ITM 220 FInal
The device listens to determine if the transmission media is free
A network is connected following the IEEE 802.3 specifications. Which of the following best describes when a device can transmit messages?
Increases network performance. Provides a failover solution for network adapters.
An application-specific integrated circuit
Man-in-the-middle attack
An attacker captures packets as they travel from one host to another with the intent of altering the contents of the packets. Which type of attack is being executed?
Privilege escalation
An attacker has obtained the logon credentials for a regular user on your network. Which type of security threat exists if this user account is used to perform administrative functions?
Switch
Angela is the network administrator for a rapidly growing company with a 100BaseT network. Users have recently complained about slow file transfers. While checking network traffic, Angela discovers a high number of collisions. Which connectivity device would best reduce the number of collisions and allow future growth?
Fiber optic
Ethernet 100BaseFX networks use what type of cabling?
Update your virus detection software.
If your anti-virus software does not detect and remove a virus, what should you try first?
Business processes
In business continuity planning, what is the primary focus of the scope?
A hypervisor allows virtual machines to interact with the hardware without going through the host operating system.
In virtualization, what is the role of the hypervisor?
You want to protect a public web server from attack.
In which of the following situations would you most likely implement a demilitarized zone (DMZ)?
You want to restrict the devices that could connect through a switch port.
In which of the following situations would you use port security?
Ring
In which of the following topologies does each device on the network act as a repeater, sending the signal to the next device?
Combine different media type on to the same subnet.
Incorrect Which of the following is not a reason to use subnets on a network?
1.Virtual firewall 2.Routed firewall 3.Routed firewall 4.Virtual firewall 5.Routed firewall 6.Virtual firewall
Match the firewall type on the left with its associated characteristics on the right. Each firewall type may be used once, more than once, or not at all.
1.Packet filtering firewall-OSI Layer 3 2.Circuit-level proxy-OSI Layer 5 3.Application-level gateway-OSI Layer 7 4.Routed firewall-OSI Layer 3 5.Transparent firewall-OSI Layer 2
Match the firewall type on the right with the OSI layer at which it operates. Each OSI Layer may be used once, more than once, or not at all.
NAP client NAP server Enforcement server (ES) Remediation server
Match the network access protection (NAP) component on the left with its description on the right.
1.HTTP 2.ASCII 3.Session ID Number 4.Port Numbers 5.router 6.switch 7.modem
Match the networking function or device on the left with its associated OSI model layer on the right.
SecureConfigured SecureDynamic SecureSticky
Match the port security MAC address type on the left with its description on the right.
Negotiate compression settings, perform authentication, negotiate Network layer protocols
PPP supports authentication, compression, and multiple Network layer protocols. Which of the following correctly sequences these functions when a PPP link is established?
Low Overhead connectionless datagram services
The UDP transport protocol provides which of the following features? (Select all that apply.)
Modem
To access the internet through the PSTN, what kind of connectivity device must you use?
show interface show running-config interface
The network board in a workstation is currently configured as follows: Network speed = Auto Duplexing = Auto The workstation is experiencing poor network performance, and you suspect that the network board is not correctly detecting the network speed and duplex settings. Upon investigation, you find that it is running at 10 Mbps half-duplex. You know that your network switch is capable of much faster throughput. To fix this issue, you decide to manually configure these settings on the workstation. Before you do so, you need to verify the configuration of the switch port that the workstation is connected to. Given that it is a Cisco switch, which commands can be used on the switch to show a list of all switch ports and their current settings? (Select two.)
443
To increase security on your company's internal network, the administrator has disabled as many ports as possible. Now, though you can browse the internet, you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions?
nbtstat
You administer a NetBIOS-based network that uses the TCP/IP protocol. You are trying to troubleshoot a computer that is unable to contact a server by its NetBIOS name. Which command can you use to check the connection?
An unavailable DHCP server.
You administer a network with Windows Server 2016 and UNIX servers and Windows 10 Professional, Windows 7, and Macintosh clients. A Windows 7 computer user calls you one day and says he is unable to access resources on the network. You type ipconfig on the user's computer and receive the following output:
White/blue, blue, white/orange, orange, white/green, green, white/brown, brown
You are connecting Cat 5e cables to a 110 block. What order should you connect the wires in to follow standard wiring conventions?
It is a dial-up service that uses existing copper wires for the local loop. It lets you transmit voice, video, and data over the same lines. It provides enough bandwidth to transmit data at higher speeds than standard modems and analog lines.
Which of the following are characteristics of ISDN? (Select three.)
Adds labels to data units Supports variable-length data units
Which of the following are characteristics of MPLS? (Select two.)
Uses TCP. Allows the possibility of three different servers, one each for authentication, authorization, and accounting.
Which of the following are characteristics of TACACS+? (Select two.)
Tunnel endpoints configured on hosts. Works through NAT. Dual stack hosts.
Which of the following are characteristics of Teredo tunneling? (Select three.)
Supports both data and voice at the same time Unequal download and upload speeds
Which of the following are characteristics of VDSL? (Select two.)
Stateful Filters by session
Which of the following are characteristics of a circuit-level gateway? (Select two.)
Filters IP addresses, not ports Stateless
Which of the following are characteristics of a packet filtering firewall? (Select two.)
Hides itself from detection. Requires administrator-level privileges for installation.
Which of the following are characteristics of a rootkit? (Select two.)
They use a housing and latch system similar to an RJ45 UTP connector. They are half the size of standard connectors.
Which of the following are characteristics of an LC fiber optic connector? (Choose two.)
They use metal guide pins to ensure accurate alignment. They can be used with multi-mode fiber optic cables.
Which of the following are characteristics of an MTRJ fiber optic connector? (Select two.)
It has a conductor made from copper in the center of the cable. The ends of the cable must be terminated. It uses two concentric metallic conductors.
Which of the following are characteristics of coaxial network cable? (Select three.)
Fraggle Smurf
Which of the following are denial of service attacks? (Select two.)
RADIUS combines authentication and authorization into a single function; TACACS+ allows these services to be split between different servers.
Which of the following are differences between RADIUS and TACACS+?
Photo ID Smart card
Which of the following are examples of Type 2 authentication credentials? (Select two.)
Shoulder surfing Dumpster diving
Which of the following are examples of social engineering? (Select two.)
2.4 GHz 5.75 GHz
Which of the following are frequencies defined by 802.11 committees for wireless networking? (Select two.)
Defining a unique hardware address for each device on the network Letting devices on the network have access to the LAN
Which of the following are functions of the MAC sublayer? (Select two.)
Authentication for agents and managers Encryption of SNMP messages
Which of the following are improvements to SNMP that are included within SNMP version 3? (Select two.)
Identifying physical network devices. Controlling how messages are propagated through the network.
Which of the following are included as part of Data Link layer specifications? (Select two.)
RADIUS TACACS+
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access? (Select two.)
The device is inactive for a period of time.
Which of the following are not reasons to remote wipe a mobile device?
257.0.122.55 45.22.156.256 145.8.260.7
Which of the following are not valid IP addresses? (Select three.)
Increased number of broadcast domains Increased security
Which of the following are reasons to configure VLANs on a switch as opposed to using switches without VLANs? (Select two.)
Identify users that are connecting to unauthorized websites. Find devices that might be using legacy protocols, such as IPX/SPX or NetBIOS.
Which of the following are reasons to use a protocol analyzer? (Select two.)
The cable length must be less than or equal to 100m Cat 5e cabling RJ45 connectors
Which of the following are requirements of the 1000BaseT Ethernet standards? (Select three.)
Smartjack
Users report that the internet is no longer accessible. You suspect that the line connecting your building to the internet is not working properly. Which of the following allows the service provider to remotely test the local loop?
Determine if escalation is needed.
Users report that the network is down. As a help desk technician, you investigate and determine that a specific router is configured so that a routing loop exists. What should you do next?
IDS IPS
Which of the following are security devices that perform stateful inspection of packet data, looking for patterns that indicate malicious code? (Select two.)
Require identification and name badges for all employees. Escort visitors at all times.
Which of the following are solutions that address physical security? (Select two.)
Local loop PSE CO
Which of the following are the the WAN service provider's responsibility to maintain? (Select three.)
Handles requests from the internet to a server in a private network. Can perform load balancing, authentication, and caching.
Which of the following are true about reverse proxy? (Select two.)
Supports multiple interfaces. Counts as a router hop.
Which of the following are true about routed firewalls? (Select two.)
Verifies sequencing of session packets. Operates at the Session layer.
Which of the following are true of a circuit proxy filter firewall? (Select two.)
It supports IPv6 routing. It divides large networks into areas.
Which of the following are true of the IS-IS routing protocol? (Select two.)
A single T1 channel can transfer data at 64 Kbps. T1 lines use two pairs of copper wire.
Which of the following correctly describes the T1 carrier system? (Select two.)
Spam
Which of the following could easily result in a denial of service attack if the victimized system had too little free storage capacity?
An agreement that identifies the employee's rights to use company property, such as internet access and computer equipment, for personal use.
Which of the following defines an acceptable use agreement?
Offers speeds of 400-1,000 Kbps The first internet-compatible technology
Which of the following describe the EDGE cellular technology? (Select two.)
One D channel operating at 16 Kbps Two B channels operating at 64 Kbps each
Which of the following describe the channels and data transfer rates used for ISDN BRI? (Select two.)
A program that performs a malicious activity at a specific time or after a triggering event.
Which of the following describes a logic bomb?
A false server intercepts communications from a client by impersonating the intended server.
Which of the following describes a man-in-the-middle attack?
An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.
Which of the following describes how access lists can be used to improve network security?
POTS
Which of the following describes the lines used in the local loop for dial-up telephone access?
Demarc
Which of the following describes the point where the service provider's responsibility to install and maintain wiring and equipment ends, and the customer's responsibility begins?
Load balancer
Which of the following devices accepts incoming client requests and distributes those requests to specific servers?
IDS
Which of the following devices can monitor a network and detect potential security attacks?
Hub
Which of the following devices does not segment the network?
IPS
Which of the following devices is capable of detecting and responding to security threats?
Switch
Which of the following devices is used on a LAN and offers guaranteed bandwidth to each port?
CSU/DSU
Which of the following devices is used on a WAN to convert synchronous serial signals into digital signals?
Switch Network Interface Card
Which of the following devices operate at OSI model Layer 2? (Select two.)
Switches Bridges Network Interface Cards
Which of the following devices operate at the Data Link layer of the OSI model? (Select three.)
Hub
Which of the following devices operates at the OSI model Layer 1?
Switch
Which of the following devices operates at the OSI model Layer 2?
MAC filtering
Which of the following do switches and wireless access points use to control access through a device?
Wiring schematic
Which of the following documents would likely identify that drop cables on your network use the T568A standard?
ACL
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?
Can be implemented on a standard production network with other network traffic.
Which of the following does not accurately describe an iSCSI SAN?
Configure a guest access WLAN that uses open authentication and isolates guest WLAN traffic from other clients on the same access point.
Which of the following enterprise wireless configuration strategies best keeps public wireless access separate from private wireless access?
Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.
What is the main difference between vulnerability scanning and penetration testing?
128 Kbps
What is the maximum data rate of an ISDN BRI line?
Cat 5e
What is the minimum cable specification that supports 1000 Mbps Ethernet?
Lack of user awareness
What is the most common security policy failure?
Conducting user awareness training
What is the most effective means of improving or enforcing security in any environment?
255.255.0.0 169.254.0.0
What is the network address and subnet mask used by APIPA? (Select two.)
Expands the area visible to security guards.
What is the primary benefit of CCTV?
Awareness
What is the primary countermeasure to social engineering?
One is more active, and the other is more passive.
What is the primary difference between impersonation and masquerading?
Self-replicates
What is the primary distinguishing characteristic between a worm and a logic bomb?
Maintaining business operations with reduced or restricted
What is the primary goal of business continuity planning?
Test the effectiveness of your security perimeter.
What is the primary purpose of penetration testing?
They are vulnerable to exploits due to weaker security.
What is the risk associated with smart technology used in networked devices such as smart refrigerators, environmental controls, or industrial equipment?
155 Mbps
What is the speed of an OC-3 connection?
Multiple networks can be connected to a single interface.
What key advantage does a virtual router have over a physical router?
CSU/DSU
What must you install between your network and a T1 line for your network to use the T1 line?
SMTP
What protocol sends email to a mail server?
To identify the coverage area and preferred placement of access points To identify existing or potential sources of interference.
What purposes does a wireless site survey fulfill? (Choose two.)
IDS
What security mechanism can be used to detect attacks originating on the internet or from within an internal trusted subnet?
Punch down tool
What tool should you use to extend network services beyond the demarc?
Physical star/logical bus Physical star/logical star
What topology is used with 100BaseTX Fast Ethernet networks? (Select two.)
Cat5 or higher
What type of cabling is used with 100BaseTX Fast Ethernet networks?
Full virtualization
What type of virtualization completely simulates a real physical host?
An unauthorized user gaining access to sensitive resources
When a malicious user captures authentication traffic and replays it against the network later, what is the security problem you are most concerned about?
Quantitative
When analyzing assets, which analysis method assigns financial values to assets?
Trunk ports.
When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch?
Mission critical
When recovery is being performed due to a disaster, which services are to be stabilized first?
Network diagram
When troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet addresses of each connected subnet. Which type of document would most likely have this information?
Statement of work
Which business document is a contract that defines the tasks, time frame, and deliverables that a vendor must perform for a client?
netstat -s
Which command displays network activity statistics for TCP, UDP, and IP?
ip default-gateway 192.168.10.185
Which command would you use on a switch to enable management from a remote network?
Virtual switch
Which component is most likely to allow physical and virtual machines to communicate with each other?
Feasibility analysis
Which component of a change and configuration management policy identifies technical and budgetary considerations associated with a proposed change and also identifies any potential impacts to the network?
Change request
Which component of a change and configuration management policy identifies the need for a proposed change?
Rollback
Which component of a change and configuration management policy specifies options for reverting a system back to the state it was in before a change was made?
11 Mbps
Which data transmission rate is defined by the IEEE 802.11b wireless standard?
Transceiver
Which device sends signals from a computer onto a network?
ARP poisoning
Which exploit seeks to maliciously re-associate the IP address of a legitimate network host with the MAC address of the attacker's computer?
DMZ
Which firewall implementation creates a buffer network that can be used to host email or web servers?
Denial of service attack
Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?
Network interface card
Which network component connects a device to transmission media and allows the device to send and receive messages?
Packet-switched
Which network type divides transmitted data into smaller pieces and allows multiple communications on the network medium?
Circuit-switched
Which network type establishes a dedicated physical connection between two hosts in order to transmit time-sensitive data?
MPLS
Which networking technology creates virtual links between two remote network endpoints by prefixing packets with a header containing one or more labels?
Varifocal
Which of the following CCTV camera types lets zoom the focus in and out?
Infrared
Which of the following CCTV types would you use in areas with little or no light?
100BaseFX 1000BaseLX
Which of the following Ethernet standards uses fiber-optic cabling? (Select two.)
169.254.0.1 - 169.254.255.254
Which of the following IP address ranges is reserved for automatic private IP addressing?
190.65.2.0 129.0.0.0 132.12.0.0
Which of the following IP addresses are Class B addresses? (Select three.)
192.15.5.55 222.55.0.0 223.16.5.0
Which of the following IP addresses are Class C addresses? (Select three.)
191.168.2.15 168.16.5.1 129.0.0.1
Which of the following IP addresses have a default subnet mask of 255.255.0.0? (Select all that apply.)
142.15.6.1
Which of the following IP addresses is a valid IP address for a host on a public network?
POP3
Which of the following TCP/IP protocols do email clients use to download messages from a remote mail server?
ISDN BRI
Which of the following WAN technologies is a dial-up only service?
ISDN BRI
Which of the following WAN technologies provides digital dial-up connections on two 64 Kbps data channels?
Frame relay
Which of the following WAN technologies provides packet switching over high-quality digital lines at speeds greater than 1.544 Mbps?
Disable unused services.
Which of the following actions should you take to reduce the attack surface of a server?
Controlling access through a wireless access point Controlling access through a switch
Which of the following actions typically involves the use of 802.1x authentication? (Select two.)
Monitoring the audit trails on a server Listening to network traffic
Which of the following activities are considered passive in regards to the function of an intrusion detection system? (Select two.)
Running a port scanner Attempting social engineering
Which of the following activities are typically associated with a penetration test? (Select two.)
Multicast
Which of the following address types is shared by multiple hosts and used to form groups of computers that receive the same data stream?
Double-entry door Turnstile
Which of the following allows for easy exit of an area in the event of an emergency, but prevents entry? (Select two.)
Controlling access through a switch Controlling access through a wireless access point
Which of the following applications typically use 802.1x authentication? (Select two.)
Greater cable distances without a repeater Immunity to electromagnetic interference
Which of the following are advantages of using fiber optic cabling for a network? (Select two.)
Prevents switching loops from forming Identifies the optimal path between network devices. Lets you provide redundancy by using more than one connection between devices, making your network more reliable.
Which of the following are advantages of using the spanning tree protocol (STP) in network segmented bridges? (Select three.)
Easy system migration to different hardware Centralized administration
Which of the following are advantages of virtualization? (Select two.)
Provides load balancing across multiple links Negotiates the use (or lack) of authentication before starting the session Monitors data dropped on the link and avoids frame looping
Which of the following are benefits of LCP? (Select three.)
Adds labels to data units. Uses fixed-length cells of 53 bytes.
Which of the following are characteristics of ATM? (Select two.)
Distributed wireless mesh infrastructure
Which of the following enterprise wireless deployment models uses access points with enough intelligence to allow the creation of guest WLANs for keeping public wireless traffic separate from private traffic?
Spam filtering Bandwidth shaping
Which of the following features are common functions of an all-in-one security appliance? (Select two.)
Encryption
Which of the following features are supplied by WPA2 on a wireless network?
Spanning tree
Which of the following features dynamically places switch ports in blocking or forwarding states?
PoE
Which of the following features is used with digital IP phones to supply power through a switch port?
Wireless
Which of the following forms of networking are highly susceptible to eavesdropping and must be secured accordingly?
Moving data across network cables
Which of the following functions are performed at the Physical layer of the OSI model?
