N+ N10-008 - Missed Practice Test Questions 4 - 6
Which of the following levels would a critical condition generate? 2 4 6 0
2 - OBJ-3.1: The severity levels range from zero to seven, with zero being the most severe and seven being the least severe. Level 0 is used for an emergency and is considered the most severe condition because the system has become unstable. Level 1 is used for an alert condition and means that there is a condition that should be corrected immediately. Level 2 is used for a critical condition, and it means that there is a failure in the system's primary application and it requires immediate attention.
A small law office has a network with three switches (8 ports), one hub (4 ports), and one router (2 ports). Switch 1 (switch port 8) is connected to an interface port (FastEthernet0/0) on the router. Switch 2 (switch port 8) and switch 3 (switch port 8) are connected to Switch 1 (switch ports 1 and 2). The hub has three computers plugged into it on ports 1, 2, and 3. The fourth port on the hub is connected to the router's other interface port (FastEthernet0/1). Based on the configuration described here, how many collision domains are there within this network? 4 1 2 8
4 - OBJ-2.1: A collision domain is a network segment connected by a shared medium or through repeaters where simultaneous data transmissions collide with one another. Hubs do not break up collision domains, but routers and switches do. For each switchport or interface on a switch or router, there is a new collision domain.
What port number does HTTPS utilize? 80 143 123 443
443 - uses port 443 and is an application layer protocol for distributed, collaborative, hypermedia information systems using either SSL or TLS encrypted data transfer.
Which of the following levels would a notice condition generate? 1 3 7 5
5 - OBJ-3.1: The severity levels range from zero to seven, with zero being the most severe and seven being the least severe.
Which of the following ports should be allowed to enable access to certain VoIP applications? 139 110 3306 5060
5060 - OBJ-1.5: Session Initiation Protocol (SIP) uses ports 5060 and 5061, and is a signaling protocol for initiating, maintaining, and terminating real-time sessions that include voice, video, and messaging applications.
Dion Training is configuring a new subnet at their offices in Puerto Rico and wants to assign it a portion of their public Class C IPv4 address space. Dion Training has been assigned a Class C scope of 187.15.3.0/24. The new subnet in Puerto Rico has 57 devices that will need IP addresses assigned. What is the correct CIDR notation for the new subnet in order to accommodate the 57 devices while allocating the minimum number of addresses? /27 /24 /25 /26
/26 - OBJ-1.4: To answer this question, you must be able to perform a basic subnetting calculation. First, you need to determine the number of IP addresses that will be needed.
Dion Training is configuring a new branch office in Florida and wants to assign it a portion of their public Class C IPv4 address space. Dion Training has been assigned a Class C scope of 187.15.3.0/24. The new branch office in Florida will require 23 devices that will need IP addresses assigned. What is the correct CIDR notation for the new subnet in order to accommodate the 23 devices while allocating the minimum number of addresses? /26 /27 /29 /28
/27 - OBJ-1.4: To answer this question, you must be able to perform a basic subnetting calculation. First, you need to determine the number of IP addresses that will be needed.
Your company's corporate headquarters provided your branch office a portion of their Class C subnet to use at a new office location. You must allocate the minimum number of addresses using CIDR notation in order to accommodate each department's needs. What is the correct CIDR notation for the Marketing department's subnet which requires 11 devices? /30 /26 /28 /29 /25 /27
/28 - OBJ-1.4: Since the Marketing department needs 11 devices plus a network ID and broadcast IP, it will require 13 IP addresses.
Which of the following ethernet standards is used with a single-mode fiber optic cable? 1000Base-T 10GBase-LR 40GBase-T 10GBase-SR
10GBase-LR - OBJ-1.3: 10GBase-LR is a standard for 10 Gigabit Ethernet over single-mode fiber optic cabling. 10GBase-SR is a 10 Gigabit Ethernet LAN standard for use with multimode fiber optic cables using short-wavelength signaling.
A small law office has a network with three switches (8 ports), one hub (4 ports), and one router (2 ports). Switch 1 (switch port 8) is connected to an interface port (FastEthernet0/0) on the router. Switch 2 (switch port 8) and switch 3 (switch port 8) are connected to Switch 1 (switch ports 1 and 2). The hub has three computers plugged into it on ports 1, 2, and 3. The fourth port on the hub is connected to the router's other interface port (FastEthernet0/1). Based on the configuration described here, how many broadcast domains are there within this network? 28 1 5 2 16
2 - OBJ-2.1: A broadcast domain is a logical division of a computer network in which all nodes can reach each other by broadcast at the data link layer.
What is the term for exploiting a weakness in a user's wireless headset to compromise their smartphone? Multiplexing Zero-day attack Bluejacking Smurfing
Bluejacking - OBJ-4.2: Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs, or laptop computers, sending a vCard which typically contains a message in the name field to another Bluetooth-enabled device via the OBEX protocol.
