net Practice 2
Which of the following levels would an emergency condition generate?
0 the severity levels range from 0-7. 0 is the most severe. 0 emergency 1 alert 2 critical 3 error 4 warning 5 notice 6 normal operations 7 debugging
You suspect that your server has been the victim of a web-based attack. Which of the following ports would most likely be seen in the logs to indicate the attack's target?
443 web based attacks would likely appear on port 80 (http) or port 443 (https). an attack against active directory is likely to be observed on port 389 LDAP an attack on an FTP server is likely to be observed on port 21 (FTP) an attack using the remote desktop protocol would be observed on port 3389 (RDP)
Which of the following ports does SIP use?
5060/5061 Session initiation protocol (SIP) uses those ports and is a signaling protocol for intiiating, maintaining, and terminating real time sessions that include voice, video, and messging applications. the hypertext transfer protocol uses port 80 and is an application layer protocol for distributed, collaborative, hypermedia information systems using unencrypted data transfer. HTTPS the secured https uses 443. LDAP uses 389 and is an open, vendor neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an internet protocol network LDAPS uses 636. SMB uses 139 and 445 and is a network files haring protocol that runs on top the netBIOS
Which of the following IEEE specifications describes the use of VLANs?
802.1Q its the networking standard that supports virtual LANs on a IEEE 802.3 ethernet network. The standard defines a system of vlan tagging for ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames POE is a technology that lets network cables carry electrical power (AF) 802.1x is a standard network authentication protocol that opens ports for network access when an organization authenticates a user's identity and authorizes them for access to the network. this defines port security. the user's identity is determined based on their credentials orcertificate, which is confirmed by the radius server. The Spanning tree protocol is a network protocol that builds a loop free logical topology for ethernet networks to prevent bridge loops and the broadcast storms that result from them. (D)
A network technician is selecting the best way to protect a branch office from as many different threats from the Internet as possible using a single device. Which of the following should meet these requirements?
Configure a UTM device Since this is a branch office and you want to protect is from as many threats as possible, using a unified threat management device would be best. a UTM will protect you from most things using a single device. a network based firewall would provide basic protection, but a UTM will include anti virus and other protections beyong just a firewalls capabilities. they are also configured to protect against all devices on a network vs a single device with host based firewall.
Your network relies on the use of ATM cells. At which layer of the OSI model do ATM cells operate?
Data Link in the data link layer of the OSI model, the basic unit of transfer is called a frame. in an ATM network these frames are alled cells and are of a fixed (53 octets or bytes) length that allows for faster switching of the cells across the network.
Jason has just connected his new AirPods to his iPhone to listen to his music wirelessly. Which of the following types of networks is he using?
PAN A personal area network is centered around a short distance, usually around a person or up to a few meters. PANs are heavily used with Bluetooth and NFC. a Local Area Network connects computers within a small and a specific area geographically. A campus area network (CAN) is a computer network that spans a limited geographical area. CAN's interconnect multiple LANs within an educational or corporate campus a WAN will typically cover a large area geographically such as a continent, state, or country
A network engineer is conducting an assessment for a customer who wants to implement an 802.11ac wireless network. What should the engineer reference before estimating the number of WAPs required?
Site survey since it is a wireless network, a review of a site survey is necessary to determine any physical advantages and disadvantages. network topology and diagrams can be created once the site survey is complete, and the location of the access points is determined based on distance and expected coverage requirements. the purpose of a wireless site survey is to look at hte feasibility of each individual wireless link to provide seamless connectivity for a wireless network.
Which of the following encryption types was used by WPA to better secure wireless networks than WEP?
TKIP Wifi protected access is an improved encryption scheme for protecting wifi communications designed to replace WEP. WPA uses the RC4 cipher and a teporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme. Wired equivalent privacy (WPA) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24 bit initialization vector to secure its preshared key.
You have just received an email regarding a security issue detected on the company's standard web browser. Which of the following should you do to fix the issue?
Vulnerability Patch Since there is a security issue with the current web browser, it most likely needs to be updated with a manufacturer's vulnerability patch. a vulnerability patch is a piece of software that fixes security issues.