Block employees from accessing certain websites Cache web pages
Which of the following functions are performed by proxies? (Select two.)
End-to-end flow control Data segmentation and reassembly Reliable message delivery
Which of the following functions are performed by the OSI Transport layer? (Select three.)
Determining which ports are open on a network.
Which of the following functions can a port scanner provide?
Metropolitan area network (MAN)
Which of the following geographic network types are typically managed by a city as a public utility?
Router
Which of the following hardware devices links multiple networks and directs traffic between networks?
Repeater Hub
Which of the following hardware devices regenerates a signal out all connected ports without examining the frame or packet contents? (Select two.)
Username
Which of the following identification and authentication factors are often well-known or easily discovered by others on the same network or system?
Details on how to test and deploy patches.
Which of the following information are you likely to find in a procedure document?
Anti-passback system
Which of the following inter-facility system would prevent an access cardholder from giving their card to someone after they have gained access?
DSL
Which of the following internet connection technologies requires that the location be within a limited distance of the telephone company central office?
SDSL
Which of the following internet services provides equal upload and download bandwidth?
Honeypot
Which of the following intrusion detection and prevention systems uses fake resources to entice intruders by displaying a vulnerability, configuration flaw, or valuable data?
Supports data traffic only (no voice)
Which of the following is a characteristic of SDSL?
Encrypts the entire packet, not just authentication packets.
Which of the following is a characteristic of TACACS+?
Requires an activation mechanism to run
Which of the following is a characteristic of a virus?
All routes must be manually updated on the router.
Which of the following is a characteristic of static routing when compared to dynamic routing?
Hoax virus information emails
Which of the following is a common social engineering attack?
Mutual authentication
Which of the following is a feature of MS-CHAP v2 that is not included in CHAP?
TFTP
Which of the following is a file transfer protocol that uses UDP?
Packet filtering
Which of the following is a firewall function?
Denial of service attack
Which of the following is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?
Phishing
Which of the following is a form of attack that tricks victims into providing confidential information, such as identity information or logon credentials, through emails or websites that impersonate an online entity that the victim trusts, such as a financial institution or well-known e-commerce site?
Smurf
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?
To prevent hackers from accessing your network.
Which of the following is a good reason to install a firewall?
PKI
Which of the following is a mechanism for granting and validating certificates?
RADIUS
Which of the following is a platform independent authentication system that maintains a database of user accounts and passwords that centralizes the maintenance of those accounts?
Acceptable use policy (AUP)
Which of the following is a policy that defines appropriate and inappropriate activities and usage for company resources, assets, and communications?
Turnstiles
Which of the following is a secure doorway that can be used with a mantrap to allow easy exit, but actively prevent re-entrance through the exit portal?
IDS
Which of the following is a security service that monitors network traffic in real time or reviews the audit logs on servers looking for security violations?
Syslog
Which of the following is a standard for sending log messages to a central logging server?
Cookie
Which of the following is a text file that a website stores on a client's hard drive to track and record information about the user?
172.16.1.26 2.2.2.2
Which of the following is a valid IPv4 address? (Select two.)
FEC0::AB:9007
Which of the following is a valid IPv6 address?
AB.07.CF.62.16.BD
Which of the following is a valid MAC address?
C0-34-FF-15-01-8E
Which of the following is a valid MAC address?
A user accidentally deletes the new product designs.
Which of the following is an example of an internal threat?
Creeping privileges
Which of the following is an example of privilege escalation?
Token device, keystroke analysis, cognitive question
Which of the following is an example of three-factor authentication?
A token device and a PIN
Which of the following is an example of two-factor authentication?
Service level agreement
Which of the following is defined as a contract that prescribes the technical support or business parameters that a provider will bestow to its client?
FTP server
Which of the following is likely to be located in a DMZ?
Satellite
Which of the following is most susceptible to interference-related to atmospheric conditions?
Impersonating a user by logging on with stolen credentials
Which of the following is not a form of social engineering?
Denial
Which of the following is not a valid response to a risk discovered during a risk analysis?
One-time passwords
Which of the following is not an example of a physical barrier access control mechanism?
169.254.0.1 - 169.254.255.254
Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server?
Firewall
Which of the following is the best device to deploy if you want to protect your private network from a public untrusted network?
Firewall
Which of the following is the best device to deploy to protect your private network from a public untrusted network?
Apply only the hotfixes that apply to software running on your systems.
Which of the following is the best recommendation for applying hotfixes to your servers?
Virus
Which of the following is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found?
166.70.0.1
Which of the following is the first IP address that can be assigned to hosts on the 166.70.0.0 network using the default subnet mask?
166.70.255.254
Which of the following is the last IP address that can be assigned to hosts on the 166.70.0.0 network using the default subnet mask?
211.70.0.254
Which of the following is the last IP address that can be assigned to hosts on the 211.70.0.0 network using the default subnet mask?
Surge protector
Which of the following is the least effective power loss protection for computer systems?
The DDoS attack uses zombie computers.
Which of the following is the main difference between a DoS attack and a DDoS attack?
Signature
Which of the following is the most common detection method used by an IDS?
Password
Which of the following is the most common form of authentication?
IPsec
Which of the following is the most effective countermeasure against man-in-the middle attacks?
Keep the switch in a room that is locked by a keypad.
Which of the following is the most important way to prevent console access to a network switch?
A password, a biometric scan, and a token device
Which of the following is the strongest form of multi-factor authentication?
The central core is smaller than standard multi-mode fiber optic cabling core.
Which of the following is true about single-mode fiber optic network cabling?
It is a 48-bit address. It is typically represented by hexadecimal numbers.
Which of the following is true about the MAC address? (Select two.)
CEF is required for all MPLS-enabled Cisco routers. It can carry ATM, SONET, and Ethernet traffic.
Which of the following is true of Multiprotocol Label Switching? (Select two.)
MPLS-enabled routers switch packets based on the label information, not on the packet contents. MPLS is designed to work with many different protocols.
Which of the following is true of Multiprotocol Label Switching? (Select two.)
Groups wireless devices together into the same logical network.
Which of the following is true of a wireless network SSID?
Rootkit
Which of the following is undetectable software that allows administrator-level access?
Patch panel
Which of the following is used to terminate individual wires from a 25 pair or 100 pair cable using female RJ45 ports?
Near backup generators Near cordless phones
Which of the following locations creates the greatest amount of interference for a wireless access point? (Select two.)
Antivirus software
Which of the following measures are you most likely to implement in order to protect your system from a worm or Trojan horse?
Antivirus software
Which of the following measures are you most likely to implement to protect a system from a worm or Trojan horse?
Disable SSID broadcast
Which of the following measures will make your wireless network invisible to the casual attacker performing war driving?
External hard drives Network attached storage (NAS)
Which of the following media types can you save backup files on? (Select two.)
Use the T568A standard on one connector and the T568B standard on the other connector.
Which of the following methods would you use to create a crossover cable?
Screen lock
Which of the following mobile device security consideration disables the ability to use the device after a short period of inactivity?
IPsec
Which of the following network layer protocols provides authentication and encryption services for IP-based network traffic?
SSH
Which of the following network services or protocols uses TCP/IP port 22?
TFTP
Which of the following network services or protocols uses port 69?
Clustering
Which of the following network strategies connects multiple servers together so that if one server fails, the others immediately take over its tasks, preventing a disruption in service?
NAT
Which of the following networking devices or services prevents the use of IPsec in most cases?
Bus Star
Which of the following physical topologies are used with Ethernet networks? (Select two.)
A requirement for using encrypted communications for web transactions.
Which of the following pieces of information are you likely to find in a policy document?
49
Which of the following ports are used with TACACS?
Content filter
Which of the following prevents access based on website ratings and classifications?
ICMP
Which of the following protocols allows hosts to exchange messages to indicate problems with packet delivery?
SSL TLS
Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)
TACACS
Which of the following protocols can be used to centralize remote access authentication?
SSH
Which of the following protocols can be used to securely manage a network device from a remote connection?
PPTP L2TP
Which of the following protocols can your portable computer use to connect to your company's network via a virtual tunnel through the internet? (Select two.)
RIP
Which of the following protocols has a limit of 15 hops between any two networks?
TCP
Which of the following protocols includes extensive error checking to ensure that a transmission is sent and received without mistakes?
Session initiation protocol (SIP)
Which of the following protocols is an open source protocol used by most manufacturers of VoIP systems?
NCP
Which of the following protocols is used by PPP to enable support for multiple Network layer protocols?
SIP
Which of the following protocols is used by VoIP to set up, maintain, and terminate a phone call?
802.1x WPA IPsec
Which of the following protocols or mechanisms is used to provide security on a wireless network? (Select three.)
PPPoE
Which of the following protocols or services is commonly used on cable internet connections for user authentication?
RDP
Which of the following protocols or services would you associate with Window's Remote Desktop Services network traffic?
IMAP4
Which of the following protocols stores email on the mail server and allows users to access messages from various client devices without having to download the emails?
WPA
Which of the following provides security for wireless networks?
Place access points above where most clients are.
Which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building?
IS-IS OSPF
Which of the following routing protocols are classified as link state routing protocols? (Select two.)
OSPF
Which of the following routing protocols divides the network into areas, with all networks required to have an area 0 (area 0 identifying the backbone area)?
EIGRP
Which of the following routing protocols is classified as a hybrid routing protocol?
BGP
Which of the following routing protocols is used by routers on the internet for learning and sharing routes?
BGP
Which of the following routing protocols uses paths, rules, and policies instead of a metric for making routing decisions?
OSPF
Which of the following routing protocols uses relative link cost as the metric?
Cable modem
Which of the following services are available regardless of whether the telephone company network is available?
Dynamic DNS
Which of the following services automatically creates and deletes host records when an IP address lease is created or released?
Spanning tree
Which of the following solutions would you implement to eliminate switching loops?
Proxy
Which of the following solutions would you implement to track which websites network users are accessing?
802.11i 802.1x
Which of the following specifications identify security that can be added to wireless networks? (Select two.)
RS232
Which of the following standards is typically used in a rollover cable?
Classification occurs at Layer 3. The DiffServ field is used to add precedence values.
Which of the following statements about DSCP are true? (Select two.)
RIP uses hop counts as the cost metric.
Which of the following statements about RIP is true?
Encrypts the entire communication session. Uses port 443.
Which of the following statements about SSL VPN are true? (Select two.)
Data can be compressed at the source and decompressed at the destination. Usernames and passwords may be required during the handshake. LCP provides multilink support.
Which of the following statements about the functionality of LCP are true? (Select three.)
Anti-virus software should be configured to download updated virus definition files as soon as they become available.
Which of the following statements about the use of anti-virus software is correct?
Multiple virtual NICs can be added to a virtual machine. Virtual NICs need the appropriate driver installed to function.
Which of the following statements about virtual NICs are true? (Select two.)
Switches append a VLAN ID to the header of each frame to identify the virtual network it belongs to.
Which of the following statements accurately describes a VLAN ID?
It demodulates analog data from a telephone network into digital PC data. It modulates digital data from the PC into analog data and transmits it on a telephone network.
Which of the following statements accurately describes how a modem works? (Select two.)
Devices on the same VLAN have the same subnet address. Broadcast traffic is transmitted only within a VLAN.
Which of the following statements describe how VLANs affect broadcast traffic within an internetwork? (Select two.)
Is saved as a .vhd file.
Which of the following statements is true? A system image backup:
Use Automatic Private IP Addressing. Install a DHCP server on the network.
Which of the following strategies are used to prevent duplicate IP addresses being used on a network? (Select two.)
Route data based on logical network addresses. Maintain information about paths through an internetwork.
Which of the following tasks do routers perform? (Select two.)
Connection establishment
Which of the following tasks is associated with the Session layer?
Port forwarding
Which of the following techniques allows incoming traffic addressed to a specific port to move through a NAT router and be forwarded to a specific host?
Time division multiple access
Which of the following technologies does GSM use to allow multiple connections on the same frequency?
MPLS
Which of the following technologies uses variable-length packets, adds labels to packets as they enter the WAN cloud, and uses the labels to switch packets and prioritize traffic?
VLSM Classless
Which of the following terms are often synonymous with or made possible with CIDR? (Select two.)
Hotfix
Which of the following terms describes a Windows operating system patch that corrects a specific problem and is released on a short-term, periodic basis (typically monthly)?
Virtual sandbox
Which of the following terms describes a test lab environment that does not require the use of physical hardware?
PSTN
Which of the following terms identifies the network of dial-up telephone and long-distance lines?
MDF
Which of the following terms identifies the wiring closet in the basement or a ground floor that typically includes the demarcation point?
Measure the length of a cable. Identify the location of a fault on a cable.
Which of the following tests can be performed by a TDR? (Select two.)
arp
Which of the following tools would you use to view the MAC addresses associated with IP addresses that the local workstation has contacted recently?
Bus
Which of the following topologies connects all devices to a trunk cable?
Ring
Which of the following topologies connects each device to a neighboring device?
Star
Which of the following topologies connects each network device to a central hub?
4to6 tunneling
Which of the following tunneling methods is used to send IPv4 traffic through an IPv6 network?
Zero knowledge team
Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack?
1000BaseT
Which of the following use the CSMA/CD access method?
Penetration testing
Which of the following uses hacking techniques to proactively discover internal vulnerabilities?
110 block
Which of the following uses metal clips placed over plastic slots to connect individual copper wires?
route
Which of the following utilities would you use to view the routing table?
SSID broadcast
Which of the following wireless network protection methods prevents the broadcasting of the wireless network name?
WEP, WPA Personal, and WPA2 Personal
Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients?
Trojan horse
Which option is a program that appears to be a legitimate application, utility, game, or screensaver and performs malicious activities surreptitiously?
IANA
Which organization is responsible for allocating public IP addresses?
Pin 1 Pin 2
Which pins in an RJ45 connector are used to transmit data when used on a 100BaseT Ethernet network? (Select two.)
23
Which port does Telnet use?
161
Which port number is used by SNMP?
Switching loops from developing when redundant paths are implemented between switches.
Which problem does the spanning tree protocol prevent?
UDP 69
Which protocol and port number is used by TFTP?
SSL
Which protocol does HTTPS use to offer greater security in web transactions?
IGMP
Which protocol does an IP host use to inform a router that it wants to receive specific multicast frames?
HTTP
Which protocol is used on the World Wide Web to transmit web pages to web browsers?
HTTPS
Which protocol is used to securely browse a website?
Z-Wave
Which protocol is well known for its use in the the home security and home automation industry, uses a mesh topology, makes devices act as repeaters, and has a low data transfer rate?
SNMP
Which protocol uses traps to send notifications from network devices?
TCP 67 UDP 67
Which protocols and port numbers are used by DHCP? (Select two.)
Keep wire pairs twisted up to within one-half of an inch of the connector.
Which recommendation should you follow while using 110 blocks for connecting Cat 5 and higher data cables?
EAP
Which remote access authentication protocol allows for the use of smart cards for authentication?
Transport layer security Secure sockets layer
Which security protocols use RSA encryption to secure communications over an untrusted network? (Select two.)
Ports in a blocked state still receive BPDUs. In the learning state, the MAC address table can be populated, but frames are not forwarded.
Which statements accurately describe the port states of both bridges and switches? (Select two.)
VLAN PoE
Which switch features are typically used with VoIP? (Select two.)
160 MHz bonded channels Eight MIMO radio streams
Which technologies are used by the 802.11ac standard to increase network bandwidth? (Select two.)
It uses existing telephone lines for digital data transmission. It can be used to transmit multiple data types on the same line (data, voice, video, and so on). It has faster connect times than traditional dial-up access.
Which three of the following are advantages of ISDN BRI?
Star Ring Bus
Which topologies is a CAN able to use? (Select three.)
It can deliver other configuration information in addition to IP addresses. A DHCP server assigns addresses to requesting hosts.
Which two of the following statements about the dynamic host configuration protocol (DHCP) are true?
Spoofing
Which type of activity changes or falsifies information in order to mislead or re-direct traffic?
Unicast
Which type of address is the IP address 198.162.12.254/24?
Multicast
Which type of address is the IP address 232.111.255.250?
Unicast
Which type of address is used in a packet to address the packet to a single host?
DNS poisoning
Which type of denial of service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses?
RADIUS server
Which type of device is required to implement port authentication through a switch?
Wiring schematic
Which type of documentation would you consult to find the location of RJ45 wall jacks and their endpoints in the intermediate distribution closet?
Coaxial cable
Which type of internet service uses the DOCSIS specification?
Spamming
Which type of malicious activity can be described as numerous unwanted and unsolicited email messages sent to a wide range of victims?
Spyware
Which type of malware monitors your actions?
Single-mode
Which type of optical fiber is normally used to connect two buildings that are several kilometers apart?
Angled Physical Contact (APC)
Which type of polish grade uses green-colored connectors to help you keep from using the wrong connector type?
Port security
Which type of security uses MAC addresses to identity devices that are allowed or denied a connection to a switch?
Multilayer switch
Which type of switch optimizes network performance by using ASIC to perform switching at wire speed?
DS
Which wireless networking component is used to connect multiple APs together?
Adware
While browsing the internet, you notice that the browser displays ads linked to recent keyword searches you have performed. Which attack type is this an example of?
Use a different channel ID.
While configuring a new 802.11g wireless network, you discover another wireless network within range that uses the same channel ID that you intend to use. Which of the following strategies are you most likely to adopt in order to avoid a conflict between the networks?
Signal strength
You are considering using Wi-Fi triangulation to track the location of wireless devices within your organization. However, you have read on the internet that this type of tracking can produce inaccurate results. What is the most important consideration for getting reliable results when implementing this type of system?
Repeater
You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat 6a cable to connect the wiring closet to the shipping building. Which of the following should you include in your plan?
Attenuation
You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You use a single Cat6e cable to connect the wiring closet to the shipping building. Which of the following conditions are you most likely to experience?
802.11n
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 150 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standard will work best in this situation?
802.11a
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standard will work best in this situation?
802.11a 802.11n
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates at 2.4 GHz. Which 802.11 standards will work best in this situation? (Select two.)
The workstation is using NetBIOS to access shared resources on the server.
You are monitoring network traffic on your network. You see a large amount of traffic between a Windows workstation and a Windows server on the following ports: 137 138 139 What is the source of this network traffic?