You recently started a new job with Facebook as a network technician. You have been asked to connect several of their buildings together to form a larger network. All of the buildings are within walking distance of each other. What type of network are you creating? CAN LAN WAN PAN
CAN - OBJ-1.2: A campus area network (CAN) is a computer network that spans a limited geographic area. CANs interconnect multiple local area networks (LAN) within an educational or corporate campus.
Jason is flying home from a conference and attempts to connect to the airplane's onboard wireless network to check his email. He selects the InflightWiFi from the list of network names, his web browser opens, and then a 404 "page not found" error is displayed. Which of the following issues is likely the source of this error? Captive portal issue Insufficient wireless coverage Incorrect passphrase Wrong SSID
Captive portal issue - OBJ-5.4: This is most likely a captive portal issue. Since the user selected the SSID from the list of network names, therefore it is not a wrong SSID issue.
You are troubleshooting an older wireless network that is running Wireless G (802.11g). This network appears to have a lot of collisions and interference. You look up the configuration on two of the three access points in the areas and see they are using Channel 1 and Channel 11. To prevent interference and ensure non-overlapping of the channels, what channel should the third access point utilize? Channel 5 Channel 8 Channel 7 Channel 6
Channel 6 - OBJ-2.4: With wireless access points that run 2.4 GHz frequencies, you can only select channels between 1 and 11 in the United States. This includes 802.11b, 802.11g, 802.11n, and 802.11ax networks.
Which of the following technologies is not commonly used by a captive portal to perform user redirection? DHCP redirect ICMP redirect HTTP redirect DNS redirect
DHCP redirect - OBJ-4.3: In general, captive portals are implemented by using an HTTP redirect, an ICMP redirect, or a DNS redirect.
After an employee connected one of the switchports on a SOHO router to the wall jack in their office, other employees in the building started to receive "duplicate IP address" errors and experiencing intermittent network connectivity. You check the configuration on one of the affected clients and see it has been assigned an IP address of 192.168.1.54. Which of the following could be enabled on the company's network to prevent this from occurring? Router advertisement guard DHCP snooping ARP inspection Split horizon
DHCP snooping - OBJ-4.3: DHCP snooping is a series of techniques applied to improve the security of a DHCP infrastructure. When DHCP servers are allocating IP addresses to the LAN clients, DHCP snooping can be configured on LAN switches to prevent malicious or malformed DHCP traffic or rogue DHCP servers.
Which communication technology would MOST likely be used to increase bandwidth over an existing fiber-optic network by combining multiple signals at different wavelengths? LACP FCoE ADSL DWDM
DWDM - OBJ-1.2: Dense wavelength-division multiplexing (DWDM) is a high-speed optical network type commonly used in MANs (metropolitan area networks). DWDM uses as many as 32 light wavelengths on a single fiber, where each wavelength can support as many as 160 simultaneous connections.
You are using an 802.11ac wireless network at your office which uses WPA2-PSK for encryption. Every few minutes, your wireless connection appears to disconnect and then quickly reconnect to the network. What type of attack might you be the victim of? Deauthentication MAC spoofing Rogue access point Evil twin
Deauthentication - OBJ-4.2: A deauthentication attack is a type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point by sending a deauthentication frame to the victim's machine.
You are investigating a network connectivity issue that is affecting two of your network clients. When you check the switchports of these clients, you observe that the switchports' physical interfaces are continually going up and down. Which of the following is the most likely reason for the flapping of the switchports you are observing? Multicast flooding Duplicate MAC address Asymmetrical routing Collisions
Duplicate MAC address - OBJ-5.5: A duplicate MAC address occurs when two or more devices are responding to data requests as if they are the only device on the network with that physical address. One indication of this occurring is when a switch continually changes the port assignments for that address as it updates its content-addressable memory (CAM) table to reflect the physical address and switchport bindings.
A technician added memory to a router, but the router refuses to recognize the new memory module. The router is then powered down, and the technician relocates all of the memory to different modules. On startup, the router does not boot and displays memory errors. Which of the following is the MOST likely cause of this issue? VTP ESD Driver update CMOS
ESD - OBJ-5.5: The most likely cause is that the memory chips are faulty because they have suffered from electrostatic discharge (ESD) during the chips' installation and movement.
A wireless technician wants to configure a wireless network to identify itself to visitors by including the word "Guest" in the name. This wireless network needs to provide coverage to the entire building and requires 3 wireless access points to accomplish this coverage level. What would allow users to identify the wireless network by its displayed name as a single network? DHCP broadcast ARP broadcast BSSID Broadcast ESSID broadcast
ESSID broadcast - OBJ-2.4: With an ESSID (Extended Service Set), a wireless network can utilize multiple wireless access points to broadcast a single network name for access by the clients. A BSSID (Basic Service Set) can only utilize a single access point in each wireless network.
