servers that can be used to deliver mail. MX

A new law was recently passes that states that all businesses must keep a history of... Which document type would you update first in response to this new law?

Policy

A new law was recently passed that states that all businesses must keep a history of all e-mails sent between members of the board of directors. You need to ensure that your organization complies with the law. Which document type would you update first in response to this new law?

Policy.

You have just installed a packet-filtering firewall

Port number/source address of a packet/destination address of a packet

You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use?

Port scanner

Which type of security uses MAC addresses to identify devices that are allowed or denied a connection to a switch?

Port security

Which statements accurately describes port states of both bridges and switches?

Ports in a blocked state still receive BPDUs In the learning state the MAC address table can be populated, but frames not forwarded.

You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into the server components and affecting the availability of the network. Which of the following should you implement?

Positive pressure system

A network utilizes a network access control (NAC) solutions to protect against malware. When a wired or wireless... What is the process called?

Posture assessment

Which of the following are advantages of using the Spanning Tree Protocol (STP) in network segmented bridges?

Prevents message loops from forming Identifies the optimal path between network devices. Lets you provide redundancy by using more then one connection between devices, making your network more reliable.

A network utilizes a Network Access Control (NAC) solution to protect against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called?

Posture assessment When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. This is called a posture assessment. The agent then submits the results of the assessment as a Statement of Health (SoH) to the System Health Validator (SHV).

Your company recently installed a unified communication system. Employees are now able to inform each other of their availability.

Presence information

You want to connect your client computer to a wireless access point connected to your wired network at work. The network administrator tells you that the access point is configured to use WPA2 Personal with the strongest encryption method possible. SSID broadcast is turned off. Which of the following must you configure manually on the client? (Select three.)

Preshared key AES SSID WPA2 Personal uses a shared key for authentication. Once authenticated, dynamic keys are generated to be used for encryption. WPA2 supports AES and TKIP encryption, with AES being the stronger encryption method. With the SSID broadcast turned off, you will need to manually configure the SSID on the client.

You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the Internet. From your work office, you try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the Internet. Why can't you access the server? Private addresses are not accessible through the Internet. The server has been assigned a multicast address. The server must have an entry on a DNS server that exists on the Internet. The server isn't using the default subnet mask.

Private addresses are not accessible through the Internet. Explanation The server has been assigned a private IP address. Private addresses are not accessible from the Internet. Instead, a NAT router translates the private address into a public address, and the public address is used to gain access to the private host.

CorpServ is a small company with 14 client systems and a network printer. Because there are only a limited number of networked systems, you decide to use APIPA addressing for the network. With APIPA configured, all systems are able to communicate with each other but you are having trouble configuring Internet access. What is the likely cause of the problem?

Private addresses cannot directly communicate to hosts outside the local subnet.

A relatively new employee in the data entry cubical farm was assigned a user account similar to that of all of the other data entry employees. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred?

Privilege escalation

A relatively new employee in the data entry cubical farm was assigned a user account similar tothat of all of the other data entry employees. However, audit logs have shown that this useraccount has been used to change ACLs on several confidential files and has accessed data inaccount has been used to change This situation indicates which of the following has occurred?

Privilege escalation

You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffer software on a device which is connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation and not other devices. Which feature should you configure?

Promiscuous mode.

You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which too should you use?

Protocol analyzer

Public cloud

Provides cloud services to just about anyone

You need to connect the end of a Cat UTP cable to a 100 punch down block. Which tool should you use?

Punchdown tool

What tool should you use to extend network services beyond the demarc? Media certifier Tone generator Crimper Punchdown tool

Punchdown tool Explanation A demarc is the location where the local network ends and the telephone company's network begins. This location is usually at a punch down block in a wiring closet. You use a punchdown tool to attach wires to the punch down block.

You are working with 25 pair wires and 66 blocks. You have pushed the wires onto the 66 block, but now need to cut off the excess end of each wire. Which tool should you use? Snips Butt set Cable stripper Punchdown tool

Punchdown tool Explanation Use a punchdown tool to push wires into 66 or 110 blocks and cut wires at the same time. The punchdown tool has a blade on one side the cuts off the excess wires. Use snips to cut cables or wires. However, a punchdown tool would be easier to use for this task than wire snips. Use a cable stripper to remove the plastic covering for a cable. Note: When making drop cables or using punchdown blocks, do not remove the plastic covering for individual wires. Use a butt set to connect to phone lines to monitor, make, or answer phone calls.

You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accessible to Internet users. The Web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the servers? (Select two.)

Put the database server on the private network. Put the Web server inside the DMZ.

You want to set up a service to allow multiple users to dial in to the office server from modems on their home computers. What service should you implement?

RAS

The immediate preservation of evidence is paramount when conducting a forensic analysis. Which of the following action is most likely to destroy evidence?

Rebooting the system

The immediate preservation of evidence is paramount when conducting a forensic analysis. Which of the following actions is most likely to destroy critical evidence?

Rebooting the system

What is the primary security feature that can be designed into a network's infrastructure to protect and support availability?

Redundancy

Even if you perform regular backups, what must be done to ensure that you are protected against data loss?

Regularly test restoration procedures

You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around the facility you note the following: When you enter the facility, a receptionist greets you and directs you down the hallway to the office manager's cubicle. The receptionist uses a notebook system that is secured with a cable lock. The office manager infroms you that the organizations servers are kept in a locked closet. Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access the closet. She informs you that the server backups are configured to run each night. A rotation of external usb hard drisks are used a backup media You notice the orgnaization's network switch is kept in an empty cubicle adjacent to the office managers workspace You notice that a router/firewall/content filter all in one device has been implemented in the server closet to protect the internal network from external attacks. Which security related recommendations should you make to this client?

Relocate the switch to the locked server closet Control access to the work area with locking doors and card readers

You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: • When you enter the facility, a receptionist greets you and directs you down the hallway to the office manager's cubicle. The receptionist uses a notebook system that is secured to her desk with a cable lock. • The office manager informs you that the organization's servers are kept in a locked closet. Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access the closet. • She informs you that server backups are configured to run each night. A rotation of external USB hard disks are used as the backup media. • You notice the organization's network switch is kept in an empty cubicle adjacent to the office manager's workspace. • You notice that a router/firewall/content filter all-in-one device has been implemented in the server closet to protect the internal network from external attacks. Which security-related recommendations should you make to this client? (Select two.)

Relocate the switch to the locked server closet. Control access to the work area with locking doors and card readers.

You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: • When you enter the facility, a receptionist greets you and directs you down the hallway to the office manager's cubicle. The receptionist uses a notebook system that is secured to her desk with a cable lock. • The office manager informs you that the organization's servers are kept in a locked closet. Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access the closet. • She informs you that server backups are configured to run each night. A rotation of external USB hard disks are used as the backup media. • You notice the organization's network switch is kept in an empty cubicle adjacent to the office manager's workspace. • You notice that a router/firewall/content filter UTM device has been implemented in the server closet to protect the internal network from external attacks. Which security-related recommendations should you make to this client? (Select two.)

Relocate the switch to the locked server closet. Control access to the work area with locking doors and proximity readers.

Match the definition on the left with the SCADA technology term on the right

Remote Terminal Unit- Connects equipment to the network via a wireless signal and converts digital data from the network into signals that the equipment can process. DCS- A network of components that work together in order to remotely manage industrial equipment. Network Link- Connects the supervisory computer to the RTUs or PLCs. Supervisory Computer-Communicates with and send control commands to connected SCADA devices. Programmable logic Controller- Connects equipment to the network via a physical medium and converts digital data into signals that the equipment can process

SCADA systems are typically implemented using which of the following components?