PSTN
You are traveling throughout North America to many metropolitan and rural areas. Which single form of internet connectivity provides the greatest potential connectivity wherever you travel?
Obtain a certificate from a public PKI.
You have a web server that will be used for secure transactions for customers who access the website over the internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?
Load tester
You have a website that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before performance is negatively impacted. Which tool should you use?
Verify that the email was sent by the administrator and that this new service is legitimate.
You have just received a generic-looking email that is addressed as coming from the administrator of your company. The email says that as part of a system upgrade, you need enter your username and password at a new website so you can manage your email and spam using the new service. What should you do?
F-type
You have just signed up for a broadband home internet service that uses coaxial cable. Which connector type will you most likely use?
Update the signature files.
You have just installed a new network-based IDS system that uses signature recognition. What should you do on a regular basis?
Crossover
You need to connect two switches using their uplink ports. The switches do not support auto-MDI. Which type of cable should you use?
Source address of a packet destination address of a packet port number
You have just installed a packet filtering firewall on your network. Which options will you be able to set on your firewall? (Select all that apply.)
Circuit-level
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
Packet sniffer
You want to know what protocols are being used on your network. You'd like to monitor network traffic and sort traffic based on protocol. Which tool should you use?
53
You want to maintain tight security on your internal network, so you restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS, which port should you enable?
Port scanner
You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use?
Configuration documentation
You want to make sure that the correct ports on a firewall are open or closed. Which document should you check?
Multimeter
You want to measure the voltage, amps, and ohms of various devices. Which tool should you use?
Client-side scripts
You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this?
Source address of a packet Destination address of a packet Port number
You have just installed a packet filtering firewall on your network. Which options will you be able to set on your firewall? (Select all that apply.)
Apply all patches and updates Change default account passwords
You have just purchased a new network device and are getting ready to connect it to your network. Which of the following should you do to increase its security? (Select two.)
Switch
You want to reduce collisions by creating separate collision domains and virtual LANs. Which of the following devices should you choose?
172.17.128.0 172.17.0.0
You've decided to use a subnet mask of 255.255.192.0 on the 172.17.0.0 network to create four separate subnets. Which network IDs will be assigned to these subnets in this configuration? (Select two.)
Support secured communications over an untrusted network.
A VPN is used primarily for which purpose?
Clearly defines courses of action to take when a complex issue is encountered.
A code of ethics accomplishes all but which of the following?
VPN concentrator
A group of salesmen in your organization would like to access your private network through the internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?
Botnet
A group of zombie computers have been set up to collect personal information. What type of malware do the zombie computers represent?
Satellite
A healthcare organization provides mobile clinics throughout the world. Which network technology should you select to transfer patient statistical data to a central database via the internet to ensure network connectivity for any clinic located anywhere in the world, even remote areas?
100.55.255.255
A host has the address 100.55.177.99/16. Which of the following is the broadcast address for the subnet?
129.11.99.78/16
A host on the network has an IP address of 129.11.99.78 using the default subnet mask. How would you identify the address and mask using CIDR notation?
ARP
A host wants to send a message to another host that has the IP address 115.99.80.157. IP does not know the hardware address of the destination device. Which protocol can be used to discover the MAC address?
DHCP snooping
A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organization's firewall. As a result, the switch drops the DHCP message from that server. Which security feature was enabled on the switch to accomplish this?
Dynamic ARP Inspection
A network switch is configured to perform the following validation checks on its ports: All ARP requests and responses are intercepted. Each intercepted request is verified to ensure that it has a valid IP-to-MAC address binding. If the packet has a valid binding, the switch forwards the packet to the appropriate destination. If the packet has an invalid binding, the switch drops the ARP packet. Which security feature was enabled on the switch to accomplish this task?
Posture assessment
A network utilizes a network access control (NAC) solution to protect against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called?
Remove the patch cable connecting the first switch to the third switch. Enable STP on each switch.
A new assistant network administrator was recently hired by your organization to relieve some of your workload. You assigned the assistant network administrator to replace a defective patch cable that connected port 1 on your patch panel to one of your network switches. You noticed that it took him an unusually long time to complete this task. Once done, users almost immediately began to report that the network had gone down. Upon entering the server room, you see that the assistant administrator has configured your network rack as shown in the Exhibit. What should you do? (Choose two. Each response is a complete solution.)
Policy
A new law was recently passed that states that all businesses must keep a history of the emails sent between members of the board of directors. You need to ensure that your organization complies with this law. Which document type would you update first in response to this new law?
Buffer overflow
A programmer that fails to check the length of input before processing, leaves his code vulnerable to what form of common attack?
Privilege escalation
A relatively new employee in the data entry cubical farm was assigned a user account similar to that of all of the other data entry employees. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates that which of the following has occurred?
Wait for convergence to take place.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. What should you do?
Forward the packet to the next hop router specified by the route to network 0.0.0.0.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The router is also configured with a static route of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
Drop the packet.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. There is no default route configured on the router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
Spoofing
A router on the border of your network detects a packet with a source address that is from an internal client, but the packet was received on the internet-facing interface. This is an example of which attack form?
Identify possible effects of the solution.
A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the router back online. After doing some research, you find that the most likely cause of the problem is a bug in the router software. A new patch is available from the manufacturer that is supposed to eliminate the problem. What should you do next?
Configure the browser to send HTTPS requests through the VPN connection. Configure the VPN connection to use IPsec.
A salesperson in your organization spends most of her time traveling between customer sites. After a customer visit, she must complete various managerial tasks, such as updating your organization's order database. Because she rarely comes back to your home office, she usually accesses the network from her notebook computer using Wi-Fi access provided by hotels, restaurants, and airports. Many of these locations provide unencrypted public Wi-Fi access, and you are concerned that sensitive data could be exposed. To remedy this situation, you decide to configure her notebook to use a VPN when accessing the home network over an open wireless connection. Which key steps should you take when implementing this configuration? (Select two.)
Active fingerprinting
A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to the wireless network and then uses NMAP to probe various network hosts to see which operating system they are running. Which process did the administrator use in the penetration test in this scenario?
Passive fingerprinting
A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts. Which process did the administrator use in the penetration test in this scenario?
Whaling
A senior executive reports that she received a suspicious email concerning a sensitive internal project that is behind production. The email was sent from someone she doesn't know, and he is asking for immediate clarification on several of the project's details so the project can get back on schedule. Which type of an attack best describes the scenario?
The UTM represents a single point of failure.
A small startup company has hired you to harden their new network. Because funds are limited, you have decided to implement a unified threat management (UTM) device that provides multiple security features in a single network appliance: Firewall VPN Anti-spam Antivirus You join the UTM device to the company's Active Directory domain. The company's traveling sales force will use the VPN functionality provided by the UTM device to connect to the internal company network from hotel and airport public Wi-Fi networks. Which weaknesses exist in this implementation?
Remote wipe
A smart phone was lost at the airport. There is no way to recover the device. Which if the following will ensure data confidentiality on the device?
Data Link
A switch is associated with which OSI model layer?
It uses the source MAC address and network segment information to build its bridge database, but does not forward the message.
A switch is running STP is in the learning state. A message destined for a different network segment arrives at the switch. Which of the following best describes what the switch will do?
Send it out all ports except for the port it was received on.
A switch receives a frame addressed to the MAC address FF:FF:FF:FF:FF:FF. What will the switch do with the frame?
Blocking
A switch running STP is classified as a backup bridge. What state is it in?
It does not record address or segment information. It does not forward the message.
A switch running STP is in the listening state. A message destined for a different network segment arrives at the switch. Which of the following best describes what the switch will do?
The user is out of the effective range of the wireless access point on her floor.
A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While talking to her, you discover that she is trying to work from the coffee room two floors above the floor where she normally works. What is the most likely cause of her connectivity problem?
Replace the network card in the user's computer.
A user from the sales department calls to report that he is experiencing problems connecting to the sales file server. All users in the sales department connect to the sales server through a single Ethernet switch. No other users have reported problems connecting to the sales server. Which of the following troubleshooting actions are you most likely to perform first?
Identify the results and effects of the solution.
A user is unable to connect to the network. You investigate the problem and determine that the network adapter is defective. You replace the network adapter and verify that it works. What should you do next?
Require users to set a stronger password upon initial logon. Train users not to use passwords that are easy to guess.
A user named Bob Smith has been assigned a new desktop workstation to complete his day-to-day work. The computer runs Windows 7. When provisioning Bob's user account in your organization's domain, you assigned an account name of BSmith with an initial password of bw2Fs3d. At his first logon, Bob is prompted to change his password, so he changes it to Fido, the name of his dog. What should you do to increase the security of Bob's account? (Select two.)
The client system has moved too far away from the access point.
A user on your network has been moved to another office down the hall. After the move, she calls you complaining that she has only occasional network access through her wireless connection. Which of the following is most likely the cause of the problem?
Incorrect DNS server address
A user reports that he can't browse to a specific website on the internet. From his computer, you find that a ping test to the web server succeeds. A traceroute test shows 17 hops to the destination web server. What is the most likely cause of the problem?
Identify the affected areas of the network.
A user reports that he can't connect to a specific website. You go to the user's computer and reproduce the problem. What should you do next?
Duplex mismatch
A user reports that network access from her workstation is very slow. The problem does not seem to be affecting any other users. Which of the following conditions is the most likely cause?
Determine what has changed.
A user reports that she can't connect to a server on your network. You check the problem and find out that all users are having the same problem. What should you do next?
Create an action plan.
A user reports that she can't connect to the Internet. After some investigation, you find that the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point. What should you do next?
Ethernet bonding
A web server on your network hosts the public website for your company. You want to make sure that a failure of the NIC in the server does not prevent the website from being accessible on the internet. Which solution should you implement?
The switch attempts to sense the link speed. If it can't, the slowest link speed supported on the interface is selected. If the link speed is 1000 Mbps or faster, full-duplex is used. If the link speed is 10 Mbps or 100 Mbps, half-duplex is used.
A workstation is connected to a switch on the Gi 0/2 interface using a straight-through cable. The Ethernet interface in the workstation has been manually configured to use a 100 Mbps link speed in full-duplex mode.
Open port 25 to allow SMTP service.
After blocking a number of ports to secure your server, you are unable to send email. To allow email service, which of the following needs to be done?
802.11b 802.11g
After installing a new 2.4Ghz cordless phone system in your office, you notice that wireless network performance is adversely affected. Which of the following wireless networking standards are you most likely using? (Select two.)
The client system is unable to reach the DHCP server. The client system is configured to use DHCP.
After installing a new DHCP server on the network, you need to verify that network devices are receiving IP addressing via DHCP. You reboot a Windows 10 client system and using the ipconfig /all command, receive the following information: Ethernet adapter Local Area Connection 1:Description . . . . . . . . . . . : Intel(R) Ethernet ConnectionPhysical Address. . . . . . . . . : 02-00-4C-4F-3F-50DHCP Enabled. . . . . . . . . . . : YesAutoconfiguration Enabled . . . . : YesAutoconfiguration IPv4 Address. . : 169.254.25.129Subnet Mask . . . . . . . . . . . : 255.255.0.0Default Gateway . . . . . . . . . :DNS Servers . . . . . . . . . . . : Which of the following statements are true? (Select two).
CSMA/CA
All of the 802.11 standards for wireless networking support which type of communication path sharing technology?
Hub
An access point that conforms to the IEEE 802.11b standard behaves similarly to what other networking device?
Update filters to block suspect traffic. Perform reverse lookups to identify an intruder.
An active IDS system often performs which of the following actions? (Select two.)
A remote office with no on-site technician.
An all-in-one security appliance is best suited for which type of implementation?
Evil twin Pharming
An attacker is trying to compromise a wireless network that has been secured using WPA2-PSK and AES. She first tried using AirSnort to capture packets, but found that she couldn't break the encryption. As an alternative, she used software to configure her laptop to function as an access point. She configured the fake access point with the same SSID as the wireless network she is trying to break into. When wireless clients connect to her access point, she presents them with a web page asking them to enter the WPA2 passphrase. When they do, she then uses it to connect a wireless client to the real access point. Which attack techniques did the attacker use in this scenario? (Select two.)
Spam
An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware. What kind of attack has occurred in this scenario?
DDoS
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?
DNS poisoning Pharming
An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information. What kind of exploit has been used in this scenario? (Select two. Both responses are different names for the same exploit.)
Send the frame out ports two through eight.
An eight-port switch receives a frame on port number 1. The frame is addressed to an unknown device. What will the switch do?
Install two Fiber Channel host bus adapters in each server that will access the shared storage on the SAN. Deploy two FC switches. Using fiber optic cables, connect each server to each FC switch by connecting one FC HBA to one FC switch and the other FC HBA to the other FC switch. Deploy the shared storage devices, such as an external RAID device containing multiple hard disk drives and two FC HBAs. Using fiber optic cables, connect each storage device to each FC switch by connecting one FC HBA to one FC switch and the other FC HBA to the other FC switch.
Arrange the Fibre Channel (FC) SAN implementation tasks in the order they should be performed to build a redundant FC SAN.
Identify the need for a change.
Arrange the steps in the change and configuration management process on the left into correct completion order on the right.
Identify the need for a change. Conduct a feasibility analysis.
Arrange the steps in the change and configuration management process on the left into correct completion order on the right.
Identify the need for a change. Conduct a feasibility analysis. Define the procedure for implementing the change. Notify affected parties of the pending change.
Arrange the steps in the change and configuration management process on the left into correct completion order on the right.
Identify the need for a change. Conduct a feasibility analysis. Define the procedure for implementing the change. Notify affected parties of the pending change. Implement the change.
Arrange the steps in the change and configuration management process on the left into correct completion order on the right.
Identify the need for a change. Conduct a feasibility analysis. Define the procedure for implementing the change. Notify affected parties of the pending change. Implement the change. Test the implementation. Document the change.
Arrange the steps in the change and configuration management process on the left into correct completion order on the right.
Host-based IDS
As a security precaution, you have implemented IPsec between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?
Communicating with your upstream provider
As the victim of a Smurf attack, what protection measure is the most effective during the attack?
Implement end-user training.
As you are helping a user with a computer problem, you notice that she has written her password on a note stuck to her computer monitor. You check the password policy of your company and find that the following settings are currently required: Minimum password length = 10 Minimum password age = 4 Maximum password age = 30 Password history = 6 Account lockout clipping level = 3 Require complex passwords that include numbers and symbols Which of the following is the best action to take to make remembering passwords easier so that she no longer has to write the password down?
114.58.12.0 114.0.0.15 114.122.66.12
Assuming the network is indicated by the default portion of the IP address, which three of the following IP addresses belong to the Class A network 114.0.0.0? (Select three.)
Network
At which OSI layer does a router operate to forward network messages?
Layer 1
At which OSI model layer does a media converter operate?
Physical
At which layer of the OSI model do hubs operate?
Layer 3
At which of the following OSI layers does a router operate?
Reverse proxy server
Based on the diagram, which type of proxy server is handling the client's request?
SNMP
Because of an unexplained slowdown on your network, you decide to install monitoring software on several key network hosts to locate the problem. You will then collect and analyze the data from a central network host. Which protocol will the software use to detect the problem?
Protects from over-voltages Conditions the power signal
Beside protecting a computer from under-voltages, a typical UPS also performs which two actions?
Man-in-the-middle attack
Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which security concern?
Add a separate A/C unit in the server room.
Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60%, and the temperature is 80 degrees. What should you do to help reduce problems?
Computer A sends a normal frame. The first switch appends a VLAN ID to the frame. The second switch removes the VLAN ID before forwarding it to Computer B.
Computers A and B are on the same VLAN and are separated by two switches as shown in the exhibit. Computer A sends a frame to Computer B. Which of the following best describes the composition of the frame as it travels from A to B?
-1.2 dB
Consider the 850 nm multimode fiber optic cable shown below. How much loss can you expect between the transmitter and the receiver?
Class A, Class B, Class B, Class C
Consider the following IP addresses. 124.77.8.5 131.11.0.9 190.66.250.10 196.5.89.44 Which list represents the IP address class of each listed IP address?
%LINEPROTO
Consider the following log message generated on a router: *Aug 8 11:18:12.081: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down What facility generated this message?
The interface is dropping incoming packets. One cyclic redundancy check error has occurred. Several collisions have occurred
Consider the following output generated by the show interface fa0/0 command generated on a router(Choose Three)
Dig
Consider the following output. ;; res options: init recurs defnam dnsrch;;got answer:;;->>HEADER<<-opcode:QUERY, status; NOERROR,id:4;;flags: qr rd ra; QUERY:1, ANSWER:1, AUTHORITY:2, ADDITIONAL:0;;QUERY SECTION:;; westsim111.com, type = A, class = IN;;ANSWER SECTION:westsim111.com. 7h33m IN A 76.141.43.129;;AUTHORITY SECTION:westsim111.com. 7h33m IN NS dns1.deriatct111.com.westsim111.com. 7h33m IN NS dns2.deriatct222.com.;;Total query time: 78 msec;;FROM: localhost.localdomain to SERVER: default -- 202.64.49.150;;WHEN: Tue Feb 16 23:21:24 2005;;MSG SIZE sent: 30 rcvd: 103 Which of the following utilities produced this output?
PC2
Consider the network diagram shown below. Click on the item in the diagram that does not follow a standardized labeling scheme.
Collisions are occurring.
Consider the network shown in the exhibit. When you run the show interfaces command on switch1, you observe a significant number of runts on the Gi0/1 interface. What does this statistic indicate?
The device connected to the Fa0/1 interface has auto-negotiation disabled.
Consider the network shown in the exhibit. You have been experiencing intermittent connectivity issues with switch2. To check the status of the interfaces, you run the following commands:
Private addresses cannot directly communicate to hosts outside the local subnet.
CorpServ is a small company with 14 client systems and a network printer. Because there are only a limited number of networked systems, you decide to use APIPA addressing for the network. With APIPA configured, all systems are able to communicate with each other, but you are having trouble configuring Internet access. What is the likely cause of the problem?
Offers attackers a target that occupies their time and attention while distracting them from valid resources. Reveals information about an attacker's methods and gathers evidence for identification or prosecution purposes.
Creating fake resources such as honeypots, honeynets, and tarpits fulfills which of the following main intrusion detection and prevention goals? (Select two.)