A network technician is troubleshooting connectivity problems between switches but suspects the ports are not properly labeled. What option will help to identify the switches connected to each port quickly? Configure TACACS+ on each network device Configure each uplink to send LACP discovery units Enable a discovery protocol on the network devices Perform a packet capture on each switch's uplink port
Enable a discovery protocol on the network devices - OBJ-5.5: By enabling a discovery protocol on the network devices, the technician will be able to get detailed information such as the IP addresses, system version, and device information from supporting devices directly.
Which of the following applies to data as it travels from Layer 7 to Layer 1 of the OSI model? De-encapsulation Tunneling Encapsulation Tagging
Encapsulation - OBJ-1.1: Data encapsulation and de-encapsulation in a computer network is a necessary process. Data encapsulation is performed at the sender side while the data packet is transmitted from source host to destination host. This is a process through which information is added to the data as it moved from layer 7 to layer 1 of the OSI model before the data is sent over the network to the receiver.
What network device uses ACLs to prevent unauthorized access into company systems? Content filter Firewall Load balancer IDS
Firewall - OBJ-2.1: A firewall is a network security device designed to prevent systems or traffic from unauthorized access. An ACL is a list that shows which traffic or devices should be allowed into or denied from accessing the network.
Which device actively defends the network by detecting threats and shutting down ports or changing configurations to prevent attacks? Honeypot IDS Firewall IPS
IPS - OBJ-2.1: Intrusion Protection Systems (IPS) can reconfigure themselves based on the threats experienced. Firewalls maintain a static configuration and cannot change their configurations automatically.
Your boss has asked you to select the technology for a new wireless network for the office. She stated that the new network must allow users to connect their laptops, smartphones, and tablets wirelessly. The technology selected should utilize the longest range possible without signal loss. Which of the following wireless technologies should be selected to meet these requirements? 802.11b 802.11g 802.11ac 802.11n
802.11ac - OBJ-2.4: To meet these requirements, you should recommend 802.11ac because it allows for faster speeds than wireless b, g, and n, and it provides the longest ranges of the options provided. The 802.11ac can reach 115 feet (35 meters) using 8 MIMO streams for higher bandwidth, or up to 230 feet (70 meters) using only 4 MIMO streams to provide greater coverage at a lower bandwidth.
Which of the following IEEE specifications describes the use of the spanning tree protocol (STP)? 802.1d 802.1x 802.3af 802.3ad
802.1d - OBJ-2.3: The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that result from them.
What access control model will a network switch utilize if it requires multilayer switches to use authentication via RADIUS/TACACS+? PKI 802.1x 802.3af 802.1q
802.1x - OBJ-4.1: 802.1x is the standard that is used for network authentication with RADIUS and TACACS+.
Which of the following IEEE specifications describes the use of the link aggregation control protocol (LACP)? 802.1x 802.3af 802.1d 802.3ad
802.3ad - OBJ-2.3: Link Aggregation Control Protocol or LACP is one element of an IEEE specification (802.3ad) that provides guidance on the practice of link aggregation for data connections. The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that results from them.
You are installing a Small Office/Home Office (SOHO) network consisting of a router with 2 ports, a switch with 8 ports, and a hub with 4 ports. The router has one port connected to a cable modem and one port connected to switch port #1. The other 6 ports on the switch each have a desktop computer connected to them. The hub's first port is connected to switch port #2. Based on the description provided, how many collision domains exist in this network? 8 9 3 11
9 - OBJ-2.1: Based on the description provided, there are 9 collision domains. Each port on the router is a collision domain (2), each port on the switch is a collision domain (8), and all of the ports on the hub make up a single collision domain (1).
What port number does POP3 over SSL utilize? 110 143 993 995
995 - OBJ-1.5: Post Office Protocol version 3 over SSL (POP3 over SSL) uses port 995 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server that operates using an SSL or TLS encrypted tunnel.
TEST5 Which of the following tools allows you to view and modify the layer 2 to layer 3 address bindings? arp route ipconfig netstat
ARP - OBJ-5.3: The arp command is used to view and modify the local address resolution protocol (ARP) cache of a device, which contains recently resolved MAC addresses of IP hosts on the network.
Rick is upset that he was passed over for a promotion. He decides to take revenge on his nemesis, Mary, who got the job instead of him. Rick sets up an on-path attack against Mary's computer by redirecting any layer 2 traffic destined for the gateway to his computer first. Rick is careful only to affect the traffic associated with Mary's computer and not the entire network. Which type of on-path attack is Rick conducting against Mary? MAC spoofing Evil twin IP spoofing ARP poisoning
ARP poisoning - OBJ-4.2: Based on the scenario, we can eliminate evil twin (focused on wireless access points) and IP spoofing (since this affects layer 3 traffic). While MAC spoofing the gateway's address might work, it would also affect every computer on this subnet. ARP poisoning (also known as ARP spoofing) is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network.