Remote terminal units (RTUs), and programmable Logic Controllers (PLCs)

A new assistant network Admin was recently hired by your organization to relieve some of your workload. You assigned the assistant network Admin to replace a defective patch cable that connected port 1 on your patch panel to one of your network switches.... What should you do. choose two

Remove the patch cable connecting the first switch to the third switch Enable STP on each switch

You are implementing a wireless network inside a local office. You require a wireless link to connect a laptop in the administrator's office directly to a system in the sales department. In the default configuration, the wireless AP uses a 360dispersed RF wave design. After installed, the signal between the two systems is weak as many obstacles interfere with the signal.

Replace the Omni-directional antenna with a directional antenna

A user from the Sales department calls to report that he is experiencing problems connecting to the Sales file server. All users in the Sales department connect to the Sales server through a single Ethernet switch. No other users have reported problems connecting to the Sales server. Which of the following troubleshooting actions are you most likely to perform first?

Replace the network card in the user's computer

A user from the Sales department calls to report that he is experiencing problems connecting to the Sales file server. All users in the Sales department connect to the Sales server through a single Ethernet switch. No other users have reported problems connecting to the Sales server. Which of the following troubleshooting actions are you most likely to perform first?

Replace the network card in the user's computer.

Which of the following are solutions that address physical security?(Select two)

Require identification and name badges for all employees //Escort visitors at all times

Which of the following are solutions that address physical security?(Select two)

Require identification and name badges for all employees AND escort visitors at all times

Which of the following does NOT accurately describe an iSCSI SAN?

Requires special hardware and knowledge to implement.

Your company has developed and implemented countermeasures for the greatest risks to their assets... What is the remaining risk called?

Residual risk

You recently discovered several key files of your antivirus program have been deleted. You suspect that a virus has deleted the files. Which type of virus deletes key antivirus program files?

Retro

Based on the diagram, which type of proxy is handling the client's request

Reverse

Based on the diagram, which type of proxy server is handling the client's request?

Reverse Proxy Server

In which of the following topologies does each device on the network act as a repeater, sending the signal to the next device?

Ring

In which of the following topologies does each device on the network act as a repeater, sending the signals to the next device?

Ring

Which of the following topologies connects each device to a neighboring device?

Ring

You have heard about a new malware program that presents itself to users as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to various operating system components. The program then tracks system activity and allows an attacker to remotely gain administrator access to the computer. Which of the following terms best describes this software?

Rootkit A rootkit is a set of programs that allows attackers to maintain permanent, administrator-level, hidden access to a computer. Rootkits require administrator access to install, and typically gain this access using a Trojan horse approach--masquerading as a legitimate program to entice users to install the software.

Which two of the following tasks do routers perform?

Route data based on logical network addresses. Maintain information about paths through an internetwork.

Which process reduces the size of the routing table by advertising a single route as a destination for a group of contiguous subnets?

Route summarization

Which of the following hardware devices links multiple networks and directs traffic between networks? Repeater Router Bridge Hub

Router Explanation A router is a device that links multiple networks and directs traffic between networks. Each network linked by routers has its own unique identifier called the "network number" or"network address."

In the OSI Model, what is the primary function of the Network Layer?

Routes messages between networks

In the OSI model, what is the primary function of the Network layer? Transmits data frames Ensures that packets are delivered with no loss or duplication Routes messages between networks Allows applications to establish, use, and end a connection

Routes messages between networks Explanation The Network layer is responsible for routing messages between networks.

You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAn 2 on each switch. A device on the first switch in VLAN 1 needs to be communicate with a device on the same switch is VLAN 2. What should you configure so that the two devices can communicate?

Routing

You have a Windows Server 2012 system that you want to use as a DHCP Relay Agent. Which Windows Server 2012 service would you sue to do this?

Routing and Remote Access

You are troubleshooting access to a server in a remote network. You use the tracert command and see the following: Trace route to 192.168.2.250 over a maximum of 30 hops: 1 2 ms 2 ms 2 ms 192.168.12.11 2 2 ms 2 ms 2ms 192.168.11.1 3 5 ms 5 ms 3 ms 192.168.10.15 4 2 ms 2 ms 2 ms 192.168.9.1 5 5 ms 5 ms 3 ms 192.168.11.1 6 2 ms 2 ms 2 ms 192.168.10.15 7 5 ms 5 ms 3 ms 192.168.9.1 ...additional output omitted What is the problem?

Routing loop.

You have installed anti-malware software on a computer that only you use. You want to protect the computer from files that you download from the Internet. What should you do next to make sure that there arent any existing files on your system that are infected?

Run a full scan

You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do?

Run the packet sniffer application on Host B.

You have run a vulnerability scanning tool and identified several patches that need to be applied to a system. What should you do next after applying the patches

Run the vulnerability assessment again

Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet?

SSH SSH (Secure Shell) allows for secure interactive control of remote systems. SSH uses RSA public key cryptography for both connection and authentication. SSH uses the IDEA algorithm for encryption by default, but is able to use Blowfish and DES.

Which of the following protocols can be used to securely manage a network device from a remote connection?

SSH.

Which of the following is used on a wireless network to identify the network name?

SSID

you have physically added a wireless access point to your network and installed a wireless network card in two laptops running windows. Neither laptop can find the network and you have come to the conclusion that you must manually configure the wireless access points (AP). Which of the following values uniquely identifies the network AP?

SSID

You want to connect your client computer to a wireless access point connected to your wired network air work. The network Admin tells you that the access point is configured to use WPA2 personal with the strongest encryption method possible. SSID broadcast is ruined off. Which of the following must you configure manually on the client. select three

SSID AES Preshared Key

Which protocol does HTTPS use to offer greater security in Web transactions?

SSL HTTPS uses Secure Sockets Layer (SSL) to offer greater security in Web transactions.

You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls?

SSL Ports must be opened in firewalls to allow VPN protocols. For this reason, using SSL for the VPN often works through firewalls when other solutions do not because SSL uses port 443--a port that is often already open to allow HTTPS traffic. In addition, some NAT solutions do not work well with VPN connections.

You can use a variety of methods to manage the configuration of a network router. Match the management option on the right with its corresponding description on the left. (Each option can be used more than once.)

SSL Uses publickey cryptography HTTP Transfers data in clear text SSH Uses publickey cryptography Telnet Transfers data in clear text Console port Cannot be sniffed

You can use a variety of methods to manage the configuration of a network router. Match the management option on the right with its corresponding description on the left. (Each option can be used more than once.)

SSL ==> Uses public-key cryptography HTTP ==> Transfers data in clear text SSH ==> Uses public-key cryptography Telnet ==> Transfers data in clear text Console port ==> Cannot be sniffed

Which protocol does HTTPS use to offer greater security for Web transactions?

SSL.

Which of the following connectors is used with fiber optic cables and connects using a twisting motion?

ST

Which of the following connectors is used with fiber optic cables and connects using a twisting motion? F-type SC BNC LC ST

ST Explanation The ST connector is used with fiber optic cable and uses a twist-type connector. Tip: To remember the difference between ST and SC connectors, associate the T in ST with "twist". SC and LC connectors are used with fiber optic cables but plug in instead of twist. F-type and BNC connectors use a twist to connect, but are used with coaxial cables.

Which of the following cloud computing solutions will deliver software applications to a client either over the Internet or on a local area network?