Backdoor
Developers in your company have created a web application that interfaces with a database server. During development, programmers created a special user account that bypasses the normal security. What is this an example of?
The tester has detailed information about the target system prior to starting the test. The tester has the same amount of information that would be available to a typical insider in the organization. The tester has no prior knowledge of the target system. Either the attacker has prior knowledge about the target system or the administrator knows that the test is being performed. The tester does not have prior information about the system, and the administrator has no knowledge that the test is being performed.
Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.
Single broadcast domain Single broadcast domain Single broadcast domain Multiple broadcast domains Single broadcast domain Single broadcast domain Multiple broadcast domains
Drag the broadcast domain property on the left to the appropriate network device(s) on the right. Each property can be used more than once.
The clients must be configured to obtain IP addressing from a DHCP server.
Due to widespread network expansion, you have decided to upgrade the network by configuring a DHCP server. The network uses Linux, Windows, and Mac OS X client systems. You configure the server to distribute IP addresses from 192.168.2.1 to 192.168.2.100. You use the subnet mask of 255.255.255.0. After making all setting changes on the DHCP server, you reboot each client system, but they are not able to obtain an IP address from the DHCP server. Which of the following would explain the failure?
Establish and enforce a document destruction policy.
Dumpster diving is a low-tech means of gathering information that may be useful for gaining unauthorized access or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving?
1. 2.segments 3.packets 4.frames 5.bits
During TCP/IP communications between two network hosts, information is encapsulated on the sending host and decapsulated on the receiving host using the OSI model. Match the information format on the left with the appropriate layer of the OSI model on the right. (Not all layers have a matching information format.)
All network nodes except the printer will be available.
During a network infrastructure upgrade, you have replaced two 10 Mbps hubs with switches and upgraded from Category 3 UTP cable to Category 5e. During the process, you accidentally cut the Cat 5e patch cable that stretches from the network printer to the upgraded switch. What is the impact on the network?
syslog
Each of the following are tools used to check the health of a network. Which of these is typically used for managing and sending messages from one computer system to another?
ping
Examine the following output. Reply from 64.78.193.84: bytes=32 time=86ms TTL=115Reply from 64.78.193.84: bytes=32 time=43ms TTL=115Reply from 64.78.193.84: bytes=32 time=44ms TTL=115Reply from 64.78.193.84: bytes=32 time=47ms TTL=115Reply from 64.78.193.84: bytes=32 time=44ms TTL=115Reply from 64.78.193.84: bytes=32 time=44ms TTL=115Reply from 64.78.193.84: bytes=32 time=73ms TTL=115Reply from 64.78.193.84: bytes=32 time=46ms TTL=115 Which of the following utilities produced this output?
tracert
Examine the following output: 4 22 ms 21 ms 22 ms sttlwa01gr02.bb.ispxy.com [154.11.10.62]5 39 ms 39 ms 65 ms plalca01gr00.bb.ispxy.com [154.11.12.11]6 39 ms 39 ms 39 ms Rwest.plalca01gr00.bb.ispxy.com [154.11.3.14]7 40 ms 39 ms 46 ms svl-core-03.inet.ispxy.net [205.171.205.29]8 75 ms 117 ms 63 ms dia-core-01.inet.ispxy.net [205.171.142.1] Which of these commands produced this output?
netstat
Examine the following output: Active ConnectionsProto Local Address Foreign Address StateTCP SERVER1:1036 localhost:4832 TIME_WAITTCP SERVER1:4798 localhost:1032 TIME_WAITTCP SERVER1:1258 pool-141-150-16-231.mad.east.ttr:24076 CLOSE_WAITTCP SERVER1:2150 cpe-66-67-225-118.roc.res.rr.com:14100 ESTABLISHEDTCP SERVER1:268 C872c-032.cpe.net.cale.rers.com:46360 ESTABLISHEDTCP SERVER1:2995 ip68-97-96-186.ok.ok.cox.net:23135 ESTABLISHED Which of the following utilities produced this output?
nslookup
Examine the following output: Server: to.xct.mirrorxhq.netAddress: 209.53.4.130Name: westxsim.comAddress: 64.78.193.84 Which of the following utilities produced this output?
RG-59 RG-6
F-type connectors are typically used with which of the following cable standards? (Select two.)
Use cable locks to chain the laptops to the desks.
Five salesmen who work out of your office. They frequently leave their laptops laying on the desk in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best way to address your concerns?
80 for HTTP; 443 for SSL
Haley configures a website using Windows Server 2016 default values. What are the HTTP port and SSL port settings?
QoS can be configured on network devices to give priority to VoIP traffic.
How can QoS be configured so that large data transfers will not block VoIP calls by using too much network bandwidth?
Publish and enforce clearly written security policies Educate employees on the risks and countermeasures
How can an organization help prevent social engineering attacks? (Select two.)
When a frame enters a port, the source MAC address is copied from the frame header.
How do switches and bridges learn where devices are located on a network?
A proxy server operates at the Application layer, while a packet filtering firewall operates at the Network layer.
How does a proxy server differ from a packet filtering firewall?
23
How many total channels are available for 802.11a wireless networks?
11
How many total channels are available for 802.11g wireless networks?
ESP AH
IPsec is implemented through two separate protocols. What are these protocols called? (Select two.)
Negligence
If an organization shows sufficient due care, which burden is eliminated in the event of a security breach?
The DHCP server renews an IP address lease. The ipconfig /registerdns command is entered on a workstation.
If dynamic DNS is being used, which of the following events will cause a dynamic update of the host records? (Select two.)
Terminate the intruder's session.
If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?
Initiators
In a SAN implementation, the servers that connect to shared storage devices are called __________.
A strong password policy
In a variation of a brute force attack, an attacker may use a predefined list (dictionary) of common usernames and passwords to gain access to existing user accounts. Which countermeasure best addresses this issue?
Regularly test restoration procedures.
In addition to performing regular backups, what must you do to protect your system from data loss?
132.70.254.15
In an IP addressing scheme that uses default subnet masks, which of the following IP addresses can you assign to a host?
Routes messages between networks
In the OSI model, what is the primary function of the Network layer?
Enabling communication between network clients and services Integrating network functionality into the host operating system
In the OSI model, which of the following functions are performed at the Application layer? (Select all that apply.)
Encrypt and compress data Specify data format (such as file formats)
In the OSI model, which of the following functions are performed at the Presentation layer? (Select two.)
Downloading a file
In the output of the netstat command, you notice that a remote system has made a connection to your Windows Server 2016 system using TCP/IP port 21. Which of the following actions is the remote system most likely performing?
A Cname PTR AAAA MX
Listed below are several DNS record types. Match the record type on the left with its function on the right.
Something you know Something you have Something you know Something you are Something you are Something you have Something you know Something you are Somewhere you are Something you do
Match the authentication factor types on the left with the appropriate authentication factor on the right. Each authentication factor type can be used more than once.
Background Best effort (default) Excellent effort Critical applications Video (< 100ms latency) Voice (< 10ms latency) Internetwork control Network control
Match the class of service (COS) priority on the left with its corresponding value on the right.
Download and install the Intune client software on the mobile device. Enroll the devices with the Intune service.
Many of the end users in your organization are bringing their own personal mobile devices to work and are storing sensitive data on them. To prevent the data from being compromised, you create a cloud-based Microsoft Intune account and configure mobile device security policies. You now need to apply those security policies to the end users' mobile devices. What should you do? (Select two. Each response is a part of the complete solution.)
nslookup
Mary calls to tell you that she can't connect to an intranet server called WebSrv1. From her computer, you ping the server's IP address. The ping test is successful. Which tool would you use on her workstation next to troubleshoot the problem?
Specify where and when mobile devices can be possessed in your acceptable use policy. Specify where and when mobile devices can be possessed in your acceptable use policy. Enroll devices in a mobile device management system. Implement a network access control (NAC) solution. Enroll devices in a mobile device management system.
Match each bring your own device (BYOD) security concern on the right with a possible remedy on the left. Each remedy may be used once, more than once, or not at all.
17 11 13 15 12 16
Match each decimal value on the left with the corresponding hexadecimal value on the right. Not all decimal values have a corresponding hexadecimal value.
Provides cloud services to just about anyone. Provides cloud services to a single organization. Allows cloud services to be shared by several organizations. Integrates one cloud service with other cloud services.
Match each description on the left with the appropriate cloud technology on the right.
SLA BPO MOU ISA SLA BPO
Match each interoperability agreement document on the left with the appropriate description on the right. Each document may be used once, more than once, or not at all.
1.Application 2.Network Access 3.Application 4.Application 5.internet 6.host to host
Match each layer of the TCP/IP model on the left with the corresponding layer of the OSI model on the right. Each option on the left can be used more than once.
War dialing Wardriving Banner grabbing Firewalking
Match each network enumeration technique on the left with its corresponding description on the righ
Protected cable distribution Door locks Perimeter barrier Safety Protected cable distribution Physical access control Safety Perimeter barrier
Match each physical security control on the left with an appropriate example of that control on the right. Each security control may be used once, more than once, or not at all.
In-band management Out-of-band management In-band management Out-of-band management In-band management
Match each switch management method on left with its corresponding characteristics on the right. Each method may be used once, more than once, or not at all.
Ongoing operations Off-boarding Onboarding Off-boarding Onboarding Onboarding Ongoing operations
Match each third-party integration phase on the left with the tasks that need to be completed during that phase on the right. Each phase may be used once, more than once, or not at all.
ping pathping traceroute6 tracert ping -6
Match each troubleshooting command on the left with its function on the right. Each utility may be used once, more than once, or not at all. Tests connectivity between two network hosts by sending IPv4 ICMP Echo Request packets without modifying the TTL parameter.
Intelligent AP Lightweight AP Intelligent AP
Match each type of access point on the left with the wireless network architecture where it is commonly used on the right. Each type of access point may be used once, more than once, or not at all.
Unmanaged switch Managed switch Managed switch Unmanaged switch Managed switch Managed switch
Match each type of switch on the left with its corresponding characteristics on the right. Each switch type may be used once, more than once, or not at all.
Wireless controller Wireless controller Consumer-grade (SOHO) wireless router Consumer-grade (SOHO) wireless router Wireless controller
Match each wireless device on the left with its corresponding characteristics on the right. Each device may be used once, more than once, or not at all.
Signal to noise ratio Spectrum analysis Received signal level Bounce Device saturation
Match each wireless term or concept on the left with its associated description on the right. Each term may be used more than once; not all descriptions have a matching term.
VTY SDM Console
Match the Cisco device password type on the left with its function on the right.
Port Aggregation Protocol (PAgP) Link Aggregation Control Protocol (LACP) Link Aggregation Control Protocol (LACP) Port Aggregation Protocol (PAgP) Link Aggregation Control Protocol (LACP)
Match the EtherChannel protocol on the left with its characteristics on the right. Each protocol may be used once, more than once, or not at all.
The entire 128-bit address and all other configuration information is statically assigned to the host. The prefix is statically assigned, and the interface ID is derived from the MAC address. Clients automatically generate the interface ID and learn the subnet prefix and default gateway through the neighbor discovery protocol (NDP). Provides each client with an IP address, default gateway, and other IP configuration information. Supplies the client with the DNS server IP address only. Does not provide the client with an IP address, and does not track the status of each client.
Match the IPv6 address configuration method on the right with its definition on the left.
An attacker sends an email pretending to be from a trusted organization, asking users to access a website to verify personal information. An attacker gathers personal information about the target individual, who is a CEO. An attacker gathers personal information about the target individual in an organization. An attacker searches through an organization's trash for sensitive information. An attacker enters a secure building by following an authorized employee through a secure door without providing identification. An attacker uses a telephone to convince target individuals to reveal their credit card information.
Match the social engineering description on the left with the appropriate attack type on the right.
Moving virtual machines between hypervisor hosts Verifying that security controls are working as designed. Performing a physical-to-virtual migration (P2V). Isolating a virtual machine from the physical network.
Match the virtualization feature on the right with the appropriate description on the left.
Roaming LWAPP Device density VLAN pooling Heat map Wireless bridge Heat map Goodput
Match the wireless networking term or concept on the left with its appropriate description on the right. Each term may be used once, more than once, or not at all.
FHSS DSSS OFDM
Match the wireless signaling method on the left with its definition on the right. (Not all of the signaling methods match a definition.)
NAC
Members of the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use?
Set access point B to use 802.11n wireless networking. Set the channel used by access point B to 11
Mobile devices in your organization use the access points shown in the figure below to connect to your wireless network. Recently, a catastrophic early morning power surge occurred. It was followed by an outage that lasted longer than your backup equipment could supply temporary power. After you powered the equipment back on, everything initially appeared to work correctly. However, ever since this event, some mobile users report that wireless network connections sometimes get dropped or perform very poorly. What should you do? (Select two.)
GPS Wi-Fi triangulation Cell phone tower triangulation IP address resolution
Most mobile device management (MDM) systems can be configured to track the physical location of enrolled mobile devices. Arrange the location technology on the left in order of accuracy on the right, from most accurate to least accurate.
Single-mode fiber optic
Of the following cables, which offer the best protection against EMI?
DMZ
Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted internet?
Direct him to the front entrance and instruct him to check in with the receptionist.
On your way into the back entrance of the building at work one morning, a man dressed as a plumber asks you to let him in so he can fix the restroom. What should you do?
Improve and hold new awareness training.
Over the last month, you have noticed a significant increase in the occurrence of inappropriate activities performed by employees. What is the best first response step to take in order to improve or maintain the security level of the environment?
Periodic reviews must be conducted to detect malicious activity or policy violations.
Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. What step must be taken to ensure that the information is useful for maintaining a secure environment?
Transference
Purchasing insurance is what type of response to risk?
Authenticating remote clients before access to the network is granted.
RADIUS is primarily used for what purpose?
A duplex mismatch exists with the device on the other end of the connection.
Review the output from the show interfaces fa0/1 command on the switch2 switch in the exhibit. What is wrong with the fa0/1 interface in this example?
RouterA(config)#int s1 RouterA(config-if)#encap ppp RouterA(config-if)#ppp auth chap RouterA(config)#username RouterB password cisco
RouterA is connected to RouterB through Serial1. You want to configure the link to use PPP with CHAP authentication with a password of cisco. Which set of commands would you use on RouterA to complete the configuration?
A broadcast storm occurs when there are so many broadcast messages on the network that they approach or exceed the network bandwidth.
Select the statement that best describes a broadcast storm.
Listening
Switches running STP are in the process of exchanging BPDUs and redefining their roles. Which port state are the switches currently in?
SSH
Telnet is inherently insecure because its communication is in plaintext and is easily intercepted. Which of the following is an acceptable alternative to Telnet?
LLC MAC
The Data Link Layer of the OSI model is comprised of two sublayers. What are they? (Select two.)
Enter global configuration mode-conf t Enter interface configuration mode-int fa0/0 Enable the interface-no shut Verify that the interface is enabled-show interface status
The FastEthernet 0/0 interface on a switch is currently disabled. You need to enable it so a workstation can be connected to it. Drag the command on the left to the appropriate configuration step on the right. It is possible that not all commands are required.
RIP is a classful protocol, while RIPv2 is a classless protocol.
What is the main difference between RIP and RIPv2?
CSMA/CD
The media access control method of all Ethernet networks is __________.
Implement a guest network.
The owner of a hotel has contracted you to implement a wireless network to provide internet access for patrons. The owner has asked that you implement security controls so that only paying patrons are allowed to use the wireless network. She wants them to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at check-in, they should then be allowed full access to the internet. If a patron does not provide the correct code, they should not be allowed to access the internet. Under no circumstances should patrons be able to access the internal hotel network where sensitive data is stored. What should you do?
Metric
When multiple routes to a destination exist, what is used to select the best possible route?
Channel 1
To optimize your network, you want to configure your wireless AP to use a channel that meets the following criteria: Non-overlapping Low utilization Low interference You performed a spectrum analysis to identify 2.4 GHz wireless channel utilization, as shown in the exhibit. (To read the spectrum analysis, imagine a line coming down from the center of the highest point of each wave. For example, the four waves whose crests are over channel 11 belong to channel 11.) Based on the results, which channel should you configure your wireless AP to use?
Configure the software to automatically download the virus definition files as soon as they become available.
To tightly control the anti-malware settings on your computer, you elect to update the signature file manually. Even though you vigilantly update the signature file, the machine becomes infected with a new type of malware. Which of the following actions would best prevent this scenario from occurring again?
On SLC, change the username password to chocolate.
Two routers with the host names SLC and PROVO have been configured to connect using PPP with CHAP authentication through their BRI0 interfaces. Attempts to establish a session between the two routers fail. You check the running configuration on both routers and find the output shown below: hostname SLCenable password ciscousername PROVO password vanilla!!interface Serial0ip address 172.16.55.129 255.255.255.252encapsulation pppppp authentication chap! ! - remaining output omitted -- hostname PROVOenable password ccnausername SLC password chocolate!!interface Serial0ip address 172.16.55.130 255.255.255.252encapsulation pppppp authentication chap! ! - remaining output omitted -- What should you do to correct the problem?
If the network is connected to the Internet using multiple ISPs.
Under which of the following circumstances might you implement BGP on your company network and share routes with Internet routers?
Faulty network card
Upon conducting a visual inspection of the server room, you see that a switch displays LED collision lights that are continually lit. You check the LED on the corresponding workstation and see that it is flashing rapidly even though it is not sending or receiving network traffic at that time. What is the cause of the network collisions?
Unified communication
Upper management has asked you if there is a way to integrate phone calls, emails, and instant messaging into a single platform. Which of the following systems should you recommend?
Phishing
Users on your network report that they have received an email stating that the company has just launched a new website. The email asks employees to click the website link in the email and log in using their username and password. No one in your company has sent this email.
DB25 DB9 RJ45 RJ11 LC BNC F-Type
Use the exhibit to match the connector type on the left with the corresponding letter on the right.
Install shielded cables near the elevator.
Users are complaining that sometimes network communications are slow. You use a protocol analyzer and find that packets are being corrupted as they pass through a switch. You also notice that this only seems to happen when the elevator is running. What should you do?
Phishing
Users in your organization receive email messages that inform them that suspicious activity has been detected on their bank account. They are directed to click a link in the email to verify their online banking username and password. The URL in the link is in the .ru top-level DNS domain. What kind of attack has occurred?