Workers in a company branch office must visit an initial web page and click the "I agree" button before being able to surf the web. Which of the following is this an example of? MOU SLA EULA AUP
AUP - OBJ-3.2: AUP stands for acceptable use policy. If you're agreeing to what you can and can't view, you accept the AUP. MOU is a memo of understanding which typically contains an agreement on certain actions.
A company-wide audit revealed employees are using company laptops and desktops for personal use. To prevent this from occurring, in which document should the company incorporate the phrase "Company-owned IT assets are to be used to perform authorized company business only"? AUP MOU SLA NDA
AUP - OBJ-3.2: Acceptable Use Policy dictates what types of actions an employee can or cannot do with company-issued IT equipment.
A technician is installing a network firewall and would like to block all WAN to LAN traffic that is using ports other than the default ports for internet and email connectivity. What rule should the technician verify FIRST? A DMZ has been created An implicit deny is enabled All outbound traffic is blocked All inbound traffic is blocked
An implicit deny is enabled - OBJ-4.3: An implicit deny is when a user or group is not granted a specific permission in the security settings of an object, but they are not explicitly denied either.
A new piece of malware attempts to exfiltrate user data by hiding the traffic and sending it over a TLS-encrypted outbound traffic over random ports. What technology would be able to detect and block this type of traffic? Stateful packet inspection Stateless packet inspection Application-aware firewall Intrusion detection system
Application-aware firewall - OBJ-4.2: A web application firewall (WAF) or application-aware firewall would detect both the accessing of random ports and TLS encryption and identify it as suspicious. An application-aware firewall can make decisions about what applications are allowed or blocked by a firewall, and TLS connections are created and maintained by applications. A stateless packet inspection firewall allows or denies packets into the network based on the source and destination IP address or the traffic type (TCP, UDP, ICMP, etc.).
Which of the following protocols is considered an external routing protocol? RIP OSPF EIGRP BGP
BGP - OBJ-2.2: Border Gateway Protocol is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems on the Internet.
A technician installs a new WAP, and users in the area begin to report poor performance. The technician uses ping, and only 3 of the 5 packets respond. When the technician tests the connection from a wired connection, it responds with 5 of 5 packets. What tool should the network technician use next? Interface monitoring tool Spectrum analyzer tool Port scanner tool Packet capture tool
Spectrum analyzer tool - OBJ-5.3: A spectrum analyzer is a device that displays signal amplitude (strength) as it varies by signal frequency. Since the issue only occurs when connecting wirelessly, it is almost like a spectrum interference issue.
Dion Training wants to create a DNS record to enter DKIM or SPF information into the domain name system to help prevent from spam coming from their domain. Which type of DNS record should be created? TXT PTR SOA SRV
TXT - OBJ-1.6: The DNS text (TXT) record lets a domain administrator enter text into the Domain Name Systems. The TXT record was originally intended as a place for human-readable notes.
You are connecting a new IPv6 device to your network, but your routers only support IPv4 protocols. Which of the following IP addressing solutions would solve this challenge? Classless Teredo tunneling Private APIPA
Teredo tunneling - OBJ-1.4: Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts that are on the IPv4 Internet but have no native connection to an IPv6 network.
You are scanning a target as part of a penetration test. You discovered that the network uses Snort configured as a network-based IDS. Which of the following occurs when an alert rule has been matched in Snort during your scan? The packet matching the rule will be dropped and the IDS will continue scanning new packets The source IP address will be blocked and its connection with the network terminated The IDS will send an alert, stop checking the rest of the rules, and allow the packet to continue its journey The entire packet will be evaluated until all of the IDS alert rules have been checked and the packet is allowed to continue its journey
The entire packet will be evaluated until all of the IDS alert rules have been checked and the packet is allowed to continue its journey - OBJ-2.1: If Snort is operating as an IDS, it will not block the connection or drop the packet.
A technician installs three new switches to a company's infrastructure. The network technician notices that all the switchport lights at the front of each switch flash rapidly when powered on and connected. After about a minute, the switches return to normal operation. Additionally, there are rapidly flashing amber lights on the switches when they started up the next day. What is happening to the switches? The switches are connected and detected a spanning tree loop The switches are running through their spanning tree process The switches are having problems communicating with each other The switches are not functioning properly and need to be disconnected
The switches are running through their spanning tree process - OBJ-5.5: The switch port lights flashing is indicating that the switch is performing the spanning tree process. The Spanning Tree Protocol (STP) is responsible for identifying links in the network and shutting down the redundant ones, preventing possible network loops.