SaaS

You are configuring a wireless network with two wireless access points. Both access points connect to the same wired network. You watn wireless users to be able to connect to either access point, and to be able to raom between the two access points. How should you configure the access points?

Same SSID, different channel

You are configuring a wireless network with two wireless access points. Both access points connect to the same wired network. You want wireless users to be able to connect to either access point, and to be able to roam between the two access points. How should you configure the access points?

Same SSID, different channel.

You have a computer that runs Windows 7. Where would you go to check if the system can recognize and use any installed anti-virus software?

Security center

You want to use CCTV as a preventative security measure. Which of the following is a requirement for your plan?

Security guards

A user is trying to log into her notebook computer. She enters the correct password for her user account, but the system won't let her authenticate, claiming the wrong password has been entered. What's causing the problem?

She has turned Num Lock on causing numbers to be sent from the keyboard instead of letters.

You're responsible for implementing network cabling in a new network installation. The cabling will be installed in a manufacturing environment where there is a great deal of electromagnetic interface (EMI). Which type of cabling would operate best in this environment?

Shielded twisted pair cable. Fiber-optic cable.

You use Cat5e twisted pair cable on your network. Cables are routed through walls and the ceiling. A user puts a screw in the wall to hang a picture and pierces the cable such that a signal sent on pin 1 arrives on the cable connected to pin 7. What term describes this condition?

Short circuit.

You have a set of DVD-RW discs that have been used to archive files for your latest development project. You need to displse of the discs. What method should you use to best prevent extracting data from the discs?

Shredding

Which of the following forms of optical fiber would usually be used to connect two buildings across campus from each other, which are several kilometers apart? Fibre Channel mode Multimode Single mode Dual mode

Single mode Explanation In this scenario, use single mode fiber optic cables. Fiber optic is graded as single mode or multimode. Single mode consists of a single very thin core which produces fewer reflections. This provides greater effective bandwidth over greater distances. Multimode is less costly than single mode fiber. Multimode transmits multiple light rays concurrently. Multimode is used to transmit over shorter distances as the rays tend to disperse as the transmission distance increases. Fibre channel is a network topology used in storage area networks.

You would like to implement 10 Gbps Ethernet over a distance of at least 10 kilometers. Which of the following would meet the requirement for this implementation? (Select three.) 10GBaseER standards 10GBaseLR standards Multimode fiber Single mode fiber 10GBaseSR standards

Single mode fiber 10GBaseER standards 10GBaseLR standards Explanation For 10 Gbps Ethernet at distances of 10 kilometers or more, use singlemode fiber optic cable. 10GBaseLR (up to 10 km) and 10GBaseER (up to 40 km) both support 10 Gbps single mode fiber. Multimode fiber is cheaper but has a shorter maximum distance than single mode fiber. 10GBaseSR uses multimode fiber at distances up to 300 meters.

What is a hardware device that contains ID info and which can be used to control building access or computer logon?

Smart card

Which of the following are examples of Type 2 authentication credentials? select two

Smart card Photo ID

Which of the following features are common functions of an all-in-one security appliance? (Select two.)

Spam filtering Bandwidth shaping

You are monitoring network traffic on your network, and you see the traffic between two network hosts on port 2427. What is the source of this network traffic?

Someone is using Voice over IP (VoIP) to make a telephone call.

You are monitoring network traffic on your network, and you see traffic between two network hosts on port 2427

Someone is using Voice over IP VOIP

What is modified in the most common form of spoofing on a typical IP packet?

Source address

You have just installed a packet-filtering firewall on your network. Which options will you be able to set on your firewall?

Source address of a packet Destination address of a packet Port Number

You have just installed a packet-filtering firewall on your network. Which options will you be able to set on your firewall? (Select all that apply.)

Source address of a packet Port number Destination address of a packet

You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall? Select all that apply.

Source address of a packet, Destination address of a packet, AND Port Number

An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware. What kind of attack has occurred in this scenario?

Spam

Which of the following could easily result in a mailbox being full so that messages can't be received?

Spam

A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received on the Internet-facing interface. This is an example of what form of attack?

Spoofing Spoofing is the act of changing or falsifying information in order to mislead or re-direct traffic. In this scenario, a packet received on the inbound interface cannot receive a valid packet with a stated source that is from the internal network.

Which of the following topologies connects each network device to a central hub?

Star

You have a small network that uses a hub to connect multiple devices. What physical topology is used? Mesh Ring Star Bus

Star Explanation A hub creates a network with a physical star topology. The physical star topology uses a logical bus topology, where messages are sent to all devices connected to the hub. A mesh topology is a series of point-to-point links between devices. A ring topology uses a central device called an MSAU.

Which of the following topologies connects each network device to a central hub? Star Mesh Bus Ring

Star Explanation Star topologies connect each device on the network to a central hub.

Which of the following physical topologies are used with Ethernet networks?(2 answers)

Star Bus

Which of the following are characteristics of a packet filtering firewall?(Select two)

Stateless AND Filters IP address and port

You manage a network that uses IPv6 addressing. When clients connect devices to the network, they generate an interface ID and use NDP to leanrthe subnet prefix and default gateway. Which IPv6 address assignment method is being used?

Stateless auto configuration

You are the network administrator for a small company that implements NAT to access the Internet. However, you recently acquired 5 servers that must be accessible from outside your network. Your ISP has provided you with 5 additional registered IP addresses to support these new servers but you don't want the public to access these servers directly. You want to place these servers behind your firewall on the inside network yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these 5 servers?

Static

Match the IPv6 address configuration method on the right with it's definition on the left.

Static Full Assignment: The entire 128-bit address and all other configuration information is statically assigned to the host. Static partial Assignment: The prefix is statically assignment and the interface ID is delivered from the MAC address. Stateless Auto-configuration: Clients automatically generate the interface ID and learn the subnet prefix and default gateway through the neighbor discovery protocol (NDP) Stateful DHCPv6: Provides each client an IP address, default gateway, and other IP configuration Stateless DHCPv6: Supplies the client with the DNS server IP address only. Does not provide the client with an IP address and does not track the status of each client.

You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.138.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal website. What should you use to allow access?

Static NAT

You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal Web site. What should you use to allow access? DNS A record Static NAT DNS CNAME record Multicast Dynamic NAT

Static NAT Explanation Static NAT maps an internal IP address to a static port assignment. Static NAT is typically used to take a server on the private network (such as a Web server) and make it available on the Internet. External hosts contact the internal server using the public IP address and the static port. Using a static mapping allows external hosts to contact internal hosts. Dynamic NAT automatically maps internal IP addresses with a dynamic port assignment. On the NAT device, the internal device is identified by the public IP address and the dynamic port number. Dynamic NAT allows internal (private) hosts to contact external (public) hosts but not vice versa. External hosts cannot initiate communications with internal hosts. DNS records associate a host name with an IP address. With multicast, a single data stream can be forwarded to all computers that are members of the same multicast group.

Which type of virus intercepts system requests and alters service outputs to conceal it presence?

Stealth

Arrange the steps in the Change and Configuration Management process on the left in the correct order in which they should be completed on the right.

Step 1 - Identify the need... Step 2 - Conduct a feasibility... Step 3 - Define the procedure... Step 4 - Notify affected parties... Step 5 - Implement the change. Step 6 Test the implementation Step 7 - Document the change.

When troubleshooting network issues, its important to carry out tasks in a specific order. Drag the trouble shooting task on the left to the correct step on the right.

Step 1 Identify the problem Step 2 Establish a theory of probable causes Step 3 Test the theory to determine the cause Step 4 Establish a plan of action Step 5 Implement the solution or escalate Step 6 Verify full system functionality Step 7 Document findings, actions and outcomes

Arrange the Fibre Channel SAN implementations tasks in the order they should be performed.