A worm can replicate itself while a virus requires a host for distribution.
What is the main difference between a worm and a virus?
The IDS logs all pertinent data about the intrusion. An alert is generated and delivered via email, the console, or an SNMP trap.
What actions can a typical passive intrusion detection system (IDS) take when it detects an attack? (Select two.)
IP-PBX VoIP PBX
What are other names for a VoIP server? (Select two.)
OSPF requires an area 0, while IS-IS does not.
What are the main differences between the OSPF and IS-IS routing protocols?
Authentication
What are the most common network traffic packets captured and used in a replay attack?
LCP, authentication, NCP
What connection order would two TCP/IP routers use to open a session with PPP?
Switch
What device is used to create a physical star topology?
Answers connection requests in such a way that the attacking computer is stuck for a period of time.
What does a tarpit specifically do to detect and prevent intrusion into your network?
Potential attack activity compared to a database of known attacks.
What does an IDS that uses signature recognition use to identify attacks?
Configure the switch to obtain an IP address from a DHCP server.
What does the ip address dhcp command allow you to do?
The first router in the path to the destination network.
What information does the next hop entry in a routing table identify?
A guarantee of a specific level of service.
What is a service level agreement (SLA)?
A software application that runs on a computer or other device that accesses a VoIP server to make real-time phone calls.
What is a soft phone?
Asynchronous attack
What is another name for a logic bomb?
Source address
What is modified in the most common form of spoofing on a typical IP packet?
Long-distance PSTN charges can be reduced by switching VoIP calls to the PSTN in locations where only local call charges would be incurred.
What is one benefit of placing VoIP gateways in geographically separated branch offices that have an existing WAN connection?
Changing or falsifying information in order to mislead or re-direct traffic
What is spoofing?
202.64.49.150
What is the IP address of the DNS server that performed this name resolution?
Coordinates rules for transmitting bits.
What is the basic purpose of the OSI Physical layer?
10000011.00001001.11001010.01101111
What is the binary format for the following decimal IP address? 131.9.202.111
206.58.170.67
What is the decimal format of the following binary IP address? 11001110.00111010.10101010.01000011
255.255.255.0
What is the default subnet mask for the IP address 203.111.3.3?
5.75 GHz
What is the frequency of 802.11a networking?
USB devices
What is the greatest threat to theft of data in most secure organizations?
Near a window
What is the least secure place to locate an access point with an omni-directional antenna when creating a wireless cell?
Close all ports; open only ports required by applications inside the DMZ
When designing a firewall, what is the recommended approach for opening and closing port
Packets
When implementing a Multiprotocol Label Switching (MPLS) WAN, which data unit is managed by the routers at different sites?
When the cost of protecting the asset is greater than the potential loss.
When is choosing to do nothing about an identified risk acceptable?
Identify the problem. Establish a theory of probable cause. Test the theory to determine the cause. Establish a plan of action. Implement the solution or escalate. Verify full system functionality. Document findings, actions, and outcomes.
When troubleshooting network issues, it's important to carry out tasks in a specific order. Drag the trouble shooting task on the left to the correct step on the right.
Ticket
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the user's identity to the target system?
When VoIP data consumes too large a portion of your network bandwidth. When sound quality is poor.
When would you consider changing the codec used in your VoIP system? (Select two.)
When connecting a phone to a phone line
When would you typically use an RJ11 connector?
Drive-by download
When you browse to a website, a pop-up window tells you that your computer has been infected with a virus. You click on the window to see what the problem is. Later, you find out that the window has installed spyware on your system. What type of attack has occurred?
Switch port
When you configure VLANs on a switch, which of the following is used to identify a device's VLAN membership?
4
Which Class of Service (COS) priority value should be assigned to a video conference call?
1000BaseLX
Which Gigabit Ethernet standard can support long network segments up to a maximum of 5 km when used with single-mode fiber optic cable?
1000BaseSX
Which Gigabit Ethernet standard uses multimode fiber optic cabling and supports network segments up to a maximum of 550 meters long?
Signature-based
Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities listed in a database?
802.11b
Which IEEE standard describes wireless communication?
802.11a 802.11g
Which IEEE wireless standards specify transmission speeds up to 54 Mbps? (Select two.)
Transport
Which OSI model layer is responsible for guaranteeing reliable message delivery?
ping
Which TCP/IP utility gives you the following output?(Reply)
netstat -r
Which TCP/IP utility gives you the following output?(Route Table)
nbtstat -c
Which TCP/IP utility gives you the following output?(Unique)
netstat -a
Which TCP/IP utility gives you the following output?(active connections)
ipconfig
Which TCP/IP utility gives you the following output?(ethernet adapter)
arp
Which TCP/IP utility gives you the following output?(interface)
arp -a
Which TCP/IP utility gives you the following output?(internet address)
tracert
Which TCP/IP utility gives you the following output?(ms)
VoIP server
Which VoIP device helps establish the connection between two VoIP phones?
ISDN DSL
Which WAN connection types use digital communications over POTS? (Select two.)
DSL ISDN
Which WAN connection types use digital communications over public telephone lines? (Select two.)
Multicast
Which address type is used for a video conference call consisting of multiple participants?
Master service agreement
Which business document is a contract that defines a set of terms that will govern future agreements between two parties?
Cloud computing is software, data access, computation, and storage services provided to clients through the internet. Typical cloud computing providers deliver common business applications online that are accessed from another web service or software like a web browser. The term "cloud" is used as a synonym for the internet.
Which of the following are true regarding cloud computing? (Select three.)
The number of broadcast domains increases. The number of collision domains remains the same.
Which of the following are true regarding using multiple VLANs on a single switch? (Select two.)
One or more NICs A minimal network OS
Which of the following are typical components of a NAS device? (Select two.)
Termination Background checks
Which of the following are typically associated with human resource security policies? (Select two.)
Ticket granting server Time server
Which of the following are used when implementing Kerberos for authentication and authorization? (Select two.)
141:0:0:0:15:0:0:1 6384:1319:7700:7631:446A:5511:8940:2552
Which of the following are valid IPv6 IP addresses? Select all that apply.
PAT
Which of the following associates a port number with a host on a private network?
Buffer overflow
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?
ARP poisoning
Which of the following attacks tries to associate an incorrect MAC address with a known IP address?
MAC flooding
Which of the following attacks, if successful, causes a switch to function like a hub?
Kerberos
Which of the following authentication methods uses tickets to provide single sign-on?
You can create multiple broadcast domains.
Which of the following benefits apply only to creating VLANs with switches and not to segmenting the network with regular switches?
OSPF is a classless link state routing protocol.
Which of the following best describes OSPF?
It connects multiple cable segments (or devices) and forwards frames to the appropriate segment.
Which of the following best describes how a switch functions?
Multiple authentication credentials may be required, but they are all of the same type.
Which of the following best describes one-factor authentication?
It monitors the actions you take on your machine and sends the information back to its originating source.
Which of the following best describes spyware?
Devices on the same network logically grouped as if they were on separate networks.
Which of the following best describes the concept of a VLAN?
An ICMP packet larger than 65,536 bytes
Which of the following best describes the ping of death exploit?
PaaS delivers everything a developer needs to build an application onto the cloud infrastructure.
Which of the following best describes the platform as a service (PaaS) cloud computing service model?
Subnets divide an IP network address into multiple network addresses.
Which of the following best describes the purpose of using subnets?
Cat 6
Which of the following cable types often includes a solid plastic core that keeps the twisted pairs separated?
RG-6
Which of the following cables offers the best protection against EMI?
Deploy a mantrap
Which of the following can be used to stop piggybacking from occurring at a front entrance where employees swipe smart cards to gain entry?
GRE
Which of the following can route Layer 3 protocols across an IP network?
HSPA+ EDGE 4G LTE
Which of the following cellular network types provide internet connectivity? (Choose four.)
LTE HSPA+
Which of the following cellular network types use MIMO to increase 3G data throughput? (Select two.)
SaaS
Which of the following cloud computing solutions will deliver software applications to a client either over the internet or on a local area network?
route print
Which of the following commands would display the output shown here?(route table)
An application-specific integrated circuit
Which of the following components do switches use to optimizes network performance by performing switching operations in hardware rather than using the CPU and software?
Switch
Which of the following connectivity hardware is used to create a VLAN?
RJ11 RJ45
Which of the following connector types are used with UTP cables? (Select two.)
RJ48c
Which of the following connector types would you most likely use to connect to a T1 WAN service?
MTRJ LC
Which of the following connectors are used with fiber optic cables and include both cables in a single connector? (Select two.)
Serial
Which of the following connectors is typically used on one end of a rollover cable?
RJ45
Which of the following connectors is used with Ethernet 100BaseT networks?
ST
Which of the following connectors is used with fiber optic cables and requires that you use a twisting motion to connect it?
ST SC
Which of the following connectors usually require polishing as part of the assembly process? (Select two.)
Locks on doors
Which of the following controls is an example of a physical access control method?
Backdoor
While developing a network application, a programmer adds functionally that allows her to access the running program without authentication to capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application. Which type of security weakness does this represent?
Integer overflow
While using a web-based order form, an attacker enters an unusually large value in the quantity field. The value entered is large enough to exceed the maximum value supported by the variable type used to store the quantity in the web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number. As a result, the web application processes the order as a return instead of a purchase, and the attacker's account is refunded a large sum of money. What type of attack has occurred in this scenario?
DNS poisoning
While using the internet, you type the URL of one of your favorite sites in the browser. Instead of going to the correct site, the browser displays a completely different website. When you use the IP address of the web server, the correct site is displayed. Which type of attack has likely occurred?
A strong EMI emitter near the cable run connected to that interface.
While viewing the status of the interfaces on a Cisco switch, you see an abnormally large number of CRC errors on one interface. This interface is connected to a user's workstation located in a cubicle on the second floor. What could cause this to happen?
The workstation's network board is jabbering.
While viewing the status of the interfaces on a Cisco switch, you see an abnormally large number of oversized Ethernet frames being received on one interface. This interface is connected to a workstation located on the second floor. What could cause this to happen?
traceroute
While working on a Linux server, you are unable to connect to Windows Server 2016 system across the Internet. You are able to ping the default gateway on your own network, so you suspect that the problem lies outside of the local network. Which utility would you use to track the route a packet takes as it crosses the network?
You want to connect your computer to the internet with a DSL modem.
Why might you use an RJ11 connector?
To prevent the same disaster from affecting both the network and the backup media.
Why should you store backup media off site?
Specify which server network interface the agent listens on for DHCP messages.
You are configuring the DHCP Relay Agent role on a Windows server. Which of the following is a required step for the configuration?
The HTTP port should be changed to 80.
You administer a web server on your network. The computer has multiple IP addresses. They are 192.168.23.8 to 192.168.23.17. The name of the computer is www.westsim.com. You configured the website as follows: IP address: 192.168.23.8 HTTP Port: 1030 SSL Port: 443 Users complain that they can't connect to the website when they type www.westsim.com. What is the most likely source of the problem?
EAP
You are a contractor that has agreed to implement a new remote access solution based on a Windows Server 2016 system for a client. The customer wants to purchase and install a smart card system to provide a high level of security to the implementation. Which of the following authentication protocols are you most likely to recommend to the client?
Establish the symptoms.
You are a network administrator for your company. A frantic user calls you one morning exclaiming that nothing is working. What should you do next in your troubleshooting strategy?
Test the solution.
You are a network administrator for your company. A user calls and tells you that after stepping on the network cable in her office, that she can no longer access the network. You go to the office and see that one of the user's stiletto heels has broken and exposed some of the wires in the Cat 5 network cable. You make another cable and attach it from the wall plate to the user's computer. What should you do next in your troubleshooting strategy?
You should implement a UPS between the wall outlet and the network devices. You should implement redundant power supplies for the network devices
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for file storage and a database server. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a cross-over UTP plenum cable that will run through the suspended tile ceiling of the data center. To provide power for the new devices, you had an electrician install several new 20-amp wall outlets near the new rack. Each device in the rack will be plugged directly into one of these new wall outlets. What is wrong with this configuration? (Select two.)
No. You should not run a cable across the floor of the data center.
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through UTP cable that will run across the floor of the data center. To protect equipment from power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work?
Plenum rated cable
You are adding new wires in your building for some new offices. The building has a false ceiling that holds the lights and provides an air path for heating and air conditioning. You would like to run your Ethernet cables in this area. Which type of cable must you use?
Control access to the work area with locking doors and card readers. Relocate the switch to the locked server closet.
You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: When you enter the facility, a receptionist greets you and directs you down the hallway to the office manager's cubicle. The receptionist uses a notebook system that is secured to her desk with a cable lock. The office manager informs you that the organization's servers are kept in a locked closet. Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access the closet. She informs you that server backups are configured to run each night. A rotation of external USB hard disks are used as the backup media. You notice the organization's network switch is kept in an empty cubicle adjacent to the office manager's workspace. You notice that a router/firewall/content filter all-in-one device has been implemented in the server closet to protect the internal network from external attacks. Which security-related recommendations should you make to this client? (Select two.)
Implement a hardware checkout policy.
You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: When you enter the facility, a receptionist greets you and escorts you through a locked door to the work area where the office manager sits. The office manager informs you that the organization's servers are kept in a locked closet. An access card is required to enter the server closet. The receptionist informs you that server backups are configured to run each night. A rotation of tapes are used as the backup media. You notice that the organization's network switch is kept in the server closet. You notice that a router/firewall/content filter all-in-one device has been implemented in the server closet to protect the internal network from external attacks. The office manager informs you that her desktop system will no longer boot and asks you to repair or replace it, recovering as much data as possible in the process. You carry the workstation out to your car and bring it back to your office to work on it. Which security-related recommendation should you make to this client?
Telnet
You are an administrator for a large company. You are setting up a computer at a worker's home so he can telecommute while he recovers from surgery. You want to connect to the UNIX server at the office to update his account information. Which utility should you use to accomplish this task?
Network bridge
You are an administrator of a growing network. You notice the network you have created is broadcasting, but you cannot ping systems on different segments of your network. What device should you use to fix this issue?
TCP
You are an application developer, and you are writing a program for exchanging video files through a TCP/IP network. You need to select a transport protocol that will guarantee delivery. Which TCP/IP protocol provides this capability?
255.255.0.0
You are configuring the IP address for a host and have been asked to use the address 192.160.99.110/16. What subnet mask value would you use?
PPP
You are configuring your computer to dial up to the internet. What protocol should you use?
Create a new virtual switch configured for host-only (internal) networking. Connect the virtual network interfaces in the virtual machines to the virtual switch.
You are an application developer. You use a hypervisor with multiple virtual machines installed to test your applications on various operating system versions and editions. Currently, all of your testing virtual machines are connected to the production network through the hypervisor's network interface. You are concerned that the latest application you are working on could adversely impact other network hosts if errors exist in the code. To prevent problems, you decide to isolate the virtual machines from the production network. However, they still need to be able to communicate directly with each other. What should you do? (Select two. Each response is one part of the complete solution.)
IMAP4
You are asked to recommend an email retrieval protocol for a company's sales team. The sales team needs to access email from various locations and possibly different computers. The sales team does not want to worry about transferring email messages or files back and forth between these computers. Which email protocol is designed for this purpose?
No. You shouldn't use multi-mode patch cables with single-mode GBIC modules.
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum. You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used single-mode GBIC modules on eBay that you will install in each router to allow them to connect to the switch. Both the switch and the GBIC modules use MTRJ connectors. You connect each module to the switch with 1-meter multimode patch cables. Will this implementation work?
No. You should purchase patch cables that use MTRJ connectors.
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have their own network segments separated by routers. Funds are limited, and you have been asked to keep costs to a minimum. You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used multi-mode GBIC modules on eBay that you will install in each router to allow them to connect to the switch. Both the switch and the GBIC modules use MTRJ connectors. You purchased several used 1-meter multi-mode patch cables from Amazon. But when they arrived, you noticed that they use LC connectors. Fortunately, with some force, you found that you are able to get the LC connectors on the cables to lock into the MTRJ connectors on the GBIC modules and on the switch. Will this implementation work?
Right-facing directional antenna WPA2 with CCMP Omni-directional antenna WPA2 with CCMP Left-facing directional antenna WPA2 with CCMP Right-facing high-gain directional antenna WPA2 with CCMP Omni-directional antenna WEP with open authentication Left-facing high-gain directional antenna WPA2 with CCMP
You are building a wireless network within and between two buildings. The buildings are separated by more than 3000 feet. The wireless network should meet the following requirements: Wireless data within Building 1 should be protected with the highest degree of security. Wireless data within Building 2 should be accessible and permitted by any wireless client. Wireless signals between Buildings 1 and 2 should be protected with the highest degree of security. Wireless signals within Buildings 1 and 2 should cover the whole structure, but not extend to the outside. For each location on the image below, you need to select the following: Antenna option Security option Drag the items from the list on the left to the location identifier on the right. Items may be used more than once. Not all items will be used
Crimping tool
You are building network cables and attaching RJ45 connectors to each end. Which tool do you need for this task?
Packet sniffer
You are concerned about attacks directed at the firewall on your network. You would like to examine the content of individual frames sent to the firewall. Which tool should you use?
IPS
You are concerned about attacks directed at your network firewall. You want to be able to identify attacks and be notified of attacks. In addition, you want the system to take immediate action when possible to stop or prevent the attack. Which tool should you use?
Anomaly-based IDS
You are concerned about protecting your network from network-based attacks from the internet. Specifically, you are concerned about zero day attacks (attacks that have not yet been identified or that do not have prescribed protections). Which type of device should you use?
Baseline
You are concerned about the amount of traffic that passed through a router on your network. You want to see how the amount of traffic has changed over time. Which document would help you identify past average network traffic?
Check the MAC addresses of devices connected to your wired switch. Conduct a site survey.
You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do? (Select two. Each response is a complete solution.)
web server and email server
You are configuring a firewall to allow access to a server hosted on the demilitarized zone of your network. You open TCP/IP ports 80, 25, 110, and 143. Assuming that no other ports on the firewall need to be configured to provide access, which applications are most likely to be hosted on the server?
25 110
You are configuring a network firewall to allow SMTP outbound email traffic and POP3 inbound email traffic. Which of the following TCP/IP ports should you open on the firewall? (Select two.)