An end-user receives a new computer and now is unable to connect to the MySQL database over the Dion Training local area network. Other users can successfully connect. The network technician can successfully ping the database server but still is unable to connect. Which of the following is the most likely reason for this issue?
a host based firewall on the users computer is blocking port 3306 MySQL uses port 3306, and is an open source relational database management system that is fully compatible with the structured query language (SQL) since the network technician can ping the MySQL server, it indicates that the route is not missing, the database server is configured with the proper gateway, and the network interface card is not defective. instead it is likely that the end user's computer has a host based firewall installed like windows defender and it is blocking outbound request over port 3306. A change in the firewall settings to allow access to the specified ports will fix the problem. It appears that the default firewall on this new computer is blocking the port used to communicate with the database server.
Which mitigation provides the best return on investment by mitigating the most vulnerable attack vector in an enterprise network?
provide end user awareness training for office staff an enterprise network's end users are the most vulnerable attack vector. studies have shown that na investment in end user cybersecurity awareness training has the best retur on investment of any risk mitigation strategy. while all of the options presented are valid security mitigations, only end user awareness training mitigates the biggest network vulnerability we have: our users.
You have just finished installing a new web application and need to connect it to your SQLnet database server. Which port must be allowed to enable communications through your firewall between the web application and your database server?
1521 SQLnet uses port 1521, and is a relational database management system developed by oracle that is fully compatible with the structured query language. 1433 is microsoft SQL and is a proprietary relational databse management system devloped by microsoft that is fully compatible with the structured query language. 3306 is mysql and is an open source relational database management system that is fully compatible with the SQL.
What is the broadcast address associated with the host located at 201.58.12.245/28?
201.58.12.255 In classless subnets using variable length subnet mask (VLSM) the broadcast address is the last IP address associated within an assigned range. in this example, the CIDR notation is /28, so each subnet will contain 16 IP addresses. since the IP address provided is 201.58.12.245, the broadcast address will be 201.58.12.255
A network administrator needs to allow employees to upload files to a remote server securely. What port must be allowed through the firewall?
22 to securely upload a file, the employees could use a secure FTP or Secure copy. both SFTP and SCP operate over port 22, therefore port 22 must be openend by the firewall so that the employes can reach the file servers. port 21 is used by FTP, but it is not a secured method of sending files, there is a more secured version of FTP called FTPS but that uses port 990. 25 is reserved for the simple mail transfer protocol (SMTP), which is an internet standard communication protocol for electronic mail transmission. Port 161 is reserved for simple network management protocol (SNMP), which is a networking protocol used for the management and monitoring of network connected devices in the internet protocol networks.
What port number does LDAP utilize?
389 the lightweight directory access protocol uses port 389 and is an open, vender neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an internet protocol network that is encrypted using an SSL connnection 1433 is microsoft SQL, and is a proprietary relational database mangement system developed by micrsofot that is fully compatible with the structrued query language. 3389 is RDP and is a proprietary protocol developed by microsoft which provides a user with a graphical interface to connect to another computer over a network connection.
Which of the following IEEE specifications describes the use of network authentication?
802.1x The IEEE standard is a network authentication protocol that opens ports for network access when an organization authenticates a users identity and authorizes them for access to the network. this defines port security. the user's identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server. the SPanning tree protocol (STP) is a a networking protocol that builds a loop free logicial topology for ethernet networks to prevent bridge loops and the broadcast storms that result from them. STP is defined by the 802.1D standard. Link Aggregation Control Protocl (LACP) is one element of an IEEE specification (802.3ad) that provides guidance on the practice of link aggregation for data connections. POE si a technology that lets network cables carry electrical power (802.1af)
A network administrator needs to install a centrally located firewall that needs to block specific incoming and outgoing IP addresses without denying legitimate return traffic. Which type of firewall should the administrator install?
A stateful network-based firewall a sateful firewall enhances security through packet filtering, and these types of firewalls also keep track of outbound requests and open the port for the returning traffic to enter the network. Since a centrally located firewall was required, a network based firewall should be chosen instead of a host based firewall.
A disgruntled employee executes an on-path attack on the company's network. Layer 2 traffic destined for the gateway is now being redirected to the employee's computer. What type of attack is this an example of?
ARP spoofing ARP spoofing also known as arp poisoning is a type of attack in which a malicious actor sends falsified ARP messages over a local area network. this results in the linking of an attacker's MAC address with the IP address of a legitimate computer, server, or gateway on the network a reflective DNS attack is a two step attack used in DDOS attacks. the attacker sends a large number of requests to one or more legitimate DNS servers while using a spoofed source IP of the targeted victim. The DNS server then replies to the spoofed IP and unknowingly floods the targeted system with responses to DNS requests that it never sent an evil twin a rogue wireless access point that masquerades as a legitimate wifi access point so that an attacker can gather personal or corporate information without the user's knowledge. IP spoofing is the creation of internet protocol packets that have a modified source address to eithre hide the identity of the sender, impersonate another computer system, or both.