Step 1- Install a Fibre Channel adapter in each server that will access the shared storage on the SAN. Step 2- Deploy a Fibre Channel switch. Step 3- Connect each server to the Fibre Channel switch using the appropriate fiber optic cabling for the equipment you are using. Step 4- Deploy a shared storage device, such as an external RAID device containing multiple hard disk drives.

You need to connect a workstation to a switch using a regular port on the switch (not an uplink port). The switch does not sport auto-MDI. Which type of cable should you use?

Straight-Through

Which of the following applications is more likely to justify the investment in Category 6 cable? Instant Messaging Printing Email Streaming video

Streaming video Explanation Category 6 cable is specified to extend the available bandwidth from 100 MHz to 200 MHz. This serves as the basis for greater capacity, throughput and reliability. Producing high quality streaming multimedia usually requires consistent highspeed network bandwidth. Email and messaging are typically low bandwidth applications consisting of small, brief transmissions. Printing typically consists of greater amounts of data being transferred, however printing is highly amenable to delays and buffering and usually will not suffer any noticeable effects with decreased bandwidth.

Which of the following protocols includes extensive error checking to ensure that a transmission is sent and received without mistakes?

TCP

Which of the following protocols includes extensive error checking to ensure that a transmission is sent and received without mistakes? TCP UDP UDB UCP

TCP Explanation The TCP protocol includes error checking.

You are an application developer and are writing a program to exchange video files through a TCP/IP network. You need to select a transport protocol that will guarantee delivery. Which TCP/IP protocol would you implement that provides this capability? RIP TCP IP FTP UDP TFTP

TCP Explanation Write the application to use the Transmission Control Protocol (TCP). TCP guarantees delivery through error checking and acknowledgments.

Which of the following is the name of the type of port scan which does not complete the full three-way handshake of TCP, but rather listens only for either SYN/ACK or RST/ACK packets?

TCP SYN scan

You have been asked to document the wiring in the building. You would like to identify the length of each Cat5 cable to verify that it meets Ethernet standards. You need to identify the length of the cables, but most cables run through walls and ceilings, making them difficult to trace. Which tool should you use?

TDR.

Which of the following is a file transfer protocol that uses UDP?

TFTP

Which encryption method is used by WPA for wireless networks?

TKIP

Which encryption method is used by WPA for wireless networks?

TKIP WPA uses TKIP for encryption. TKIP uses rotating encryption keys for added security over WEP. AES encryption is used with WPA2. AES requires specialized hardware that might not be available on a device that only supports WPA. WEP is a security method for wireless networks that provides encryption through the use of a shared encryption key (the WEP key).

You are a network administrator for your company. A user calls and tells you that after stepping on the network cable in her office, that she can no longer access the network. You go to the office and see that one of the user's stiletto heels has broken and exposed some of the wiring in the Cat 5 network cable. You make another cable and attach it from the wall plate to the user's computer. What should you do next in your troubleshooting strategy?

Test the solution.

Match each troubleshooting command on the left with its function on the right. each utility may be used one, more than once, or not at all

Tests connectivity between two network hosts by sending IPv4 ICMP echo requests packets without modifying the TTL parameters/Ping Computes lost/sent packet statistics for each hop in the route between two hosts/ Pathping Used on Linux systems to identify the route between two IPv6 hosts/ Tracetroute6 Used on Windows systems to identify the route between two IPv4 hosts/ Tracert Tests connectivity IPV6/

If dynamic DNS is being used, which of the following events will cause a dynamic update of the host records?

The DHCP server renews an ip address lease The ipconfig/release command is entered on a workstation.

Users complain that they can't connect to the website when they type

The HTTP port should be changed to 80

A small startup company has hired you to harden their new network. Because funds are limited, you have decided to implement a unified threat management (UTM) device that provides multiple security features in a single network appliance: • Firewall • VPN • Anti-spam • Antivirus You join the UTM device to the company's Active Directory domain. The company's traveling sales force will use the VPN functionality provided by the UTM device to connect to the internal company network from hotel and airport public WiFi networks. What weaknesses exist in this implementation?

The UTM represents a single point of failure.

Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. What is the most likely cause of this poor WAN performance.

The WAN provider is throttling bandwidth on the link

After installing a new DHCP server on the network, you need to verify that the network devices are receiving IP addresses via DHCP. You reboot a Windows XP client system and using the ipconfig command, receive the following information: Ethernet adapter Local Area Connection 1: Description: CardBus-II 10/100 PC Card Physical Address : 02-00-4C-3F-50 DHCP Enabled : Yes Auto configuration Enabled : Yes Auto configuration IP Address : 169.254.25.129 Subnet : 255.255.0.0 Default Gateway: DNS Servers: Which of the following statements are true?

The client system is unable to reach the DHCP server. The client system is configured to use DHCP.

A workstation is connected to a switch on the Gi0/2 interface using a straight-through cable. The ethernet interface in the workstation has bee manually configured to use a 100Mbps link speed in full-duplex mode. Which of the following are true in this scenario? select three

The switch attempts to sense the link speed If the link speed is 100Mbps or 100Mbps, half-duplex is used. If the link speed is 1000Mbps or faster, full-duplex is used.

You suspect that an Xmas tree attack is occurring on a system. Which of the following could result if you do not stop the attack?(Select two)

The system will be unavailable to respond to legitimate requests AND the threat agent will obtain information about open ports on the system

A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While talking to her, you discover that she is trying to work from the break room two floors above the floor where she normally works. What is the most likely cause of her connectivity problem?

The user is out of the effective range of the wireless access point on her floor

A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While talking to her, you discover that she is trying to work from the coffee rom two floors above the floor where she normally works. What is the most likely cause of her connectivity problem?

The user is out of the effective range of the wireless access point on her floor

A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer.While talk to her, you discover that she is trying to work from the coffee room two floors above the floor where she normally works. What is the most likely cause of her connectivity problem?

The user is out of the effective range of the wireless access point on her floor.

Your organization uses an 802.11b wireless network. Recently other tenets installed the following equipment in your building....

The wireless tv system

You are monitoring network traffic on your network and you see a large amount of traffic between a Windows

The workstation is using NetBIOS to access shared resources on the server

You are monitoring network traffic on your network and you see a large amount of traffic between a Windows workstation and a Window server on the following ports: *137 *138 *139 Which is the source of this network traffic?

The workstation is using NetBIOS to access shared resources on the server.

While viewing the status of the interfaces on a Cisco switch, you see abnormally large of oversized ethernet frames being received on one interface. This interface is connected to a workstation located on the 2nd floor. What could be causing this to happen?

The workstation's network board is jabbering

Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. You ran the show interface. What are the most likely causes of this WAN issues? interface: up protocol: statues down

There is a data link encapsulation protocol mismatch between the WAN interfaces on both ends of the link.

Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. You ran the show interface. What are the most likely causes of this WAN issues?

There is an IP address misconfiguration issues between the WAN interfaces on both ends of the link.

Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. You ran the show interface. What are the most likely causes of this WAN issues?

There is an authentication misconfiguration issue the WAN interfaces on both ends of the link

Your organization recently opened a branch office in a remote area. Because of its location, traditional WAN connectivity was not available. so you contracted with a satellite provider to connect the branch office network to your home office network. What is the most likely cause of this poor WAN performance.

There is latency on the WAN link.

What is the primary purpose of gateway redundancy?