No, the no shutdowncommand needs to be entered.
You are configuring a switch so that you can manage it using PuTTY from the same network segment as the switch. On the switch, you enter the following commands: switch#config terminalswitch(config)#interface vlan 1switch(config-if)#ip address 192.168.1.10 255.255.255.0 Will this configuration work?
Same SSID, different channel
You are configuring a wireless network with two wireless access points. Both access points connect to the same wired network. You want wireless users to be able to connect to either access point and have the ability to roam between the two access points. How should you configure the access points?
Directional Directional Omni-directional Directional Directional Directional Directional
You are designing a wireless network implementation for a small business. The business deals with sensitive customer information, so data emanation must be reduced as much as possible. The floor plan of the office is shown below. Match each type of access point antenna on the left with the appropriate location on the floor plan on the right. Each antenna type can be used once, more than once, or not at all.
802.11n
You are designing an update to your client's wireless network. The existing wireless network uses 802.11b equipment; which your client complains runs too slowly. She wants to upgrade the network to run up to 600 Mbps. Due to budget constraints, your client wants to upgrade only the wireless access points in the network this year. Next year, she will upgrade the wireless network boards in her users' workstations. She has also indicated that the system must continue to function during the transition period. Which 802.11 standard will work best in this situation?
802.11n
You are designing an update to your client's wireless network. The existing wireless network uses 802.11g equipment, which your client complains runs too slowly. She wants to upgrade the network to run at 150 Mbps or faster. Due to budget constraints, your client wants to upgrade only the wireless access points in the network this year. Next year, she will upgrade the wireless NICs in the workstations. She has also indicated that the system must continue to function during the transition period. Which 802.11 standard will work best in this situation?
You must configure your DHCP server with an option that delivers the IP address of the DNS server (Option 06).
You are implementing a DHCP server for your segment. Your segment's IP address is 192.168.1.0. Your default gateway address is 192.168.1.254. Your DNS server address is 192.168.1.1. Your default gateway is configured as a NAT router to translate addresses between network segments. You configured the 03 Router option on your DHCP server so it can deliver the IP address of the default gateway to workstations. After configuring your workstations to get their IP addressing information dynamically, your users complain that they are unable to access websites on the internet. How can you resolve this problem?
An unmanaged switch and CAT 5e cabling.
You are implementing a SOHO network for a local business. The ISP has already installed and connected a cable modem in the business. The business has four computers that need to communicate with each other and the internet. The ISP's cable modem has only one RJ45 port. You need to set up the network within the following parameters: You must spend as little money as possible. You must not purchase unnecessary equipment. Computers need to have a gigabit connection to the network. New devices should not require management or configuration. You examine each computer and notice only one of the four computers has a wireless NIC; they all have Ethernet NICs. What should you purchase?
Replace the omni-directional antenna with a directional antenna
You are implementing a wireless network inside a local office. You require a wireless link to connect a laptop in the administrator's office directly to a system in the sales department. In the default configuration, the wireless AP uses a 360-dispersed RF wave design. After installation, the signal between the two systems is weak, as many obstacles interfere with the signal. Which of the following strategies could you try to increase signal strength?
T3
You are implementing internet connectivity for a new start-up company. Your client will provide online storefronts for retailers. To do this, they have calculated that their internet connection must provide a data rate of at least 20-30 Mbps. Which type of service should you implement?
Baseline
You are in the habit of regularly monitoring performance statistics for your devices. You find that this month, a specific server has averaged a higher number of active connections than last month. Which type of document should you update to reflect this change?
RDP
You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer at home. Which protocol should you use?
iSCSI Initiator
You are in the process of configuring an iSCSI storage area network (SAN) for your network. You want to configure a Windows Server 2016 system to connect to an iSCSI target defined on a different server system. You also need to define iSCSI security settings, including CHAP and IPsec. Which tool should you use?
Network segmentation
You are in the process of implementing a network access protection (NAP) infrastructure to increase your network's security. You are currently configuring the remediation network that non-compliant clients will connect to in order to become compliant. The remediation network needs to be isolated from the secure network. Which technology should you implement to accomplish this task?
No. Cat 5e cabling has more twists per inch than Cat 3 cabling, reducing cross-talk and supporting higher data rates.
You are installing networking wiring for a new Ethernet network at your company's main office building. The project specifications call for Cat 5e UTP network cabling and RJ45 wall jacks. Near the end of the project, you run out of wire before the last few runs are complete. You have a spool of Cat 3 network cable in storage. Upon investigation, it appears very similar to Cat 5e wiring. Should you use Cat 3 cabling as a substitute for Cat 5e cabling to finish the project?
Enforcing the organization's internet usage policy An increase in bandwidth availability
You are investigating the use of website and URL content filtering to prevent users from visiting certain websites. Which benefits are the result of implementing this technology in your organization? (Choose two.)
Cable stripper
You are making Ethernet drop cables using Cat5e cable and RJ45 connectors. You need to remove the plastic coating over the cable to expose the individual wires. Which tool should you use?
Someone is using voice over IP (VoIP) to make a telephone call.
You are monitoring network traffic on your network, and you see traffic between two network hosts on port 1720. What is the source of this network traffic?
The MGCP protocol is generating traffic, which VoIP uses to send voice data over a network.
You are monitoring network traffic on your network, and you see traffic between two network hosts on port 2427. Which kind of network traffic uses this port?
Failed patch cable between the client system and the wall jack
You are moving a client to a new location within an Ethernet network. Previous to the move, the client system did not have difficulty accessing the network. During the relocation, you attach patch cables from the client system to the wall jack and from the patch panel to the switch. Once connected, you do not get a link light on the network card or the switch. You swap out the cable running between the patch panel and the switch with a known working one, but you still cannot connect. Which of the following might you suspect is the problem?
PSTN
You are moving to an area where DSL will be available in the next six months. Which method of internet connectivity should you implement until DSL is available if your existing connectivity needs are minimal?
Latency
You are on a phone call using VoIP. You notice that it takes several seconds for the person on the other end to respond to questions you ask. Which type of problem is occurring?
2000 meters
You are planning a network for an educational campus. Due to the size of the buildings and the distance between them, you have elected to use 10BaseFL hubs, cabling, and network interface cards. What is the maximum length for the network cable between a workstation and a hub?
Point the cut side of the tool towards the wire end. Use a punch down tool with a notched blade.
You are preparing to attach wires in a 110 block. You want to connect the wires and trim off the excess at the same time. Which of the following should you do? (Select two. Each answer is part of the complete solution.)
Create a new virtual switch configured for bridged (external) networking. Connect the virtual network interfaces in the virtual machines to the virtual switch.
You are responsible for maintaining Windows workstation operating systems in your organization. Recently, an update from Microsoft was automatically installed on your workstations that caused an in-house application to stop working. To keep this from happening again, you decide to test all updates on a virtual machine before allowing them to be installed on production workstations. Currently, none of your testing virtual machines has a network connection. However, they need to be able to connect to the update servers at Microsoft to download and install updates. What should you do? (Select two. Each response is one part of the complete solution.)
Collisions. EMI or cross-talk on the cable connected to the interface.
You are reviewing the output of the show interfaces command for the Gi0/1 interface on a switch. You notice a significant number of CRC errors displayed. What are the most likely causes? (Select two. Each response is a complete solution.)
Omni-directional
You are setting up a wireless hotspot in a local coffee shop. For best results, you want to disperse the radio signals evenly throughout the coffee shop. Which of the following antenna types would you use on the AP to provide a 360-degree dispersed wave pattern?
Firewall
You are the administrator of your company's network. You want to prevent unauthorized access to your intranet from the internet. Which of the following should you implement?
Configure port security on the switch.
You are the network administrator for a city library. Throughout the library, there are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You've had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the internet. The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so only the library computers are permitted connectivity to the internet. What can you do to fix this problem?
Use syslog to implement centralized logging.
You are the network administrator for a growing business. When you were hired, the organization was small, and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device's console. The organization has grown considerably in recent months. Now you manage eight individual switches and three routers. It's becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner. What should you do?
Static
You are the network administrator for a small company that implements NAT to access the internet. You recently acquired five servers that must be accessible from outside your network. Your ISP has provided you with five additional registered IP addresses to support these new servers, but you don't want the public to access these servers directly. You want to place these servers behind your firewall on the inside network, yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these five servers?
Firewall
You are the network administrator for a small organization. Recently, you contracted with an ISP to connect your organization's network to the internet to provide users with internet access. Since doing so, it has come to your attention that an intruder has invaded your network from the internet on three separate occasions. What type of network hardware should you implement to prevent this from happening again?
tracert
You are the network administrator of a branch office of your company. The branch office network is part of a WAN that covers most of the United States. The office has two Windows 2000 servers, two UNIX servers, one Windows NT server, 90 Windows 98 clients, 40 Windows 2000 Professional clients, and five Macintosh clients. Users have been complaining that they are unable to access resources over the WAN at the main headquarters. You suspect that one of the routers between your office and the main headquarters is not working properly. What TCP/IP utility can you use to see if a router is working properly?
Configure all wireless access points with client certificates. Configure the RADIUS server with a server certificate.
You are the wireless network administrator for your organization. As the size of the organization has grown, you've decided to upgrade your wireless network to use 802.1x authentication instead of using preshared keys. To do this, you need to configure a RADIUS server and RADIUS clients. You want the server and the clients to mutually authenticate with each other. What should you do? (Select two. Each response is a part of the complete solution.)
Use a cable tester to test the cable between the computer system and the network switch.
You are troubleshooting a connectivity problem in which one client system is unable to connect to a server. Both the server and client system are connected to the same Ethernet network switch. No other users have complained of a problem, and you suspect that faulty network cabling might be to blame. Which of the following troubleshooting steps are you most likely to perform first?
ifconfig
You are troubleshooting a connectivity problem on a Linux server. You are able to connect to another system on the local network, but are not able to connect to a server on a remote network. You suspect that the default gateway information for the system may be configured incorrectly. Which of the following commands would you use to view the default gateway information on the Linux server?
nslookup dig
You are troubleshooting a network connectivity issue on a Unix system. You are able to connect to remote systems by using their IP address, but unable to connect using the host name. You check the TCP/IP configuration and note that a DNS server IP address is configured. You decide to run some manual resolution queries to ensure that the communication between the Unix system and the DNS server are working correctly. Which utilities can you use to do this? (Choose two.)
802.11b Bluetooth
You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standards could the network be using? (Select two.)
Wiring schematic
You are troubleshooting a workstation connection to the network. During your troubleshooting, you move the cable in the wiring closet to a different port on the patch panel. Which type of document should you update?
Change documentation
You are troubleshooting a workstation connection to the network. During your troubleshooting, you replace the drop cable connecting the computer to the network. Which type of document should you update?
Linux
You are troubleshooting an IP addressing issue and issue a command to view the TCP/IP configuration of the system. The command you use produces the following output:
show interfaces gi0/1
You are troubleshooting physical layer issues with the Gi0/1 interface in a router. You need to view and analyze the number of collisions detected on the interface. Which command should you use?
show interfaces gi0/1 status show interfaces gi0/1
You are troubleshooting physical layer issues with the Gi0/1 interface in a router. You suspect that a duplex mismatch error has occurred, and you need to determine the duplex settings configured on the interface. Which commands could you use? (Choose two. Each response is a complete solution.)
Wiring schematic
You are troubleshooting the connection of a computer in an office to the punch down block in the distribution closet. Which document would you consult to identify the termination of the cable on the punch down block based on the wall jack location in the office?
Punch down tool
You are working with 25 pair wires and 66 blocks. You have pushed the wires onto the 66 block, but now you need to cut off the excess end of each wire. Which tool should you use?
OTDR
You are working with an existing fiber optic installation in your building. You want to know the length of each cable that runs through the walls. Which tool should you use?
BNC
You are working with an older 10Base2 Ethernet network. Which of the following connector types will you most likely encounter?
Switch
You can create a virtual LAN using which of the following?
Horizontal cross connect 25 pair
You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service in a wiring closet on the main floor. You have a second wiring closet on the main floor. You need to connect the two wiring closets. Which of the following are typically used to connect the two wiring closets? (Select two.)
Uses public-key cryptography Transfers data in clear text Uses public-key cryptography Transfers data in clear text Cannot be sniffed
You can use a variety of methods to manage the configuration of a network router. Match the management option on the right with its corresponding description on the left. (Each option may be used once, more than once, or not at all.)
A proxy server is blocking access to the websites.
You connect your computer to a wireless network available at the local library. You find that you can access all the websites you want on the internet except for two. What might be causing the problem?
Promiscuous mode
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation, not other devices. Which feature should you configure?
Mirroring
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device that is connected to a hub with three other computers. The hub is connected to the same switch that is connected to the router. When you run the software, you see frames addressed to the four workstations, but not to the router. Which feature should you configure?
DHCP
You have a TCP/IP network with 50 hosts. There have been inconsistent communication problems between hosts. You run a protocol analyzer and discover that two hosts have the same IP address assigned. Which protocol can you implement on your network to help prevent problems such as this?
Throughput tester
You have a WAN link that connects two sites. The WAN link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link. Which tool should you use?
Routing and Remote Access
You have a Windows Server 2016 system that you want to use as a DHCP relay agent. Which Windows Server 2016 service would you use to do this?
Echo
You have a cable internet connection at home. The installer had connected the router near the outside wall of your house with RG6 cable. You move the cable router a distance of 50 meters using RG8 cables and special connector adapters. Which condition are you most likely to experience?
Use firewalls to create a DMZ. Place the web server inside the DMZ and the private network behind the DMZ.
You have a company network that is connected to the internet. You want all users to have internet access, but you need to protect your private network and users. You also need to make a web server publicly available to internet users. Which solution should you use?
Remediation servers
You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solution? (Select two.)
10.0.12.15 192.168.12.253 172.18.188.67
You have a computer that is connected to the internet through a NAT router. You want to use a private addressing scheme for your computer. Which of the following IP addresses could you assign to the computer? (Select all that apply.)
NTP
You have a large TCP/IP network and want to keep a host's real time clock synchronized. What protocol should you use?
Convergence
You have a network configured to use the OSPF routing protocol. Which of the following describes the state when all OSPF routers have learned about all other routes in the network?
Device A will be able to communicate with all other devices.
You have a network connected using a full physical mesh topology. The link between device A and device B is broken. Which of the following best describes what affect this will have on network communications?
No devices will be able to communicate.
You have a network connected using a physical bus topology. One of the cables that connects a workstation to the bus breaks. Which of the following best describes what effect this will have on network communications?
All devices will be able to communicate, except the device connected with the drop cable .
You have a network connected using a physical star topology. One of the drop cables connecting a workstation has been removed. Which of the following best describes what affect this will have on network communications?
Vertical cross connect
You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a wiring closet on the two remaining floors directly above the wiring closet on the main floor. What would you use to connect the wiring closets together?
IDF
You have a network that occupies both floors of a building. The WAN service provider has installed the line for the WAN service in a wiring closet on the main floor. You have a second wiring closet on the second floor directly above the wiring closet that holds the demarc. Which of the following terms describes the closet on the second floor?
Demarc extension
You have a network that occupies the top floor of a three-story building. The WAN service provider has installed the line for the WAN service in a wiring closet on the main floor. What would you use to relocate the WAN line into a wiring closet on your floor?
Messages are broadcast to all devices connected to the network.
You have a network that uses a logical bus topology. How do messages travel through the network?
Messages travel from one device to the next until they reach the destination device.
You have a network that uses a logical ring topology. How do messages travel through the network?
DHCP server
You have a network with 50 workstations. You want to automatically configure workstations with the IP address, subnet mask, and default gateway values. Which device should you use?
IGP
You have a private network connected to the internet. Your routers will not share routing information about your private network with internet routers. Which of the following best describes the type of routing protocol you would use?
Manually reconfigure the default route to point to the new next hop router.
You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks. The next hop router for the default route has changed. You need to make the change with the least amount of effort possible. What should you do?
IP address
You have a router that is configured as a firewall. The router is a Layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
IP Address
You have a router that is configured as a firewall. The router is a Layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
Miredo
You have a server at work with a custom application installed. Connections to the server that use the custom application must use IPv6. The server is currently running IPv4. You are the only person who connects to the server, and you always use your Linux laptop for the connection. Your laptop supports both IPv4 and IPv6. The rest of your company network runs only IPv4. You need a cost-effective solution to allow your laptop to connect to the server. Your solution must also support communication through NAT servers. Which client software should you use to connect to the server?
Media converter
You have a server that has a 100BaseFX network interface card that you need to connect to a switch. The switch only has 100BaseTX switch ports. Which device should you use?
RG-59
You have a small home network connected to the internet using an RG-6 cable. You need to move the router connecting the network to the internet, but can't find any RG-6 cable. Which cable types could you use instead?
Private addresses are not accessible through the internet.
You have a small network at home that is connected to the internet. On your home network, you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the internet. From your work office, you try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the internet. Why can't you access the server?
Static NAT
You have a small network at home that is connected to the internet. On your home network, you have a server with the IP address of 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a web server and allow internet hosts to contact the server to browse a personal website. What should you use to allow access?
The IP address assigned to Fa0/0 on Router1.
You have a small network connected to the internet as shown in the Exhibit. You need to configure the default gateway address on Wrk1 so that it can communicate with hosts on the internet. Which address would you use for the default gateway address?
Run the packet sniffer application on Host B
You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do?
Star
You have a small network that uses a switch to connect multiple devices. Which physical topology are you using?
192.168.12.46 255.255.255.240 192.168.12.34 198.162.1.22
You have a small network with a single subnet connected to the internet as shown in the Exhibit. The router has been assigned the two addresses shown. You need to manually configure the workstation to connect to the network. The workstation should use RouterA as the default gateway and DNS1 as the DNS server address. From the drop-down options, select the appropriate parameters to configure the workstation's TCP/IP settings.
Default gateway DNS server address
You have a small network, as shown in the Exhibit. You have configured the IP address and subnet mask on Wrk1. You want to be able to use Wrk1 to browse the internet to connect to sites like www.cisco.com. Which other parameters are required on the workstation? (Select two.)