Your company has just gotten a new OC-12 installed to support your datacenter. The telecommunications provider has installed the connection from their main offices to your demarcation point. You connect the OC-12 to your network, but you are noticing many dropped packets and errors. You suspect this may be a layer 1 issue. Which of the following tools can you use to help identify the source of the issue on this connection? Use an OTDR to validate the integrity of the cable Use a wire mapping cable tester to validate the integrity of the cable Use a multimeter to validate the integrity of the cable Use a spectrum analyzer to determine if the cable is exposed to EMI
Use an OTDR to validate the integrity of the cable - OBJ-5.2: You may not know all the details involved in this question, but that is ok. Start with what you do know.
Which of the following is often used to allow one node to communicate with many other nodes, such as in DMVPN connections? mGRE MPLS SDWAN WLAN
mGRE - OBJ-1.2: Multipoint GRE (mGRE) is a protocol that can be used to enable one node to communicate with many nodes by encapsulating layer 3 protocols to create tunnels over another network.
Which of the following commands is used to display the statistics for a given switchport on a Cisco switch? show route show interface show config show diagnostic
show interface - OBJ-5.3: The "show interface" command is used on a Cisco networking device to display the statistics for a given network interface.
You just started work as a network technician at Dion Training. You have been asked to determine if Ethernet0/0 is currently connected using OSPF or EIGRP on one of the network devices. Which of the following commands should you enter within the command line interface? show diagnostic show route show interface show config
show route - OBJ-5.3: The "show route" command is used on a Cisco networking device to display the current state of the routing table for a given network device.
(This is a simulated Performance-Based Question.) What is the correct color scheme for Pin 1 to Pin 8 for a T-568A connector? white/orange, orange, white/green, blue, white/blue, green, white/brown, brown white/green, green, orange/white, blue, white/blue, orange, white/brown, brown blue, white/blue, orange, white/brown, brown, white/green, green, orange/white white/green, green, white/orange, orange, blue, white/blue, white/brown, brown
white/green, green, orange/white, blue, white/blue, orange, white/brown, brown
An analyst reviews the logs from the network and notices that there have been multiple attempts from the open wireless network to access the networked HVAC control system. The open wireless network must remain openly available so that visitors can access the internet. How can this type of attack be prevented from occurring in the future? Enable NAC on the open wireless network Enable WPA2 security on the open wireless network Install an IDS to protect the HVAC system Implement a VLAN to separate the HVAC control system from the open wireless network
Implement a VLAN to separate the HVAC control system from the open wireless network - OBJ-2.1: A VLAN is useful to segment out network traffic to various parts of the network and stop someone from the open wireless network from logging to the HVAC controls.
Which of the following layers within software-defined networking consists of the physical networking devices, such as switches and routers? Management plane Application layer Infrastructure layer Control layer
Infrastructure layer - OBJ-1.7: The infrastructure layer contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements.
You are configuring a new machine with a hypervisor and several operating systems hosted within it to develop some new applications. You want to ensure that the hypervisor's various virtual machines can communicate with each other over a network, but you don't want this network traffic to leave the hypervisor itself. What is the BEST solution to meet these requirements? Install and configure a virtual switch Connect each machine to an individual switch Configure each virtual machine to use a route to a default gateway Install and configure individual routes between the virtual machines
Install and configure a virtual switch - OBJ-1.2: A virtual switch (vSwitch) is a software program that allows one virtual machine (VM) to communicate with another. A virtual switch is a software application that allows communication between virtual machines.
An organization wants to choose an authentication protocol that can be used over an insecure network without implementing additional encryption services. Which of the following protocols should they choose? Kerberos PAP RADIUS TACACS+
Kerberos - OBJ-4.1: The Kerberos protocol is designed to send data over insecure networks while using strong encryption to protect the information.
When installing a network cable with multiple strands, a network technician pulled the cable past a sharp edge. This resulted in the copper conductors on several of the wire strands being exposed. If these exposed conductors come into contact with each other, they can form an electrical connection. Which of the following conditions would result in this scenario? Short Open Crosstalk Electrostatic discharge
OBJ-5.2: A short is an electrical term that is an abbreviation for a short circuit. A short generally means that an unintended connection between two points is allowing current to flow where it should not. In this scenario, the short is caused by the damaged cable in which two or more of the conductors are connected.
What tool would a network technician use to troubleshoot a span of single-mode fiber cable? Punchdown tool Spectrum analyzer OTDR Cable tester
OTDR - OBJ-5.2: An optical time-domain reflectometer (OTDR) is an optoelectronic instrument used to characterize an optical fiber. An OTDR is the optical equivalent of an electronic time-domain reflectometer.