To overcome a single point of failure on the next hop router.

Which of the following is a good reason to install a firewall ?

To prevent hackers from accessing your network

What type of cabling is used with 100BaseTX Fast Ethernet networks?

Type 1A STP or Category 5 UTP

What type of cabling is used with 100BaseTX Fast Ethernet networks? Type 1A STP or Category 5 UTP Type 5 STP or Category 1 UTP Category 3 UTP, Category 4 UTP, or Category 5 UTP None of the above

Type 1A STP or Category 5 UTP Explanation Either Type 1A STP or category 5 UTP can be used with 100BaseTX Fast Ethernet networks.

Which protocol and port number is used by BOOTP/DHCP?

UDP 67

What is the greatest threat to the confidentiality of data in most secure organizations?

USB devices

You administer a network with windows 200 unix servers, ad windows 2000 professionl, windows 98, and macintosh clients. A user of a windows 98 computer calls you one day and says he is unable to access respurces on the network. You type IPCONFIG on the users computer and receive the following output 0 ethernet adapter

Unavailable DHCP server

Which of the following are characteristics of VDSL? (Select Two)

Unequal download and upload speeds Supports both data and voice at the same time

Which type of address is used in a packet to address the packet to a single host?

Unicast

Which type of address is used in a packet to address the packet to a single host? Multicast Fullduplex Unicast Simplex Broadcast

Unicast Explanation A unicast address is an address that identifies a single host. A broadcast address is an address that is sent to all hosts. Broadcast traffic is typically only forwarded within (but not between) a subnet. A multicast address is an address that identifies a group of computers. Members of the group share the same multicast address. Simplex communication uses a single channel for both sending and receiving. Full-duplex has a dedicated send and receive channel between any two hosts.

Which type of address is the IP address 198.162.12.254/24? Unicast Private Multicast Broadcast

Unicast Explanation The address 198.162.12.254 is a unicast address that identifies a single host on the 198.162.12.0 subnet. 198.162.12.255 is the broadcast address for the subnet. Multicast addresses are in the range of 224.0.0.0 to 239.255.255.255. The private IPv4 address ranges are: • 10.0.0.1 to 10.255.255.254 • 172.16.0.1 to 172.31.255.254 • 192.168.0.1 to 192.168.255.254

You've been asked by upper management if there is a way to integrate phone calls, emails, and instant messaging into a single platform. Which of the following systems should you recommend to them?

Unified communication

While trying to log on, a user accidently typed the wrong password three times, and now the system tells him that he can't log on because of too many incorrect passwords. He still remembers his password, but just typed it wrong. He needs access as quickly as possible, what should you do?

Unlock the account

You have been recently hired to mange a network for a small company. Prior to your arrival, the entire network was migrated from IPv4 to IPv6. Which strategy could you imply to help prevent these issues from occurring?

Use a /127 prefix on the backbone segment.

While configuring a new 802.11g wireless network, you discover another wireless network within range that uses the same channel ID that you intend to use. Which of the following strategies are you most likely to adopt in order to avoid a conflict between the networks?

Use a different channel ID

You are troubleshooting a connectivity problem in which one client system is unable to connect to a server. Both the server and the client system are connected to the same Ethernet network switch. No other users have complained of a problem, and you suspect that faulty network cabling might be to blame. Which of the following troubleshooting steps are you most likely to perform first?

Use a media tester to test the cable between the computer and the network switch.

You have 5 salespersons who work out of your office and who frequently leave their laptops laying on their desk in their cubicles. You are concerned someone might walk by and take of of these laptops. Which of the following is the best protections to implement to address your concerns?

Use cable locks to chain the laptops to the desks.

You are preparing to attach wires in a 110 block. You want to connect the wires and trim off the excess at the same time. Which of the following should you do? (Select two.) Use a butt set with clips. Use a punchdown tool with a notched blade. Point the cut side of the tool towards the connected end of the wire. Use a punchdown tool with a straight blade. Use a butt set with a jack. Point the cut side of the tool towards the wire end.

Use a punchdown tool with a notched blade. Point the cut side of the tool towards the wire end. Explanation Use a punchdown tool to connect wires to a 110 or 66 block. When using a punchdown tool, choose the right blade for the job: • Use a notched blade for a 110 block. • Use a straight blade for a 66 block. • For both blade types, you can use the end without a cutting blade if you want to punch down without cutting the wire. When using the cutting blade, point the cut side of the punchdown tool towards the wire end that you want to trim.

You manage a network with a single switch. All hosts connect to the... You want to increase the security of devices that are part of the accounting department... What should you do?

Use a router to configure a subnet for the accounting computers

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires and ID card to gain access...What should you do to increase the security of this device?

Use a stronger administrative password

You have just been hired as a network administrator. A user has just changed offices and needs you to activate the network and telephone communications in his office. However, the wiring at the punch down block is labeled poorly and you are unable to tell which wires go to the user's office. What should you do?

Use a tone generator to locate the correct wiring.

You just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card to gain access. You backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with a username of admin and a password of admin. You used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? (Select two.)

Use an SSH client to access the router configuration. Change the default administrative username and password.

You have 5 salesmen who work out of your office and who frequently leave their laptops laying on their desk in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best protection to implement to address your concerns?

Use cable locks to chain the laptops to the desks

You have 5 salesmen who work out of your office and who frequently leave their laptops laying on their desk in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best protection to implement to address your concerns?

Use cable locks to chain the laptops to the desks

You are the network administrator for a growing business. When you were initially hired, the organization was small and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device's console. However, the organization has grown considerably in recent months. You now must manage 8 individual switches and three routers. It's becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner. What should you do?

Use syslog to implement centralized logging.

Which of the following methods would you use to create a crossover cable?

Use the T568A standard on one connector, and the T568B standard on the other connector.

Which of the following methods would you use to create a crossover cable? Use the T568B standard. Use the T568A standard on one connector, and the BLOG convention on the other connector. Use the T568A standard on one connector, and the T568B standard on the other connector. Use the T568B standard on one connector, and the BLOG convention on the other connector. Use the T568A standard.

Use the T568A standard on one connector, and the T568B standard on the other connector. Explanation The easiest way to create a crossover cable is to arrange the wires in the first connector using the T568A standard and arrange the wires in the second connector using the T568B standard. A crossover cable connects the transmit pins on one connector to the receive pins on the other connector (pin 1 to pin 3 and pin 2 to pin 6).

You have installed anti-virus software on computers at your business... What should you add to your security measures to help prevent this from happening again?

User awareness training

Which of the following statements about the functionality of LCP are true? select three

Username and passwords may be required during the handshake LCP provides multilink support Data can be compressed at the source and decompressed at the destination

Phising.

Users on your network report that they have received an e-mail stating that the company has just launched a new Website for employees, and to access the Website they need to go there and enter their username and password information. No one in your company has sent this email. What type of attack is this?

On a wireless network that is employing WEP, which type of users are allowed to authenticate through the access points?

Users with the correct WEP key

Which of the following are characteristics of TACACS+? (Select two.)

Uses TCP Allows for a possible of three different servers, one each for authentication, authorization, and accounting

Which of the following are characteristics of ATM?

Uses fixed-length cells of 53-bytes. Adds labels to data units.

Which of the following statements about SSL VPN are true? select two

Uses port 443 Encrypts the entire communication session

You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?

VLAN Define virtual LANs (VLANs) on the switch. With a VLAN, a port on the switch is associated with a VLAN. Only devices connected to ports that are members of the same VLAN can communicate with each other. Routers are used to allow communication between VLANs if necessary.