TKIP encryption Preshared key
You have a small wireless network that uses multiple access points. The network uses WPA and broadcasts the SSID. WPA2 is not supported by the wireless access points. You want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop? (Select two.)
Content switch
You have a website that uses multiple servers for different types of transactions. For example, one server is responsible for static web content, while another is responsible for secure transactions. You would like to implement a device to speed up access to your web content. The device should be able to distribute requests between the various web servers using specialized hardware, and not just a software configuration. In addition, SSL sessions should use the hardware components in the device to create the SSL sessions. Which type of device should you choose?
IP address and subnet mask
You have a workstation connected to a small branch network using a single switch. The network does not have any routers and is not connected to the internet. What are the minimum configuration parameters required on the workstation to be able to communicate with all hosts on the network?
TDR
You have been asked to document the wiring in your building. You would like to identify the length of each Cat5 cable to verify that it meets Ethernet standards. You need to identify the length of the cables, but most cables run through walls and ceilings, making them difficult to trace. Which tool should you use?
ipconfig
You have been called in to troubleshoot a connectivity problem on a newly installed Windows Server 2016 system. The system is operating satisfactorily and is able to communicate with other systems on the local network. However it is unable to access any systems on other segments of the corporate network. You suspect that the default gateway parameter for the system has not been configured, or may be configured incorrectly. Which of the following utilities are you most likely to use to view the default gateway information for the system?
802.11n
You have been contacted by OsCorp to recommend a wireless Internet solution. The wireless strategy must support a frequency range of 5 GHz, and provide the highest possible transmission speeds. Which of the following wireless solutions would you recommend?
Host-based firewall
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from internet-based attacks. Which solution should you use?
Install racks with locking doors. Install a biometric lock on the data center door.
You have been hired by a startup company to install a new data center. The company is small, so they have elected to use an unused employee break room as the data center. You are concerned about the physical security of the servers that will be installed in the data center. What should you do? (Select two.)
Is the size of the business expected to grow in the future? How many devices will need to be supported? What type of data will be transmitted on the network?
You have been hired to design a wireless network for a SOHO environment. You are currently in the process of gathering network requirements from management. Which of the following questions should you ask? (Select three.)
Overlapping channels.
You have been hired to troubleshoot a wireless connectivity issue for two separate networks located within a close proximity. Both networks use a WAP from the same manufacturer, and all settings, with the exception of SSIDs, remain configured to the default. Which of the following might you suspect as the cause of the connectivity problems?
The rear of your servers should face the hot aisle. The front of your servers should face the cold aisle.
You have been struggling to keep the temperature in your server room under control. To address this issue, you have decided to reconfigure the room to create hot and cold aisles. Which of the following are true concerning this configuration? (Select two.)
1000BaseCX
You have been tasked with designing a high-speed Ethernet network. Your client's building already has 150-ohm shielded twisted pair (STP) wiring installed. Due to budget constraints, they have asked you to reuse the existing wiring instead of installing new fiber optic cabling. Which Ethernet standard could you implement in this situation?
1000BaseSX 10GBaseSR
You have been tasked with designing an Ethernet network. Your client needs to implement a very high-speed network backbone between campus buildings, some of which are around 300 meters apart. Multi-mode fiber optic cabling has already been installed between buildings. Your client has asked that you use the existing cabling. Which Ethernet standard meets these guidelines? (Choose two.)
255.0.0.0
You have been told to assign the IP address 21.155.67.188 to a host on the network using the default subnet mask. Which mask should you use?
Implement version 3 of SNMP.
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
Virtual OS 2&3
You have configured a virtual network that includes the following virtual components: Four virtual machines (Virtual OS1, Virtual OS2, etc.) One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Given the port configuration for the virtual switch and the physical switch in the table below, click on all of the virtual and physical machines that Virtual OS1 can communicate with.
Virtual OS3
You have configured a virtual network that includes the following virtual components: Four virtual machines (Virtual OS1, Virtual OS2, etc.) One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Given the port configuration for the virtual switch and the physical switch in the table below, click on all of the virtual and physical machines that Virtual OS1 can communicate with.
Configure a profile on the wireless client.
You have configured a wireless access point to create a small network. For security, you have disabled SSID broadcast. From a client computer, you try to browse to find the access point. You see some other wireless networks in the area, but cannot see your network. What should you do?
Decrease the beacon interval.
You have configured a wireless access point to create a small network. You have configured all necessary parameters. Wireless clients seem to take a long time to find the wireless access point. You want to reduce the time it takes for the clients to connect. What should you do?
A mismatched SSID.
You have decided to conduct a business meeting at a local coffee shop. The coffee shop you chose has a wireless hotspot for customers who want internet access. You decide to check your email before the meeting begins. When you open the browser, you cannot gain internet access. Other customers are using the internet without problems. You are sure your laptops wireless adapter works because you use a wireless connection at work. What is the likely cause of the problem?
Crosstalk
You have decided to implement Gigabit Ethernet on your network. Each switch port is connected to a single device. Following the installation, you find one device connected to a switch that is only running at 100 Mbps. Which of the following are likely causes?
Configure the remote access servers as RADIUS clients.
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the following is a required part of your configuration?
Configure the remote access servers as RADIUS clients.
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the following would be a required part of your configuration?
Inform senior management.
You have decided to perform a double-blind penetration test. Which of the following actions should you perform first?
Firewall
You have heard about a Trojan horse program where the compromised system sends personal information to a remote attacker on a specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker. Which log should you monitor?
Rootkit
You have heard about a new malware program that presents itself to users as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to various operating system components. The program then tracks system activity and allows an attacker to remotely gain administrator access to the computer. Which of the following terms best describes this software?
Peer-to-peer
You have implemented a network where each device provides all other devices on the network with access to shared files. What type of network do you have?
Client-server
You have implemented a network where hosts are assigned specific roles, such as file sharing and printing roles. Other hosts access those resources, but do not host services of their own. What type of network do you have?
Mesh
You have implemented an ad hoc wireless network that doesn't employ a wireless access point. Every wireless network card can communicate directly with any other wireless network card on the network. What type of physical network topology has been implemented in this type of network?
Application log
You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem?
64 Kbps
You have installed an ISDN connection into your home so you can connect to the internet and talk on the phone at the same time. While you are talking on the telephone, what is the maximum data rate of your internet connection?
It has been moved to a secure folder on your computer.
You have installed anti-malware software that checks for viruses in email attachments. You configure the software to quarantine any files with problems. You receive an email with an important attachment, but the attachment is not there. Instead, you see a message that the file has been quarantined by the anti-malware software. What has happened to the file?
User awareness training
You have installed anti-virus software on computers at your business. Within a few days, however, you notice that one computer has a virus. When you question the computer's user, she says she did install some software a few days ago, but it was supposed to be a file compression utility. She admits she did not scan the file before running it. What should you add to your security measures to help prevent this from happening again?
Schedule regular full system scans. Educate users about malware.
You have installed anti-virus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day. What else should you do to protect your systems from malware? (Select two.)
Use a tone generator to locate the correct wiring.
You have just been hired as a network administrator. A user has just changed offices and needs you to activate the network and telephone connections in his office. However, the wiring at the punch down block is labeled poorly, and you are unable to tell which wires go to the user's office. What should you do?
Default gateway
You have just connected a new computer to your network. The network uses static IP addressing. You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having a problem. Which of the configuration values would you most likely need to change?
Failed patch cable
You have just connected four new computer systems to an Ethernet switch using spare patch cables. After the installation, only three systems are able to access the network. You verify all client network settings and replace the network card in the failed system. The client is still unable to access the network. Which of the following might you suspect is the real cause of the problem?
B
You have just connected four switches as shown in the Exhibit. Assuming the default switch configuration, which switch will become the root bridge?
Configure a priority number of 4096 for switch C.
You have just connected four switches as shown in the Exhibit. Assuming the default switch configuration, which switch will become the root bridge? how can you force switch C to become the root bridge?
Your copy is the same as the copy posted on the website.
You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file?
PPPoE
You have just signed up for internet access using a local provider that gives you a fiber optic line into your house. From there, Ethernet and wireless connections are used to create a small network within your home. Which of the following protocols would be used to provide authentication, authorization, and accounting for the internet connection?
SSID
You have physically added a wireless access point to your network and installed a wireless networking card in two laptops running Windows. Neither laptop can find the network, and you have come to the conclusion that you must manually configure the wireless access point (AP). Which of the following values uniquely identifies the network AP?
Rollover
You have purchased a new router that you need to configure. You need to connect a workstation to the router's console port to complete the configuration tasks. Which type of cable would you most likely use?
Inverter
You have purchased a solar backup power device to provide temporary electrical power to critical systems in your data center should the power provided by the electrical utility company go out. The solar panel array captures sunlight, converts it into direct current (DC), and stores it in large batteries. The power supplies in the servers, switches, and routers in your data center require alternating current (AC) to operate. Which electrical device should you implement to convert the DC power stored in the batteries into AC power that can be used in the data center?
Test the hotfix, then apply it to all servers.
You have recently experienced a security incident with one of your servers. After some research, you determine that the hotfix #568994 that has recently been released would have protected the server. Which of the following recommendations should you follow when applying the hotfix?
123
You have recently installed a new Windows Server 2016 system. To ensure the accuracy of the system time, you have loaded an application that synchronizes the hardware clock on the server with an external time source on the internet. Now, you must configure the firewall on your network to allow time synchronization traffic through. Which of the following ports are you most likely to open on the firewall?
Configure switch C with a lower priority value.
You have three switches configured as shown in the Exhibit. How can you guarantee that switch C becomes the root bridge?
2
You have two switches connected together as shown in the following diagram. How many broadcast domains are in the network shown?
Put the web server inside the DMZ. Put the database server on the private network.
You have used firewalls to create a demilitarized zone. You have a web server that needs to be accessible to internet users. The web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the servers? (Select two.)
Install a network virus detection software solution.
You have worked as the network administrator for a company for seven months. One day, all picture files on the server become corrupted. You discover that a user downloaded a virus from the internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss is adamant that no more events like this one take place. What should you do?
Install a network virus detection software solution.
You have worked as the network administrator for a company for seven months. One day, all picture files on the server become corrupted. You discover that a user downloaded a virus from the internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss is adamant that this situation does not reoccur. What should you do?
Change the default administrative user name and password. Use an SSH client to access the router configuration.
You just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card for access. You backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with the username admin and the password admin. You used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? (Select two.)
Positive pressure system
You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting the availability of the network. Which of the following should you implement?
Event log
You manage a firewall that connects your private network to the internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use?
Incorrect VLAN assignment
You manage a local area network with several switches. A new employee has started today, so you connect her workstation to a switch port. After connecting the workstation, you find that the workstation cannot get an IP address from the DHCP server. You check the link and status lights and see that the connection is working properly. A ping to the loopback address on the workstation succeeds. No other computers seem to have the problem. Which of the following is the most likely cause of the problem?
Incorrect subnet mask
You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation can communicate with some hosts on the private network, but not with other hosts. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . . : Broadcom network adapter Physical Address. . . . . . : 00-AA-BB-CC-74-EF DHCP Enabled . . . . . . . : No Autoconfiguration Enabled. . . : Yes IPv4 Address . . . . . . . : 192.168.1.102(Preferred) Subnet Mask. . . . . . . . : 255.255.0.0 Default Gateway . . . . . . : 192.168.1.1 DNS Servers . . . . . . . : 192.168.1.20 192.168.1.27
Incorrect default gateway
You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation can communicate with some hosts on the private network, but not with other hosts. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection:Connection-specific DNS Suffix . : mydomain.localDescription . . . . . . . : Broadcom network adapterPhysical Address. . . . . . : 00-AA-BB-CC-74-EFDHCP Enabled . . . . . . . : NoAutoconfiguration Enabled. . . : YesIPv4 Address . . . . . . . : 192.168.1.102(Preferred)Subnet Mask . . . . . . . : 255.255.255.0Default Gateway. . . . . . . . . : 192.168.2.1DNS Servers. . . . . . . . . . . : 192.168.2.20
Incorrect IP address
You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation cannot communicate with any other host on the network. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection:Connection-specific DNS Suffix. : mydomain.localDescription . . . . . . . : Broadcom network adapterPhysical Address . . . . . : 00-AA-BB-CC-74-EFDHCP Enabled. . . . . . . : NoAutoconfiguration Enabled . . : YesIPv4 Address. . . . . . . : 192.168.2.102(Preferred)Subnet Mask . . . . . . . : 255.255.255.0Default Gateway. . . . . . : 192.168.1.1DNS Servers . . . . . . . : 192.168.2.20
Certifier
You manage a network that uses 1000BaseT Ethernet. You find that one device communicates on the network at only 100 Mbps. Which tool should you use to test the drop cable and the connection to the network?
Stateless autoconfiguration
You manage a network that uses IPv6 addressing. When clients connect devices to the network, they generate an interface ID and use NDP to learn the subnet prefix and default gateway. Which IPv6 address assignment method is being used?
VLANs
You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ45 ports connected to the switch. You want to allow visitors to plug into these ports to gain internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and internet access. Which feature should you implement?
Spanning tree
You manage a network that uses multiple switches. You want to provide multiple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support?
Port authentication
You manage a network that uses switches. In the lobby of your building are three RJ45 ports connected to a switch. You want to make sure that visitors cannot plug in their computers into the free network jacks and connect to the network, but you want employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
Port authentication
You manage a network that uses switches. In the lobby of your building, there are three RJ45 ports connected to a switch. You want to make sure that visitors cannot plug their computers into the free network jacks and connect to the network. But employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
Use a router to configure a subnet for the accounting computers.
You manage a network with a single switch. All hosts connect to the network through the switch. You want to increase the security of devices that are part of the accounting department. You want to make sure that broadcast traffic sent by accounting computers is only received by other accounting computers, and you want to implement ACLs to control traffic sent to and between accounting computers through the network. Which of the following is the BEST solution?
Collisions
You manage a network with a single switch. On each switch port, a hub connects multiple devices to the switch. Which condition are you most likely to experience on the network?
Missing default route on a router
You manage a network with multiple subnets connected to the internet. A user reports that she can't access the internet. You investigate the problem and find that she can access all hosts on the private network, including subnets, but no hosts on the internet. Which of the following is likely the cause of the problem?
Missing route on the default gateway router
You manage a network with multiple subnets connected to the internet. A user reports that she can't access the new server used in the accounting department. You check the problem and find out that her computer cannot access any server on that subnet. However, the computer does access other computers on other subnets as well as the internet. Which of the following is most likely the cause of the problem?
Enable spanning tree on the switches
You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. Which of the following will help reduce the effects of a broadcast storm?
NAS with clustering
You manage a network with three dedicated storage devices, as shown in the diagram. Users on the network see only a single file server. Which network-based storage technology is being used?
6to4
You manage a network with two locations, Portland and Seattle. Both locations are connected to the internet. All computers in both locations are configured to use IPv6. You would like to implement an IPv6 solution to meet the following requirements: Hosts in each location should be able to use IPv6 to communicate with hosts in the other location through the IPv4 internet. You want to use a site-to-site tunneling method instead of a host-to-host tunneling method. Which IPv6 solution should you use?
Routing
You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the same switch which is in VLAN 2. What should you configure so that the two devices can communicate?
Trunking
You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the second switch in VLAN 1. What should you configure to allow communication between these two devices through the switches?
ICA VNC
You manage a server at work that has just been configured with a new application. Consequently, the server has crashed several times during the last week. You think you have resolved the problem, but you would like to be able to manage the server remotely just in case more issues occur. Which of the following protocols would you use for remote management? (Select two.)
Proxy server
You manage a server that runs your company website. The web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that static web content can be offloaded to a different server while the web server continues to process dynamic content. Which solution should you implement?
Classless
You manage a server that uses an IP address of 192.168.255.188 with a mask of 255.255.0.0. Which of the following describes the address type?
Trunking
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature allows the switches to pass VLAN traffic between the switches?
Spanning tree
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches?
Network-based firewall
You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part of your security plan, you would like to scan all users' emails. You want to scan the emails and prevent any e-mails with malicious attachments from being received by users. Your solution should minimize administration, allowing you to centrally manage the scan settings. Which solution should you use?
Supernetting
You manage a subnet that uses the subnet address 198.162.1.0/23. Which of the following best describes how addressing is configured for the subnet?
Website storage
You manage a website for your company. The website uses three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component represents a single point of failure?
Cat 6 straight-through UTP Cat 6 straight-through UTP Cat 6 crossover UTP Single-mode fiber optic
You manage the two-location network shown in the exhibit. Workstations and servers at each location connect to a patch panel using behind-the-wall wiring. The patch panel then connects network hosts to one of three 1000BASE-T switches. Routers are implemented at each location to connect the two networks together using a private WAN. The switch ports have auto-MDIX disabled. Drag the cable type on the left to the most appropriate network location on the right. Each cable type can be used more than once.
Disk controller
You manage the website for your company. The Web1 server hosts the website. This server has the following configuration: Dual core processor Dual power supplies RAID 5 volume One RAID controller Two 1000 Mbps network adapters Which component is a single point of failure for the website?
Connect one server to the internet through a different ISP
You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage and a single connection to your ISP. You want to provide redundancy so that a failure in a single component does not cause the website to become unavailable. What should you add to your configuration to accomplish this?
WPA2
You need to add security for your wireless network. You would like to use the most secure method. Which method should you implement?
ip helper-address 172.16.30.1
You need to configure a Cisco RFC 1542-compliant router to forward any received DHCP frames to the appropriate subnet. The address of the remote DHCP server is 172.16.30.1 Which of the following commands would you use to configure the router?
802.1x AES encryption
You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the following components will be part of your design? (Select two.)
Rapid PVST+
You need to configure spanning tree on a Cisco switch. You'd like to use a protocol that conforms to the 802.1w standards. Which protocol should you use?
Enter global configuration mode-conf t Enter interface configuration mode-int fa0/1 Set the speed of the interface-speed auto Set the duplex setting for the interface-duplex auto
You need to configure the FastEthernet 0/1 interface on a switch to automatically detect the appropriate link speed and duplex setting by negotiating with the device connected to the other end of the link. Drag the command on the left to the appropriate configuration step on the right. It is possible that not all of the commands are required.