Your company has two office buildings which are connected via a copper network cable that is buried underground. There is some construction being performed near the buildings. Now, the second building discovers they have suffered a network outage that doesn't appear to be temporary. What is the MOST likely cause of the outage?
An open circuit has been created since the issue started after construction began, it is most likely that the construction crew broke the cable during digging operations. this can cause an open circuit or short circuit, depending on how the cable was cut or broken by the construction workers. this can be verified using a time domain reflectometer to determine where in the cable the break has occurred. once the location is identifie,d the cable can be repaired or spliced to return t to normal operations.
Which of the following communication types are used in IPv6 to send a packet to the nearest interface that shares a common address in a routing table?
Anycast an IPv6 anycast address is an address that can be assigned to more than one interface. multiple devices can have the same anycast address. a packet sent to an anycast address is routed to the nearest interface having that address, according to the router's routing table. anycast communications are sent to the nearest receiver in a group of receivers with the same IP. it only works with IPv6. multicast is a technique used for one to many communication over an IP network. multicast can be used with both IPv4 and IPv6. Broadcast communications has one sender, but it sends the traffic to every evice on the network. Broadcast only works with IPv4. Unicast communication only has one sender and receiver. it works with IPv4 or IPv6
A network technician has downloaded the latest operating system of a particular vendor's switch. This update includes new features and enhancements. What should the technician perform FIRST when updating the switch's operating systems?
Backup the current configuration for each switch a preventative method is always to back up the current conviguration to the NVRAM in case the newly downloaded operating system does not work properly. this would allow the technician to restore the switch from the previous backup. it is a good idea to install the operating system during non business hours as well but you should always make a backup of the current configuration.
Which of the following network performance metrics is used to represent the theoretical maximum rate of data transfer from a source to a destination in a given amount of time under ideal conditions?
Bandwidth Bandwidth is the maximum rate of data tarnsfer across a given network. now bandwidth is more ofa theoretical concept that measures how much data could be transferred from a source to a destination under ideal conditions. throughput is an actual measure of how much dta is successfully transferrred from the source to a destination. therefore we foten measure throughput, instead of bandwidth to monitor our network performance. latency is the meaure of tiem that it takes for data to reach its desitnation across a network. usually we meaure network latency as the round trip time from a workstation to the distant end and back. jitter is a network condition that occurs when a time delay in the sending of data packets over a network conneciton occurs. jitter is a big problem for any real time applications, you amy be supporting your networks, like video conferences, VOIP, and virtual destop infrastructure clients
The Security Operations Center is trying to determine if there are any network anomalies currently being observed. To assist them, you gather information about the current performance of the network. Which of the following should you also gather to compare the current information against?
Baseline while all of hte network artifacts such as logs, pcap files, and netflow data are useful, the general terms for the historical network performance data is a baseline. a bsaeline may be created from these other types of data, but the baseline is the most correct answer based on the quetion. a baseline is a process for studying the network at regular intervals to ensure that the network is working as designed.
You work for a bank interested in moving some of its operations to the cloud, but it is worried about security. You recently discovered an organization called CloudBank that was formed by 15 local banks as a way for them to build a secure cloud-based environment that can be accessed by the 15 member banks. Which cloud model BEST describes the cloud created by CloudBank?
Community cloud community cloud is another type of cloud computing in which the cloud setup is shared manually among different organizations that belong to the same community or area. a multi tenant setup is developed using the cloud among different organziations belonging to a particular community or group wit hsimilar computing concerns. for joint business organizations, ventures, reseearch organizations, and tenders, a ocmmunity cloud is an appropriate solution. based on the description of 15 member banks coming together to create the cloud bank organization and its cloud computing environment, a community cloud model is most likely described. a public coud contains services offered by third party providers over the public internet and is available for anyone who wants to useor puchsae them. they may be free or sold on demand allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume. a private cloud ocntains services offered either over the internet or a private internal network and only to select users instead of the general public a hybrid cloud is a cloud computing environment that uses a mix of on premises, private cloud, and a thrid party public cloud services twith orchestration between these platforms. this typically involves a connection from an on premises data center to a public cloud
Which of the following layers is NOT used in a three-tiered data center network architecture?