Which of the following would NOT be useful in defending against a zero-day threat? Threat intelligence Patching Allow listing Segmentation
Patching - OBJ-4.1: While patching is a great way to combat threats and protect your systems, it is not effective against zero-day threats.
You are setting up uplink ports for multiple switches to communicate with one another. All of the VLANs should communicate from the designated server switch. Which of the following should be set on the trunk ports if VLAN 1 is not the management VLAN? Neighbor Discovery Protocol Port Security Port Tagging Spanning Tree Protocol
Port Tagging - OBJ-2.3: The 801.q standard is used to define VLAN tagging (or port tagging) for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames. Traffic should be properly tagged when combined over a single trunk port to ensure they are not sent to the wrong VLAN by mistake.
What is the first flag used in the establishment of a TCP connection or during the initiation of a three-way handshake between two hosts? SYN RST ACK FIN
SYN - OBJ-1.1: A synchronization (SYN) flag is set in the first packet sent from the sender to a receiver as a means of establishing a TCP connection and initiating a three-way handshake. Once received, the receiver sends back a SYN and ACK flag set in a packet which is then sent back to the initiator to confirm they are ready to initiate the connection.
Which type of personnel control is being implemented if Kirsten must receive and inventory any items that her coworker, Bob, orders? Separation of duties Dual control Mandatory vacation Background checks
Separation of duties - OBJ-4.1: This organization uses separation of duties to ensure that neither Kirsten nor Bob can exploit the organization's ordering processes for their gain. Separation of duties is the concept of having more than one person required to complete a particular task to prevent fraud and error.
An administrator has a virtualization environment that includes a vSAN and iSCSI switching. Which of the following actions could the administrator perform to improve data transfers' performance over the iSCSI switches? Configure the switch ports to auto-negotiate the proper Ethernet settings Configure each vSAN participant to have its own VLAN Set the MTU to 9000 on each of the participants in the vSAN. Connect the iSCSI switches to each other over inter-switch links (ISL)
Set the MTU to 9000 on each of the participants in the vSAN. - OBJ-1.7: When using an iSCSI SAN (with iSCSI switching), we can improve network performance by enabling jumbo frames.
You are working at the demarcation point between your network and the telecommunication service provider's network. Which of the following devices serves as the demarcation point between the two networks? Smartjack mGRE FCoE vNIC
Smartjack - OBJ-1.2: A smartjack is an intelligent network interface device (NID) that serves as the demarcation point between the telecommunication service provider's local loop and the customer's premise wiring.
Sahra connects a pair of switches using redundant links. When she checks the link status of the two ports, one of them is not active. She changes the inactive link to another switchport, but the second link still remains inactive. What MOST likely is causing the second link to become disabled? Port mirroring SSID mismatch IGRP routing Spanning tree
Spanning tree - OBJ-2.3: The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks.
An administrator has configured a new 250 Mbps WAN circuit, but a bandwidth speed test shows poor performance when downloading larger files. The download initially reaches close to 250 Mbps but then begins to drop and show spikes in the download speeds over time. The administrator checks the interface on the router and sees the following: DIONRTR01# show interface eth 1/1 GigabitEthernet 1/1 is up, line protocol is up Hardware is GigabitEthernet, address is 000F.33CC.F13A Configured speed auto, actual 1Gbit, configured duplex auto, actual hdx Member of L2 VLAN 100, port is tagged, port state is forwarding Which of the following actions should be taken to improve the network performance for this WAN connection? Configure the interface to use full-duplex Remove the 802.1q tag and reassign it to the default VLAN Shutdown and then re-enable this interface Replace eth1/1 with a 10GBase-SX transceiver
Configure the interface to use full-duplex - OBJ-5.2: The interface is set to auto for duplexing, but it has only negotiated a half-duplex (hex) connection. For interfaces on a switch or router, the full-duplex (fdx) setting should be used to increase the throughput of the interface.
An administrator would like to test out an open-source VoIP phone system before investing in the associated hardware and phones. Which of the following should the administrator do to BEST test the software? Deploy new SIP appliances and connect them to the open-source phone application Create a virtual PBX and connect it to a SIP phone application Create virtual IP phones that utilize the STP protocol in your lab Deploy an open-source VDI solution to create a testing lab
Create a virtual PBX and connect it to a SIP phone application - OBJ-2.1: To test out the system before purchasing it, he should connect to a virtual PBX with a SIP phone application and ensure it meets his needs. Deploying new SIP appliances would be costly; therefore, a bad choice.
According to the OSI model, at which of the following layers is data encapsulated into bits? Layer 2 Layer 4 Layer 1 Layer 3
Layer 1 - OBJ-1.1: Data is transmitted at Layers 5, 6, and 6 of the OSI model. At Layer 4, the data is encapsulated into segments.