Straight-through
You need to connect a workstation to a switch using a regular port on the switch (not an uplink port). The switch does not support auto-MDI. Which type of cable should you use?
Enter global configuration mode-conf t Enter interface configuration mode-int fa0/0 Disable the interface-shutdown Verify that the interface is disabled-show ip interface brief
You need to disable the FastEthernet 0/0 interface on a switch. Drag the command on the left to the appropriate configuration step on the right. It is possible that not all of the commands are required.
DNS server
You need to enable hosts on your network to find the IP address of logical names such as srv1.myserver.com. Which device would you use?
Regulation
You need to find out what kind of laws might apply to the design and operation of your network. Which type of document would you consult?
Directional High-gain
You need to implement a wireless network link between two buildings on a college campus. A wired network has already been implemented within each building. The buildings are 100 meters apart. What type of wireless antennae should you use on each side of the link? (Select two.)
VLANs
You need to keep users in all other departments from accessing the servers used by the finance department. Which of the following technologies should you use to logically isolate the network?
dig -x 10.0.0.3 nslookup 10.0.0.3
You need to perform a reverse lookup of the 10.0.0.3 IP address. Which command can you use to accomplish this? (Select two. Each response is a complete solution.)
On the top floor
You need to place a wireless access point in your two-story building. While trying avoid interference, which of the following is the best location for the access point?
Virtual servers
You need to provide DHCP and file share services to a physical network. These services should be deployed using virtualization. Which type of virtualization should you implement?
Angled Physical Contact polish
You need to replace a fiber optic cable that is connecting two switches together. You inspect the existing fiber cable and determine that it uses LC connectors. You also notice the cable's ferrule has a slight slant to it. Which polish grade should you use to replace the existing cable?
White with green stripe Solid green White with orange stripe Solid blue White with blue stripe Solid orange White with brown stripe Solid brown
You need to terminate a Cat 6 UTP cable with an RJ45 connector. Your organization's IT policy states that all cable connectors must be wired according to TIA568A standards. Drag the UTP wire on the left to the correct pin in the RJ45 connector on the right.
White with orange stripe Solid orange White with green stripe Solid blue White with blue stripe Solid green White with brown stripe Solid brown
You need to terminate a Cat 6 UTP cable with an RJ45 connector. Your organization's IT policy states that all cable connectors must be wired according to TIA568B standards. Drag the UTP wire on the left to the correct pin in the RJ45 connector on the right.
Crossover
You need to transfer data from one laptop to another, and you would like to use an Ethernet cable. You do not have a hub or a switch. Which type of cable should you use?
Remote access
You often travel away from the office. While traveling, you would like to use a modem on your laptop computer to connect directly to a server in your office and access files on that server that you need. You want the connection to be as secure as possible. Which type of connection will you need?
Change management
You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device?
Backup Configuration
You provide IT support for a dentist's office. The office has a limited number of wireless clients, so a simple wireless router is used to provide Wi-Fi access. On your latest visit, you check the manufacturer's website and discover that an update has been released by the wireless router manufacturer. You decide to download and install the update. Click the option you should use in the wireless router's configuration interface to prepare the device for the update.
Application-level
You provide internet access for a local school. You want to control internet access by user and prevent access to specific URLs. Which type of firewall should you install?
Implement an IP helper address on the router.
You recently created a new network segment for the development department. Because the hosts are now on a different network segment, they can no longer contact the DHCP server. Both network segments are connected via a Cisco router. Which of the following would be the best action to take in order to fix the problem?
Change the default username and password. Configure the device's authentication type to use Active Directory.
You recently installed a new all-in-one security appliance in a remote office. You are in the process of configuring the device. You need to: Increase the security of the device. Enable remote management from the main office. Allow users to be managed through Active Directory. You want to configure the device so you can access it from the main office. You also want to make sure the device is as secure as possible. Which of the following tasks should you carry out? (Select two.)
VLAN
You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?
VLAN
You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. Which of the following should you use in this situation?
Performance
You suspect that your web server has been the target of a denial-of-service attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?
Short circuit
You use Cat5e twisted pair cable on your network. Cables are routed through walls and the ceiling. A user puts a screw in the wall to hang a picture and pierces the cable so that a signal sent on pin 1 arrives on the cable connected to pin 7. Which term describes this condition?
GBIC SFP
You want a switch to have the ability to modify the media type the switch port supports. Which type of module might you use to make this possible?
SSL
You want to allow traveling users to connect to your private network through the internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls?
FTP
You want to allow users to download files from a server running the TCP/IP protocol. You want to require user authentication to gain access to specific directories on the server. Which TCP/IP protocol should you implement to provide this capability?
Protocol analyzer
You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use?
Implement a virtual firewall within the hypervisor.
You want to be able to monitor and filter VM-to-VM traffic within a virtual network. What should you do?
Crossover
You want to connect the LAN port on a router to the uplink port on a switch. The switch does not support auto-MDI. Which type of cable should you use?
Preshared key AES SSID
You want to connect your client computer to a wireless access point that is connected to your wired network at work. The network administrator tells you that the access point is configured to use WPA2 Personal with the strongest encryption method possible. SSID broadcast is turned off. Which of the following must you configure manually on the client? (Select three.)
Dynamic
You want to connect your small company network to the internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connections to internal hosts. What type of network address translation (NAT) should you implement?
Connect pin 1 to pin 3 and pin 2 to pin 6.
You want to create a loopback plug using a single RJ45 connector. How should you connect the wires in the connector?
Connect pin 1 to pin 8, pin 2 to pin 7, pin 3 to pin 6, and pin 4 to pin 5.
You want to create a rollover cable that has an RJ45 connector on both ends. How should you connect the wires within the connectors?
On a RADIUS server
You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?
RADIUS
You want to implement 802.1x authentication on your wireless network. Which of the following will be required?
Mesh
You want to implement a fault tolerant topology as you connect routers on your wide area network. Which of the following topologies meets your needs?
DNS
You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. Which protocol should you implement?
1000BaseLX Single-mode fiber
You want to implement an Ethernet network at very long distances using fiber optic cables. Which standard and cable type would you choose? (Select two.)
EAP
You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use?
802.1x
You want to increase the security of your network by allowing only authenticated users to access network devices through a switch. Which of the following should you implement?
802.1x
You want to increase the security of your network by allowing only authenticated users to be able to access network devices through a switch. Which of the following should you implement?
RAS
You want to set up a service that allows multiple users to dial in to the office server from modems on their home computers. What service should you implement?
TFTP FTP
You want to transfer a file from a UNIX server to Windows Server 2016. Which of the following utilities could you use to do this? (Select all that apply.)
Security guards
You want to use CCTV as a preventative security measure. Which of the following is a requirement for your plan?
500 resolution, 50mm, .05 LUX
You want to use CCTV to increase the physical security of your building. Which of the following camera types would offer the sharpest image at the greatest distance under the lowest lighting conditions?
PTZ
You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose?
PPTP
You want to use a protocol that can encapsulate other LAN protocols and carry the data securely over an IP network. Which of the following protocols is suitable for this task?
White/green, green, white/orange, blue, white/blue, orange, white/brown, brown
You want to use the T568A standard to add connectors to your Cat5 cable. Starting with pin 1, which order should you use for the wires within the connector?
White/orange, orange, white/green, blue, white/blue, green, white/brown, brown
You want to use the T568B standard for adding connectors to your Cat5 cable. Starting with pin 1, which order should you use for the wires within the connector?
IaaS
You were recently hired by a small start-up company. The company is in a small office and has several remote employees. You have been asked to find a business service that would accommodate the current size of the company, but would also be able to scale as the company grows. The service needs to provide adequate storage, as well as additional computing power. Which cloud service model should you use?
One of the intermediate routers is an MTU black hole.
You work for a large multinational organization that has an extensive global network that is interconnected using WAN links and routers. Lately, users in one location have complained that they are unable to access resources stored on a server named FS23 in a South American branch office. To troubleshoot the issue, you have done the following: Verified that the server is up and running. Verified that the various routers in between the two locations are up and running. You suspect that perhaps one of the routers between the two locations may be dropping packets. To test this theory, you enter the ping FS23 -f -l 1500 command on your workstation. The ping command returns the following command for each ping packet sent: "Packet needs to be fragmented but DF set." What does this mean?
ifconfig
You work in an office that uses Linux servers and Windows servers. The network uses both the TCP/IP protocol. The Linux server is used as an FTP server. Today you have received several calls from people who are unable to contact the Linux server at its known IP address. You are sitting at the Linux server and want to check its IP address. Which command should you use?
ping
You work in an office that uses Linux servers and Windows servers. The network uses the TCP/IP protocol. You are sitting at a workstation that uses Windows 10. An application you are using is unable to contact a Windows server named FileSrv2. Which command can you use to determine whether your computer can still contact the server?
Install a proxy server. Allow internet access only through the proxy server.
You would like to control internet access based on users, time of day, and websites visited. How can you do this?
10GBaseLR standards Single-mode fiber
You would like to implement 10 Gbps Ethernet over a distance of 1 kilometer or greater. Which of the following would be the minimum requirement for the implementation? (Select two.)
Pin 4 is open. Pin 6 is open.
You've connected a cable certifier to an RJ45 wall jack and the output shown below is displayed on the device. What does this output indicate? (Select two.)
This is a crossover cable The cable is functioning correctly.
You've connected a cable certifier to an RJ45 wall jack, and the output shown below is displayed on the device. What does this output indicate? (Select two.)
Pins 1 and 2 are shorted.
You've connected a cable certifier to an RJ45 wall jack. The output shown below is displayed on the device. What does this output indicate?
Move the router to a secure server room.
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with a username of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?
Use a stronger administrative password.
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card for entry. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer by connecting it to the console port on the router. You configured the management interface with the username admin and the password password. What should you do to increase the security of this device?
2U UPS
You've just installed a new 16U wall-mounted rack in your data center. You need to install the following equipment in this rack: A 4U redundant power supply A 4U server A 4U switch A 2U router Which of the following equipment will also fit in this rack along with the above equipment?
Nothing. The temperature within the rack is within acceptable limits.
Your 24U rack currently houses two 4U server systems. To prevent overheating, you've installed a rack-mounted environment monitoring device within the rack. Currently, the device shows that the temperature within the rack is 70 degrees Fahrenheit (21 degrees Celsius). What should you do?
Add a permitstatement to the bottom of the access list.
Your Cisco router has three network interfaces configured: S0/1/0 is a WAN interface that is connected to an ISP. F0/0 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24. F0/1 is connected to an Ethernet LAN segment with a network address of 192.168.2.0/24. You have configured an access control list on this router using the following rules: deny ip 192.168.1.0 0.0.0.255 any deny ip 192.168.2.0 0.0.0.255 any These rules will be applied to the WAN interface on the router. Your goal is to block any IP traffic coming in on the WAN interface that has a spoofed source address that makes it appear to be coming from the two internal networks. However, when you enable the ACL, you find that no traffic is being allowed through the WAN interface. What should you do?
Increased network traffic
Your Windows DHCP server had a default lease time of eight days. However, you have decided to reconfigure this DHCP server to dynamically assign IP addresses to DHCP clients using a lease duration of four days. What impact, if any, will this have on the network?
PPP
Your client has acquired several small companies and would like to connect them together into one network. Not all of the routers are Cisco devices, and compatibility is a concern. Which WAN encapsulation method should you recommend your client use?
Network-based firewall
Your company has a connection to the internet that allows users to access the internet. You also have a web server and an email server that you want to make available to internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?
Residual risk
Your company has developed and implemented countermeasures for the greatest risks to their assets. However, there is still some risk left. What is the remaining risk called?
SMTP
Your company has just acquired another company in the same city. You need to integrate the two email systems so that messages can be exchanged between the email servers. Currently, each network uses an email package from a different vendor. Which TCP/IP protocol will enable message exchange between systems?
VLAN
Your company is a small start-up that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented?
Install a proxy server.
Your company leases a very fast internet connection and pays for it based on usage. You have been asked by the company president to reduce internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection without decreasing performance. What is the best way to do this?
Data Link
Your company purchases a new bridge that filters packets based on the MAC address of the destination computer. On which layer of the OSI model is this device functioning?
Rogue access point
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?
Jitter
Your company uses VoIP for phone calls. Recently, employees have been complaining about phone calls with unusual sound effects. Which type of problem is occurring on the VoIP system?
Public network
Your computer has an IP address of 161.13.5.15. Your computer is on a:
netstat
Your computer is sharing information with a remote computer using the TCP/IP protocol. Suddenly, the connection stops working and appears to hang. Which command can you use to check the connection?
Normal gain directional antenna aimed east Normal gain directional antenna aimed south Normal gain directional antenna aimed north Normal gain directional antenna aimed west High-gain directional antenna aimed east High-gain directional antenna aimed west
Your consulting firm has been hired by a small business to implement a wireless network. The company leases two office suites within a business park approximately 200m apart, as shown below. The objectives of the implementation are as follows: Create a secure wireless network that doesn't emanate beyond each office space by implementing access points in locations A-D in each building. Connect the wireless networks at each office together with a secure outdoor wireless link using locations E and F. Drag the antenna type from the list on the left to the appropriate location on the right. Each antenna type can be used more than once or not at all.
Mesh
Your manager has asked you to implement a network infrastructure that will accommodate failed connections. Which of the following network topologies provides redundancy for a failed link?
Partial mesh
Your manager has asked you to implement a wired network infrastructure that will accommodate failed connections. You don't have a large budget, so you decide to provide redundancy for only a handful of critical devices. Which of the following network topologies should you implement?
100 meters
Your network follows the 100BaseTX specifications for Fast Ethernet. What is the maximum cable segment length allowed?
130.16.61.3
Your network has been assigned the Class B address of 130.15.0.0 Which of the following is not an address you can assign to a node on your network?
179.113.0.118 179.113.89.0 179.113.65.12
Your network has been assigned the Class B network address of 179.113.0.0. Which three of the following addresses can be assigned to hosts on your network?
200.78.151.111 200.78.151.12 200.78.151.252
Your network has been assigned the Class C network address 200.78.151.0. Which of the following addresses can be assigned to hosts on your network? (Select three.)
ipconfig route
Your office has both Windows and Linux computers. You want to be able to view the address of the default gateway that a computer is using. Which of the following utilities could you use? (Select two.)
Verify compliance with the IA documents. Conduct periodic vulnerability assessments.
Your organization entered into an interoperability agreement (IA) with another organization a year ago. As a part of this agreement, a federated trust was established between your domain and the partner domain. The partnership has been in the ongoing operations phase for almost nine months now. As a security administrator, which tasks should you complete during this phase? (Select two.)
Identify how data will be shared. Identify how data ownership will be determined.
Your organization is in the process of negotiating an interoperability agreement (IA) with another organization. As a part of this agreement, the partner organization proposes that a federated trust be established between your domain and their domain. This configuration will allow users in their domain to access resources in your domain and vice versa. As a security administrator, which tasks should you complete during this phase? (Select two.)
There is latency on the WAN link.
Your organization recently opened a branch office in a remote area. Because of its location, traditional WAN connectivity was not available, so you contracted with a satellite provider to connect the branch office network to your home office network. Recently, your CEO conducted a video conference with the employees at the branch office. The employees complained that the video was choppy and the audio was frequently out of sync with the video. What is the most likely cause of this poor WAN performance?
The WAN provider is throttling bandwidth on the link.
Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. Recently, your CEO conducted a video conference with the employees at the branch office. The employees complained that the video was choppy and the audio was frequently out of sync with the video. What is the most likely cause of this poor WAN performance?
Configure and apply security policy settings in a mobile device management system. Enroll the devices in a mobile device management system.
Your organization recently purchased 18 iPad tablets for use by the organization's management team. These devices have iOS pre-installed on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? (Select two. Each option is a part of a complete solution.)
Configure and apply security policy settings in a mobile device management system. Enroll the devices in a mobile device management system.
Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? (Select two. Each option is part of a complete solution.)
Configure VLAN membership so that the Windows 2000 workstations are on their own VLAN.
Your organization uses a time-keeping application that only runs on Windows 2000 and does not run on newer OS versions. Because of this, there are several Windows 2000 workstations on your network. Last week you noticed unusual activity on your network coming from the Windows 2000 workstations. After further examination, you discover that the Windows 2000 workstations were the victim of a malicious attack and were being used to infiltrate the network. You find out that the attackers were able to gain access to the workstations because of the legacy operating system being used. The organization still needs to use the Windows 2000 workstations, which need to be connected to the internet, but you want to make sure the network is protected from future events. Which solution should you implement to protect the network while also allowing operations to continue as normal?
The wireless TV system
Your organization uses an 802.11b wireless network. Recently, other tenants installed the following equipment in your building: A wireless television distribution system running at 2.4 GHz A wireless phone system running at 5.8 GHz A wireless phone system running at 900 MHz An 802.11a wireless network running in the 5.725 - 5.850 GHz frequency range An 802.11j wireless network running in the 4.9 - 5.0 GHz frequency range Since this equipment was installed, your wireless network has been experiencing significant interference. Which system is to blame?
Storage segmentation
Your organization's security policy specifies that, regardless of ownership, any mobile device that connects to your internal network must have remote wipe enabled. If the device is lost or stolen, then it must be wiped to remove any sensitive data from it. Which of the following should you implement to ensure organizational data can be remote wiped while preserving personal data?
Double the bandwidth assigned per channel to 40 MHz.
Your wireless network consists of multiple 802.11n access points that are configured as follows: SSID (hidden): CorpNet Security: WPA2-PSK using AES Frequency: 5.7 GHz Bandwidth per channel: 20 MHz This network is required to support an ever-increasing number of devices. To ensure there is sufficient capacity, you want to maximize the available network bandwidth. What should you do?
Implement antenna diversity.
Your wireless network consists of multiple 802.11n access points that are configured as follows: SSID (hidden): CorpNet Security: WPA2-PSK using AES Frequency: 5.75 GHz Bandwidth per channel: 40 MHz Because of the unique construction of your organization's facility, there are many locations that do not have a clear line of sight between network clients and access points. As a result, radio signals are reflected along multiple paths before finally being received. The result is distorted signals that interfere with each other. What should you do?
412 meters
our network follows the 100BaseFX specifications for Fast Ethernet and uses half-duplex multi-mode cable. What is the maximum cable segment length allowed?