You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a wiring closet on the two remaining floors directly above the wiring closet on the main floor. What would you use to connect the wiring closets together?

Vertical Cross Connect

Which of the following terms describes a test lab environment that does not require the use of physical hardware?

Virtual sandbox

You need to provide DHCP and file share services to a physical network. These services should be deployed using virtualization. Which type of virtualization should you implement?

Virtual servers

You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a wiring closet on the two remaining floors directly above the wiring closet on the main floor. What would you use to connect the wiring closets together? Demarc extension Horizontal cross connect Vertical cross connect Smart jack

Vertical cross connect Explanation A vertical cross connect connects the main distribution frame (MDF) on the main floor to intermediate distribution frames (IDFs) on upper floors. Cabling runs vertically (up and down) between the MDF and the IDFs. A horizontal cross connect connects IDFs on the same floor. Cabling runs horizontally (sideways) between the IDFs. A smart jack is a special loopback plug installed at the demarcation point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc. A demarc extension extends the demarcation point from its original location to another location within the building. The demarc extension typically consists of a single wire bundle that attaches to the existing demarc and supplies a termination point to a different location. You might need a demarc extension if your network occupies an upper floor of a building. The LEC will typically install the demarc into the MDF on the bottom floor, and you will need to install an extension to place the demarc into the IDF on your floor.

Which of the following statements about virtual NICs are true?

Virtual NICs need the appropriate driver installed to function. Multiple virtual NICs can be added to a virtual machine.

You have configured a virtual network that includes the following virtual components: *Four virtual machines (Virtual OS 1, Virtual OS 2, etc.) *One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Give the port configuration for the virtual switch and the physical switch in the table below, click on on all of the virtual and physical machines Virtual OS 1 can communicate with.

Virtual OS 2 Virtual OS 3

You have configured a virtual network that includes the following virtual components: *Four virtual machines (Virtual OS 1, Virtual OS 2, etc.) *One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Give the port configuration for the virtual switch and the physical switch in the table below, click on on all of the virtual and physical machines Virtual OS 1 can communicate with. Virtual Switch - P1 - Virtual OS 1- Virtual Network1 P2 - Virtual OS 2 - Virtual Network2 P3 - Virtual OS 3 - Virtual Network1 P4 - Virtual OS 4 - Virtual Network2 P5 - Virtual Switch - Virtual Network1, Physical Network Physical Switch P1 - Physical Switch - Physical Network P2 - Physica OS1 - Physical Network P3 - Physica OS2 - Physical Network P4 - Physica OS3 - Physical Network P5 - Physica OS4 - Physical Network

Virtual OS 3 Physical OS 1 Physical OS 2 Physical OS 3 Physical OS 4

What is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found?

Virus

Which of the following protocols carry phone calls over an IP-based network?

VoIP

You want to be able to identify the services running on a set of servers on you network. Which tool would best give you the information you need?

Vulnerability Scanner

What is the main difference between vulnerability scanning and penetration testing?

Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter

What is the main difference between vulnerability scanning and penetration testing?

Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.

What wireless security methods use a common shared key configured on the wireless access point and all wireless clients?

WEP, WPA Personal, WPA2 Personal

You are configuring a firewall to allow access to a server hosted on the demilitarized zone of your network. You open IP ports 80, 25, 110 and 143. Assuming that no other ports on the firewall need to be configured to provide access, what applications are most likely to be hosted on the server?

Web server, e-mail server

You manage a website for your company. The website uses three... Considering the availability of your website, which component represents a single point of failure?

Website storage

You manage a website for your company. The website uses three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component represents a single point of failure?

Website storage A single point of failure means that failure in one component will cause the entire website to be unavailable. If the storage unit fails, then the website content will be unavailable.

You have configured your organization's DHCP server to dynamically assign IP addresses to DHCP clients using a lease duration of four days. A user's workstation is powered on and receives addressing information from this DHCP server Monday morning at 8 am. When will the client contact the DHCP?

Wednesday morning

A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind production. The email is sent from someone she doesn't know and he is asking for immediate clarification on several of the project's details so the project can get back on schedule. Which type of an attack best describes the scenario?

Whaling

A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind production. The email is sent from someone she doesn't know and he is asking for immediate clarification on several of the project's details so the project can get back on schedule. Which type of an attack best describes the scenario?

Whaling Whaling is a form of a social engineering attack that is targeted to senior executives and high profile victims. Social engineering is an attack that exploits human nature by convincing someone to reveal information or perform an activity.

Virus.

What is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found?

A worm can replicate itself and does not need a host for distribution.

What is the main difference between a worm and a virus?

How do switches and bridges learn where devices are located on a network? When a frame enters a port, the destination IP address is copied from the frame header. When a frame enters a port, the source IP address is copied from the frame header. When a frame enters a port, the source MAC address is copied from the frame header. When a frame enters a port, the destination MAC address is copied from frame header.

When a frame enters a port, the source MAC address is copied from the frame header. Explanation Bridges and switches learn addresses by copying the MAC address of the source device and placing it into the MAC address table. The port number which the frame entered is also recorded in the table and associated with the source MAC address. The switch or the bridge cannot record the destination MAC address because it does not know the port that is used to reach the destination device. Bridges and switches operate at Layer 2 and do not use IP addresses (which exist at Layer 3).

When would you typically use an RJ11 connector? When using single mode fiber optic cables. When connecting a phone to a phone line. When using multimode fiber optic cables. When using RG6 cables. When using Cat 3 cables. When using Cat 5 or higher cables.

When connecting a phone to a phone line. Explanation An RJ11 connector is used for connecting analog telephones to the telephone jacks. Cat 3, Cat 5, and higher twisted pair cables use RJ45 connectors. Coaxial cables use Ftype or BNC connectors. Fiber optic cables use a variety of connectors (RC, RT, LC, MTRJ).

Dumpster diving. Shoulder surfing.

Which of the following are examples of social engineering?

IPSec.

Which of the following is the best countermeasure against man-in-the-middle attacks?

Anti-virus software.

Which of the following measure are you most likely to implement in order to protect against a worm or Trojan horse?

Anti-virus software should be configured to download updated virus definitions as soon as they become available.

Which of the following statements about the use of anti-virus software is correct?

You want to use the T568B standard for adding connectors to your Cat5 cable. Starting with pin 1, which order should you use for the wires within the connector?

White/orange, orange, white/green, blue, white/blue, green, white/brown, brown

Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.

White box test The tester has detailed information about the target system prior to starting the test. Grey box test The tester has the same amount of information that would be available to a typical insider in the organization. Black box test The tester has no prior knowledge of the target system. Single blind test Either the attacker has prior knowledge about the target system, or the administrator knows that the test is being performed. Double blind test The tester does not have prior information about the system and the administrator has no knowledge that the test is being performed.

Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.