At which of the following OSI layer does QoS operate? Layer 1 Layer 3 Layer 5 Layer 7
Layer 3 - OBJ-2.2: Quality of Service (QoS) occurs at both Layer 2 and Layer 3 of the OSI Model.
What is used to distribute traffic across multiple sets of devices or connections to increase the overall efficiency of the network and its data processing? High availability Load balancing Fault tolerance Traffic shaping
Load balancing - OBJ-3.3: Load balancing refers to the process of distributing a set of tasks over a set of resources to make their overall processing more efficient.
Which of the following components is used to describe the structure of a device subsystem using a hierarchical namespace containing all of the variables that may be set or read using SNMP? Verbose trap OID MIB Granular trap
MIB - OBJ-3.1: The Simple Network Management Protocol (SNMP) uses ports 161 and 162, and it is a networking protocol used for the management and monitoring of network-connected devices in Internet Protocol networks. The management information base (MIB) is a translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID).
A network technician is tasked with designing a firewall to improve security for an existing FTP server on the company network. The FTP server must be accessible from the Internet. The security team is concerned that the FTP server could be compromised and used to attack the domain controller hosted within the company's internal network. What is the BEST way to mitigate this risk? Add a deny rule to the firewall's ACL that blocks port 21 outbound Migrate the FTP server from the internal network to a screened subnet Configure the firewall to utilize an implicit deny statement Upgrade the FTP server to an SFTP server since it is more secure
Migrate the FTP server from the internal network to a screened subnet - OBJ-4.1: A screened subnet (formerly called a demilitarized zone or DMZ) is a perimeter network that protects an organization's internal local area network (LAN) from untrusted traffic. A screened subnet is placed between the public internet and private networks.
You received an incident response report indicating a piece of malware was introduced into the company's network through a remote workstation connected to the company's servers over a VPN connection. Which of the following controls should be applied to prevent this type of incident from occurring again? SPF MAC filtering NAC ACL
NAC - OBJ-4.1: Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology (such as anti-virus, host intrusion prevention, and vulnerability assessment), user or system authentication, and network security enforcement.
Your company's security policy states that its workstations must hide their internal IP addresses whenever they make a network request across the WAN. You have been asked to recommend a technology that would BEST implement this policy. Which of the following is the BEST solution for you to recommend? DMZ VPN OSPF NAT
NAT - OBJ-1.4: Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.
You are working as a network engineer for a smartphone company that wants to begin offering contactless payment options with their devices. Which of the following technologies should they embed in their handsets to support contactless payments like Apple Pay, Samsung Pay, or Google Pay? Wi-Fi NFC RFID Bluetooth
NFC - OBJ-2.4: Near-Field Communication (NFC) is a set of communication protocols for communication between two electronic devices over a distance of 4 cm or less. NFC offers a low-speed connection with a simple setup that can be used to bootstrap more capable wireless connections.
A firewall technician at Dion Training configures a firewall to allow HTTP traffic as follows: Dion Training is afraid that an attacker might try to send other types of network traffic over port 80 to bypass their security policies. Which of the following should they implement to prevent unauthorized traffic from entering through the firewall? Stateless packet inspection Application-aware firewall HTTPS (SSL/TLS) Stateful packet inspection
OBJ-2.1: An application-aware firewall can make decisions about what applications are allowed or blocked by a firewall, as opposed to simply using IP addresses and port numbers, by applications by inspecting the data contained within the packets.
Your company has just installed a new web server that will allow inbound connections over port 80 from the internet while not accepting any connections from the internal network. You have been asked where to place the web server in the network architecture and configure the ACL rule to support the requirements. The current network architecture is segmented using a triple-homed firewall to create the following three zones: ZONE INTERFACE, IP address --------------------------------------- PUBLIC, eth0, 66.13.24.16/30 DMZ, eth1, 172.16.1.1/24 PRIVATE, eth2, 192.168.1.1/24 Based on the requirements and current network architecture above, where should you install the webserver and how should you configure it? Put the server in the DMZ with an inbound rule from eth1 to eth0 that allows port 80 traffic to the server's IP Put the server in the DMZ with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP Put the server in the PRIVATE zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP Put the server in the PUBLIC zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP
Put the server in the DMZ with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP - OBJ-4.3: The web server should be placed into the DMZ, assigned an IP address in the 172.16.1.1/24 network, and create an inbound permit rule for port 80 in the ACL. Since the web server needs to be accessed from the internet (PUBLIC), you must configure the permit rule from eth0 (PUBLIC) to eth1 (DMZ). The web server should not be placed into the intranet (PRIVATE), since this will contain all our internal network clients and they should be blocked from accessing this web server according to the question.