Control Layer the control layer is used in software-defined networking, not the three tiered data center network architecture. The core layer is considered the backbone of our network and is used to merge geographically separated netwroks back into one logicial and cohesivie unit. in general, you will have at least two routers at the core level, operating in a redundant configuration. The distribution or aggregation layer is located under the core layer and it provides boundary definition by implementing access lists and filter s to define the policies for the network at large. the access or edge layer is located beneath the distribution or aggregation layer and is used to connect all the endpoint devices like computers, servers, printers, wireless access points, and others
Your company has several small branch offices around the country, but you work as a network administrator at the centralized headquarters building. You need the capability of being able to remotely access any of the remote site's routers to configure them without having to fly to each location in person. Your company's CIO is worried that allowing remote access could allow an attacker to gain administrative access to the company's network devices. Which of the following is the MOST secure way to prevent this from occurring while still allowing you to access the devices remotely?
Create an out of band management network you should create an out of band management network and use an SSH console connection to reach the routers. out of band management is a method of remotely controlling an managing critical IT assets and network equipment using a secure connection through a secondary interface that is physically separate from the primary network connection.
You opened your web browser and attempted to visit DionTraining.com, but you appear to have been redirected to a malicious website instead. What type of attack is being conducted?
DNS poisoning DNS spoofing or DNS poisoning is an attack that corrupts the Domain Name System in the DNS resolver's cache and causes the name server to retunr an incorrect result record, such as an attacker's IP address instead of the IP of the legitimate server VLAN hopping is an attack where the attacker is able to send traffic from one VLAN into antoher by either double tagging the traffic or conducting swithc spoofing ARP spofing is a type of attack in which a malicious actor sends falsified ARP messages over a LAN. this results in the linking of an attacker's MAC address with the iP address of a legitimate computer, server, or gateway onto the network a rogue DHCP server is a DHCP server set up on a network by and attacker, or by an unaware user, and is not under the control of network administrators. rogue DHCp servers are also commonly used by attackers for the purpose of network attacks such as an on path or man in the middle attack.
While troubleshooting, a technician notices that some clients using FTP still work and that pings to the local routers and servers are working. The technician tries to ping all known nodes on the network, and they reply positively, except for one of the servers. The technician notices that ping works only when the hostname is used but not when FQDN is used. What server is MOST likely offline?
DNS server the DNS server translates fully qualified domain names (FQDN) to IP addresses. the domain name system uses port 53 and is a hierachical and decentralized naming system for computers, services, or other resources connected to the internet or private network the dynamic host ocnfiguration protocol uses port 67 and is a network management protocol used on internet protocol networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client server architecture a wins server is a microsoft windows based server running the windows internet name service that can accept netbios name registration and queries. WINS servers maintain a database of netbios name to ip address mappings for wins clients on the network and speed up netbios name resolution by eliminating broadcasts. since the technician can ping the server using its hostname, the wins srever is working properly. since the technician cannot ping the server using its fully qualified domain name system, the DNS server is most likely offline
Dion Training is concerned with the threat of an attacker modifying the MAC address to IP bindings within the local area network. Which of the following could be enabled on the company's network to prevent this from occurring?
Dynamic ARP inspection DAI is a security feature that validates the address resolution protocol packets in a network. DAI allows a network administrator to intercept, log, and discard ARP packets with invalid mAC addresses to IP address bindings. a VLAn is any broadcast domain that is partitioned and isolated in a ocmputer network at the data link layer. port mirroring, arp inspection, and VLANs do not add any redundancy to the network DHCP snooping is a series of techniques applied to improve the security of a DHCP infrastructure. when DHCP servers are allocating IP addresses to the LAN clients, DHCP snooping can be configured on LAN switches to prevent malicious or malformed DHCP traffic or rogue DHCP servers. The IPc6 Router advertisement guard feature provdies support for allowing the network administrator to block or reject unwanted rogue router advertisement guard messages that arrive at the network device platform.
An outside organization has completed a penetration test for a company. One of the report items states that an attacker may have the ability to read TLS traffic from the webserver due to a software bug. What is the MOST likely mitigation for this reported item?