White box test The tester has detailed information about the target system prior to starting the test. Grey Box test The tester has the same about of information that would be available to a typical insider in the organization. Black box test The tester has no prior knowledge of the target system. Single blind test Either the attacker has prior knowledge about the target system, or the administrator knows that the test is being performed. Double blind test The tester does not have prior information about the system and the administrator has no knowledge that the test is being performed

You are connecting Cat5e cables to a 110 block. In what order should you connect the wires to follow standard wiring conventions? White/orange, orange, white/green, blue, white/blue, green, white/brown, brown White/green, green, white/orange, blue, white/blue, orange, white/brown, brown White/blue, blue, white/orange, orange, white/green, green, white/brown, brown White/brown, brown, white/blue, blue, white/orange, orange, white/green, green

White/blue, blue, white/orange, orange, white/green, green, white/brown, brown Explanation When connecting data wires on a 110 block, you typically connect wires in the following order: • White wire with a blue stripe, followed by the solid blue wire. • White wire with an orange stripe, followed by the solid orange wire. • White wire with a green stripe, followed by the solid green wire. • White wire with a brown stripe, followed by the solid brown wire. Tip: Use BLOG (blue-orange-green) to remember the wire order, and remember to start with the white striped wire first. When adding RJ45 connectors to a drop cable, use one of the following orders, based on the standard you want to follow: • T568A- To use this standard, arrange the wires from pins 1 to 8 in each connector in the following order: GW, G, OW, B, BW, O, BrW, Br. • T568B- To use this standard, arrange the wires from pins 1 to 8 in each connector in the following order: OW, O, GW, B, BW, G, BrW, Br.

You want to use the T568A standard for adding connectors to your Cat5 cable. Starting with pin 1, which order should you use for the wires within the connector? White/orange, orange, white/green, blue, white/blue, green, white/brown, brown White/green, green, white/orange, blue, white/blue, orange, white/brown, brown White/orange, orange, white/green, green, white/blue, blue, white/brown, brown White/blue, blue, white/orange, orange, white/green, green, white/brown, brown

White/green, green, white/orange, blue, white/blue, orange, white/brown, brown Explanation The T568A standard uses the following order of wires in the connector: White/green, green, white/orange, blue, white/blue, orange, white/brown, brown. The T568B standard switches the orange and green wires (along with their corresponding white wires). Use the order Blue-Orange-Green-Brown (BLOG), with the white wire first, for connecting wires on a 110 punchdown block.

You want to use the T568B standard for adding connectors to your Cat5 cable. Starting with pin 1, which order should you use for the wires within the connector? White/blue, blue, white/orange, orange, white/green, green, white/brown, brown White/orange, orange, white/green, blue, white/blue, green, white/brown, brown White/orange, orange, white/green, green, white/blue, blue, white/brown, brown White/green, green, white/orange, blue, white/blue, orange, white/brown, brown

White/orange, orange, white/green, blue, white/blue, green, white/brown, brown Explanation The T568B standard uses the following order of wires in the connector: White/orange, orange, white/green, blue, white/blue, green, white/brown, brown. The T568A standard switches the green and orange wires (along with their corresponding white wires). Use the order Blue-Orange-Green-Brown (BLOG), with the white wire first, for connecting wires on a 110 punchdown block.

What form of networking is highly susceptible to eaves dropping (data interception) and must be secured accordingly?

Wireless

Which of the following forms of networking is highly susceptible to eavesdropping and must be secured accordingly?

Wireless

Which of the following is true when the DHCP setting is disabled in a wireless network?

Wireless clients must use a static IP address within the correct IP address range to connect to the network

Which type of documentation would you consult to find the location of RJ-45 wall jacks and their endpoints in the intermediate distribution closet?

Wiring schematic

You are troubleshooting a workstation connection... different port on the patch pane. Which type of document should you update?

Wiring schematic

Which of the following documents would likely identify that drop cables on your network use the T568A standard?

Wiring schematic.

Which type of documentation would you consult to find the location of RJ-45 wall jacks and their endpoints in the intermediate distribution closet?

Wiring schematic.

You are troubleshooting a workstation connection to the network. During your troubleshooting, you move the cable in the wiring closet to a different port on the patch panel. Which type of document should you update?

Wiring schematic.

You are troubleshooting the connection of a computer in an office to punchdown block in the distribution closet. Which document would you consult to identify the termination of the cable on the punchdown block based on the wall jack location in the office?

Wiring schematic.

Which of the following benefits apply only to creating VLANs with switches and not to segmenting the network with regular switches?

You can create multiple broadcast domains

In which of the following situations might you use an RJ11 connector? You want to connect the 10BaseT network card in your computer to a switch. You want to connect your computer to the Internet with a dialup connection. You want to upgrade your 10BaseT network to 100BaseT. You want to test a network cable to see if there is a break in the line.

You want to connect your computer to the Internet with a dialup connection. Explanation RJ11 connectors are typically used for telephones and modems.

In which of the following situations would you most likely implement a demilitarized zone (DMZ)?

You want to protect a public Web server from attack.

A good reason to install a firewall?

You want to restrict Internet users from accessing private data on your network

You're trying to access your office network with your Windows workstation from home using your organization's virtual private network (VPN). Your DSL modem has connected to your ISP, but you can't connect to your office network. You issue the ipconfig command from the command prompt and learn that your system has been assigned an IP address of 169.254.1.12. What's causing the problem?

Your ISP's DHCP server isn't working

Rogue Access Point.

Your company security policy states that wireless networks are not to be used because of the potential security risks they present to your network. One day you find that an employee has connected to a wireless access point to the network in his office. What type of security risk is this?

You have just downloaded a file. You created a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file?

Your copy is the same as the copy posted on the website

You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file?

Your copy is the same as the copy posted on the website. A hash is a function that takes a variable-length string (message) and compresses and transforms it into a fixed-length value. Hashes ensure the data integrity of files and messages in transit. The sender and the receiver use the same hashing algorithm on the original data. If the hashes match, then the data can be assumed to be unmodified. Hashes do not ensure confidentiality (in other words, hashes are not used to encrypt data).

Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack?

Zero knowledge team

You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do? a. Implement version 3 of SNMP b. Implement a RADIUS solution c. Combine SNMP with SSL d. Use SSH instead of SNMP

a. Implement version 3 of SNMP

Because of an unexplained network slowdown on your network, you decide to install monitoring software on several key network hosts to locate the problem. You will then collect and analyze data from a central network host. What protocol will the software use to detect the problem? a. TCP/IP b. SNMP c. IPX d. SMTP e. The primary protocol of your network

b. SNMP

One of the components of Simple Network Management Protocol (SNMP) is an alert. Which of the following best describes an SNMP alert? a. An event configured on an agent. When the event occurs, the agent logs details regarding the event b. Sends a message via email or SMS when an event occurs c. Uses GETNEXT messages to navigate the structure of an MIB d. A message sent from a management system, requesting info about a specific OID

b. Sends a message via email or SMS when an event occurs

What are (2) functions performed by proxy servers?

block employees from accessing certain web sites // cache web pages

You are troubleshooting a network connectivity issue on a Unix system. You are able to connect to remote systems by using their IP address, but unable to connect using the hostname. You check the TCP/IP configuration, and note that a DNS server IP address is configured. You decide to run some manual resolution queries to ensure that the communication between the Unix system and the DNS server are working correctly. Which utilities can you use to do this? (Choose two .) A. traceroute B. tracert C. dig D. nslookup

dig nslookup

You need to perform a reverse lookup of the 10.0.0.1 IP address. Which command can you use to accomplish this? (Select two. Each response is a complete solution.) A. nbtstat -a 10.0.0.3 B. ipconfig /dnslookup 10.0.0.3 C. dig -x 10.0.0.3 D. nslookup 10.0.0.3 E. arp 10.0.0.3

dig -x 10.0.0.3 nslookup 10.0.0.3

Which of the following intrusion detection and prevention systems use fake resources to entice intruders by displaying a vulnerability, configuration flaw, or valuable data?

honeypot

What do biometrics use to perform authentication of identity?

human characteristics

You are in the process of configuring an iSCSI storage area network (SAN) for your network.... Which tool should you use?

iSCSI Initiator

You are troubleshooting a connectivity problem on a Linux server. You are able to connect to another sysem on the local network, but are not able to connect to a server on a remote network. You suspect that the default gateway information for the system may be configured incorrectly, which of the following commands would you use to view the default gateway information on the linux server

ifconfig

You want to be able to view the DNS server address that a computer is using. Which of the following utilities would you use

ifconfig Ipconfig

You are troubleshooting a connectivity problem on a Linux server. You are unable to connect to another system on the local network, but are not able to connect to a server on a remote network. You suspect that a default gateway information for the system may be configured incorrectly. Which of the following commands would you use to view the default gateway information on a Linux server?

ifconfig.