A NAC service has discovered a virus on a client's laptop. Where should the laptop be redirected to in order to be remediated? Quarantine network DMZ subnet Honeypot Botnet
Quarantine network - OBJ-4.1: Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), the user or system authentication, and network security enforcement.
A network engineer has been tasked with designing a network for a new branch office with approximately 50 network devices. This branch office will connect to the other offices via a MAN and using a router as their gateway device. Many of the other branch offices use off-the-shelf SOHO equipment. It is a requirement that the routing protocol chosen use the least amount of overhead. Additionally, all the computers on the network will be part of a single VLAN. The connection between these computers should produce the highest throughput possible in the most cost-effective manner. Which routing protocol should be used with the gateway router and what device should you select to connect the computers within the branch office? EIGRP as the routing protocol; connect the computers with a 802.11n MIMO access point OSPF as the routing protocol; connect the computers with a Gigabit Layer 3 switch BGP as the routing protocol; connect the computers with a 1 Gb Fibre Channel RIPv2 as the routing protocol; connect the computers with a Gigabit Layer 2 switch
RIPv2 as the routing protocol; connect the computers with a Gigabit Layer 2 switch - OBJ-2.2: RIPv2 is a classless, distance vector routing protocol that will include the subnet mask with the network addresses in its routing updates. RIPv2 has the least overhead of the four routing protocol options presented in this question.
Users connecting to an SSID appear to be unable to authenticate to the captive portal. Which of the following is the MOST likely cause of the issue? WPA2 security key CSMA/CA RADIUS SSL certificates
Radius - OBJ-5.4: Captive portals usually rely on 802.1x, and 802.1x uses RADIUS for authentication. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user's identity and authorizes them for access to the network. This defines port security.
You are working as part of the server team for an online retail store. Due to the upcoming holidays, your boss is worried that the current servers may not be able to handle the increased demand during a big sale. Which of the following cloud computing concepts can quickly allow services to scale upward during busy periods and scale down during slower periods based on the changing user demand? Metered services On-demand Resource pooling Rapid elasticity
Rapid elasticity - OBJ-1.8: Rapid elasticity is used to describe scalable provisioning or the capability to provide scalable cloud computing services. Rapid elasticity is very critical to meet the fluctuating demands of cloud users. The downside of rapid elasticity implementations is that they can cause significant loading of the system due to the high resource number of allocation and deallocation requests.
Which of the following errors would be received if an ethernet frame less than 64 bytes is received by a switch? Giant CRC error Encapsulation error Runt
Runt - OBJ-3.1: A runt is an ethernet frame that is less than 64 bytes in size. A giant is any ethernet frame that exceeds the 802.3 frame size of 1518 bytes.
Which protocol is used to establish a secure and encrypted VPN tunnel that can be initiated through a web browser? IPsec SSL PPP PPTP
SSL - OBJ-4.4: An SSL VPN is a type of virtual private network that uses the Secure Sockets Layer protocol in a standard web browser to provide secure, remote-access VPN capability. In modern browsers and servers, it is more common to use TLS (transport layer security) which is the successor to SSL.
You have been contracted by Dion Training to conduct a penetration test against its learning management system (LMS). The LMS is a web application that is hosted in the organization's DMZ. Which of the following appliance allow lists should the organization add your source IP in before the engagement begins? HIDS DLP NIDS WAF
WAF - OBJ-2.1: The learning management system (LMS) is a web application, therefore the source IP of the attacking workstation needs to be added to the web application firewall's allow list to prevent it from being blocked.
Which of the following type of sites might contain a datacenter with equipment, but it is not configured and doesn't contain any user or customer data yet? Cloud site Cold site Warm site Hot site
Warm site - OBJ-3.3: A warm site is a type of facility an organization uses to recover its technology infrastructure when its primary data center goes down. A warm site features an equipped data center but no customer data.
Which of the following types of network documentation would include labels to indicate which cables are connected to which switchports on an edge switch? Site survey report Physical network diagram Logical network diagram Wiring diagram
Wiring diagram - OBJ-3.2: Wiring diagrams are used to clearly label which cables are connected to which ports. The more in-depth wiring diagrams will include a floorplan or rack diagram, so you can see how the cables are run in the physical environment.
You are troubleshooting a network connectivity issue on a student's workstation at Dion Training. The wireless access point for the DionTraining network is set to not broadcast its network identifier. The student enters DIONTRAINING as the network name, then attempts to connect to this "Open" wireless access point. The student's classmates have all been able to connect successfully to the network, but this workstation fails to successfully connect. Which of the following issues is indicated by this failure to connect? Incorrect passphrase Wrong SSID Insufficient wireless coverage Encryption protocol mismatch
Wrong SSID - OBJ-5.4: The service set identifier (SSID) is a natural language name used to identify a wireless network. If a network is manually configured and the incorrect SSID is entered, the device will be unable to connect to the network.