Ensure patches are deployed a patch is designed to correct a known bug or a fix a known vulnerability. since the server is allowing an attacker to read TLS traffic, which should be encrypted and unreadable, this is a software bug in the webserver's code that must be fixed using a patch. an intrusion detection system is a device or software application that monitors and reports on any malicious activity or policy violations on a netwrok system. an IDS would not mitigate or stop the attacker from reading the TLS traffic, ti would only report that it is occurring a fireall is a network security system that monitors and controls incoming and outgoing netwrok traffic based on predetermined security rules to establish a barrier between a trusted and untrusted network. if you configured the firewall to block traffic on port 443 it would block all of the webserer's legitimate users as well a VPN extends a private netwrok across a public netwrok and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private netwrok. a VPN would not stop an attacker from being able to read the TLS traffic from the webserver.
A network technician responds to a customer reporting that a workstation continually loses the connection to the network. The user explains that it occurs randomly, and it happens several times throughout the day. Which step of the troubleshooting method should the technician perform NEXT?
Establish a theory of probable cause
Which of the following network devices would be considered a perimeter device and installed at the outermost part of the network?
Firewall a firewall is considered a perimeter security device. it should be installed at the perimeter or boundary of a network to provide maximum security switches, bridges, and wireless access points are all considered internal network devices and should not be installed at the network's outermost perimeter
You have been asked to connect three 802.11a devices to an 802.11g access point configured with WEP. The devices are within 20 feet of the access point, but they still cannot associate with the access point. Which of the following is the MOST likely cause of the devices not associating with the WAP?
Frequency Mismatch a operates in the 5ghz band, while g operates in the 2.4 band. therefore a devices will be unable to communicate with b or g access points. wireless networks utilize three different frequency bands, 2.4, 5, and 6. 2.4 is used by B,G,N 5 is used by A,N, AC, and AX 6 is used by wifi 6e under AX
IPv4 addresses are written using Base 10 numbers, while IPv6 addresses are written in Base 16 numbers. What type of notation does Base16 utilize?
Hexadecimal Hexadecimal is the system of numbering that uses base 16. ths includes the numbers 0-9, A-F. All IPv6 addresses nd MAC addresses are written in hexadecimal format.
Which of the following is a connectionless protocol?
ICMP a connectionless protocol is a form of data transmission in which data is transmitted automatically without determining whether the receiver isready or even whether a receiver exists. ICMP, UDP, IP and IPX are all well known examples of connectionless protocols TCP, SSH< and SSL are all examples of connection oritented protocols
A technician is tasked with troubleshooting a network's slowness. While troubleshooting, the technician is unable to ping any external websites. Users report they can access the sites using the web browsers. What is the MOST likely cause of the failed pings?
ICMP traffic is being blocked by the firewall many companies block ICMP at the firewall, causing ping to fail since it relies on ICMP> if the user can access the site in the web browser but cannot when using ping, then the ICMP is most likely being blocked by the firewall Jumbo frames are any frames larger than 1500 bytes, which is the default MTU size on most networks. VLAN are logical segments of the local area network TACACS is used for remote authentication.
The network administrator is troubleshooting the switchports for a file server with dual NICs. The file server needs to be configured for redundancy, and the dual NICs need to be combined for maximum throughput. What feature on the switch should the network administrator ensure is enabled for best results?
LACP the link aggregation control protocol is the 802.3ad protocol is used to group numerous physical ports to make one high bandwidth path. this method can increase bandwidth and therefore, throughput. LACP can also provide network redundancy and load balancing. the spanning tree protocol (STP) is a network protocol that builds a loop free logical topology for ethernet networks to prevent bridge loops and the broadcast storms that result from them. STP is defined in the IEEE 802.1D standard. a bridge protocol data unit (BPDU) is used by STP to prevent bridge loops. load balancing refers to the process of distributing a set of tasks over a set of resources, with the aim of making their overall processing more efficient. load balancing can optimize the response time and avoid unevenly overloading some compute nodes while other compute nodes are left idle.
The network install is failing redundancy testing at the MDF. The traffic being transported is a mixture of multicast and unicast signals. Which of the following devices would BEST handle the rerouting caused by the disruption of service?
Layer 3 switch a layer 3 switch is the best option because, in addition to its capability of broadcast traffic reduction, it provides fault isolation and simplified security management. this is achieved through the use of IP address informatoin to make routing decisions when managing traffic between LABs. Multicast and unicast are layer 3 messaging flows, so you need a router or layer 3 switch to route them across the network.