Your wireless network consists of multiple 802.11n access points that are configured as follows... what should you do

implement antenna diversity

You need to place a wireless access point in your two-story building. While trying avoid interference, which of the following is the best location for the access point?

in the top floor

A user reports that he can't browse to a specific Web site on the Internet. From his computer, you find that a ping test to the Web server succeeds. A trace route test shows that 17 hops to the destination Web server. What is the most likely cause of the problem?

incorrect DNS server address

You have been called in to troubleshoot a connectivity problem on a newly installed windows Server 2003 system. The system is operating satisfactorily and is able to communicate with other systems on the local network. However it is unable to access any systems on other segments of the corporate network. You suspect that the default gateway parameter for the system has not been configured, or may be configured incorrectly. Which of the following utilitis are you most likely to use to view the default gate way information for the system

ipconfig

You want to be able to view the DNS server address that a computer is using. Which of the following utilities would you use?

ipconfig. ifconfig.

you troubleshooting an ip addresing issue, and so issue a command to view the tcp/ip configuration of the sysem. the command you use produces the folling output: fxp0; flags=8843&lt;up,broadcast,running,simplex,multicast&gt; mtu 1500

linux

Switches running the STP are in the process of exchanging BPDUs and defining their roles. In what state are the switches?

listening

You have decided to conduct a business meeting at a local coffee shop. The coffee shop you chose has a wireless hotspot for its customers who want Internet access. You decide to check your e-mail before the meeting begins, but when you open the browser you cannot gain Internet access. Other customers are on the Internet and because you use a wireless connection at work, you are sure your laptops wireless adapter works. What is the likely cause of this problem?

mismatched SSID

You administer a NetBIOS-based network that uses the TCP/IP protocol. You are trying to troubleshoot a computer that is unable to contact a server by its NetBIOS name. Which command can you use to check the connection?

nbtstat

Which TCP/IP utility gives you the following output?

nbtstat -c.

Your computer is sharing information with remote computer using the TCP/IP protocol. Suddenly, the connection stops working and appears to hang. Which command can you use to check the connection?

netstat

Examine the following output : Server : helicuplar.xct.takro.net Address : 209.53.4.130 Name : westsim.com Address : 64.78.193.84 Which of the following utilities produced this output? A. nslookup B. tracert C. ipconfig D. netstat

nslookup

Mary calls to tell you that she can't connect to an intranet server called WebSrvl. From her computer, you ping the server's IP address. The ping test is successful. Which tool would you use on her workstation next to troubleshoot the problem? A. tracert B. nslookup C. nbtstat D. netstat E. arp

nslookup

Examine the following output. Reply from 64.78.193.84: bytes=32 time=86ms TTL=115 Reply from 64.78.193.84: bytes=32 time=43ms TTL=115 Reply from 64.78.193.84: bytes=32 time=44ms TTL=115 Reply from 64.78.193.84: bytes=32 time=47ms TTL=115 Reply from 64.78.193.84: bytes=32 time=44ms TTL=115 Reply from 64.78.193.84: bytes=32 time=44ms TTL=115 Reply from 64.78.193.84: bytes=32 time=73ms TTL=115 Reply from 64.78.193.84: bytes=32 time=46ms TTL=115 Which of the following utilities produced this output?

ping

Which TCP/IP utililty gives you the following output? reply from 192.168.1.168 bytes=32 time<10ms TTL=128

ping

Which TCP/IP utility gives you the following output? Reply from 192.168.1.68: bytes=32 time<10ms TTL=128 Reply from 192.168.1.68: bytes=32 time<10ms TTL=128Reply from 192.168.1.68: bytes=32 time<10ms TTL=128Reply from 192.168.1.68: bytes=32 time<10ms TTL=128 Packets: Sent = 4, Received = 4, Lost = 0 <0% loss>, Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms

ping.

Which of the following connectors is typically used on one end of a rollover cable?

serial

Which network component connects a device with the transmission media and allows it to send and receive messages?

Network Interface card

Which of the following functions are performed at the Physical Layer of the OSI Model?

Movement of data across network cables

Consider the 850nm multimode fiber optic cable shown below. How much loss can you expect between the transmitter and the receiver?

-1.2db

Which of the following are functions of the MAC sublayer? (Select two)

-Defining a unique hardware address for each device on the network -Letting devices on the network have access to the LAN

Which of the following protocols stores e-mail on the mail server and gives users a choice to download mail or keep it on the server?

IMAP4 (Internet Mail Access Protocol V4)

You are asked to recommend an email retrieval protocol for a company's sales team. The sales team needs to access email from various locations and possibly different computers. The sales team does not want to worry about transferring email messages or files back and forth between these computers. Which email protocol was designed for this purpose?

IMAP4 (Internet Mail Access Protocol V4)

At which OSI model layer does a media converter operate?

Layer 1

You have a server that has a 100BaseFX network interface card that you need to connect to a switch. The switch only has 100BaseTX switch ports. Which device should you use?

Media converter

You have been asked to implement a network infrastructure that will accommodate failed connections. Which of the following network topologies provides redundancy for a failed link?

Mesh

You have implemented an ad-hoc wireless network that doesn't employ a wireless access point. Every wireless network card can communicate directly with any other wireless network card on the network. What type of physical network topology has been implemented in this type of network?

Mesh

At what OSI layer does a router operate to forward network messages?

Network

You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum. You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used single mode GBIC modules on eBay that you will install in each router to allow them to connect to the switch. Both the switch and the GBIC modules use MTRJ connectors. You purchase several used 1 meter multimode patch cables from Amazon.... Will this implementation work?

No, you should purchase patch cables that use MT-RJ connectors.

You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum. You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used single mode GBIC modules on eBay that you will install in each router to allow them to connect to the switch. Both the switch and the GBIC modules use MTRJ connectors. You connect each module to the switch with 1 meter multimode patch cables. Will this implementation work?

No, you shouldn't use multimode patch cables with single mode GBIC modules

Which of the following is used to terminate individual wires from a 25 pair or 100 pair cable using female RJ-45 ports?

Patch Panel

What tool should you use to extend network services beyond the demarc?

Punchdown tool

You are working with 25 pair wires and 66 blocks. You have pushed the wires onto the 66 block, but now need to cut off the excess end of each wire. What tool do you use?

Punchdown tool

You have a small network that uses a hub to connect to multiple devices. What physical topology is used?

Star


Kaugnay na mga set ng pag-aaral

Essentials of Pediatric Nursing - Chapter 16

View Set

Principles of Accounting Chapter 2

View Set

Domain/Range of Inverse Trig Functions

View Set

305 inflammation practice questions for final exam

View Set

MANA3335 MindTap Learn It: Chapter 02: The Environments of Organizations and Managers

View Set

Angles, standard form, and radians

View Set

Ch. 9 Cliff's Bio: Biological Diversity

View Set

Geology Chapter 2 multiple choice

View Set

Chapter 05 - Decision Time: Schedule

View Set