Dion Training installed a new router 183 days ago and it stopped working today due to a faulty power supply. The network technicians replaced the power supply and the router was returned to service within 4 hours. Which of the following terms would BEST represent the 183 days in this scenario?
Mean Time Between Failures (MTBF) The mean time between failures measures the average time between when failure occur on a device. the mean time to repair measures the average time it takes to repair a network device when it breaks. the recovery time objective is the duration of time and a service level within which a business process must be restored after a disaster to avvoid unnacceptable consequences associated with a break in continuity. the recovery point objective is the interval of time that might pass during a disruption before the quantity of data lost during that period exceeds the business continuity plan's maximum allowable threashold of tolerance.
Which of the following types of agreements is used to protect an organization's intellectual property and is considered legally binding between the signatories?
NDA a non disclosure agreement is a documented agreement between two parties that define what data is considered confidential and cannot be shared outside of that relationship. an NDA is used to protect an organization's intellectual property an acceptable use policy (AUP) is a set of rules applied by the owner, creator, or administrator of a network, website, or service that restricts how the network, website, or system may be used and sets guidelines as to how it should be used. a memorandum of understanding (MOU) is a non binding agreement between two or mroe organizations to detail what common actions they intend to take. a service level agreement (SLA) is a documented commitment between a service provider and a client, where the quality, availability, and responsiblities are agreed upon by both parties
Dion Training's remote office is experiencing poor network performance. You have been asked to look at the traffic patterns for the remote office and compare them to the network performance baselines. Which of the following tools should you utilize?
NetFlow analyzer a netflow analyzer is used to perform monitoring, troubleshooting, inspection, interpretation, and sythesis of network traffic flow data. a netflow analyzer can help you quickly identify traffic patterns and the different applications and protocols in use on the network. a terminal emulator is used by a network administrator to making a given computer appear like an actual terminal or client computer networked to a server or mainframe. an ip scanner is used to monitor a network's IP address space in real time and identify any devices connected to the network a spectrum ananlyzer is used to measure the magnitude of an input signals frequency
Dion Training wants to implement a technology that will automatically test any wireless device that connects to their network before allowing the device full access to the corporate network and its resources. Which of the following should be implemented?
Network access control Network access control is an approach to computer security that attempts to unify endpoint security technology, user or system authentication, and network security enforcement. effective network access control restricts access to only those devices that are authorized and compliant with security policies, meaning they have all the required security patches and anti intrusion software. when a device connects to the network, it is place into an automated testing area. if it passes the compliance testing, it is placed into the full corporate network. if it fails the compliance testing, it is placed into quarantine where it remains until it has been remediated or upgraded to meet the compliance requirements.
It has been determined by network operations that there is a severe bottleneck on its mesh topology network. The field technician has chosen to use log management and found that one router makes routing decisions slower than the others on the network. Which of the following types of issues would you classify this as?
Network device CPU issues Routing decisions are processed by the router and rely on the networking device's central processing unit. the CPU performance can become a severe bottleneck in the network performance if you have an underpowered router for a large enterprise environment network device power issues would cause network outages, not slowdowns. the scenario did not state that this mesh network is a storage area network, therefore it is not a SAN issue also did not mention authentication issues, therefore the network performance issue is not caused by delayed RADIUS responses.
Which of the following components is used to identify a variable that may be set or read using SNMP?
OID the simple network management protocol (SNMP) uses port 161 and 162 and is a networking protocol used for the management and monitoring of network connected devices in internet protocol neetworks. a unique objective identifer (OID) identifies a variable that can be rad or set using the SNMP protocol the mangement information base (MIB) is a translation file that is used to describe the structure of the management data of a device subsysteme using a hierarchical namespace containing object identifiers( OID) a trap is an asynchronous notification from the agent to the manger. a trap is sent by the agent to notify the management of a significant event that is occurring in real time such as an alarming condition. a grandular trap contains a unique object identifier number and a value for the OID. a verbose trap may contain all the information about a given alert or event as its payload. a verbose trap contains more information and data than a granular trap, and therefore requires more bandwidth to send the verbose trap over the network.
An organization has hired you to upgrade its wired computer network. The network currently uses static routing for the internal network, but the organization wants to reconfigure it to use a dynamic routing protocol. The new dynamic routing protocol must support both IPv4 and VLSM. Based on the requirements provided, which of the following routing protocols should you enable and configure?
OSPF only OSPF supports IPv4 and variable length subnet mask. open shortest path first is a link state routing protocol that was developed for ip networks and is based on the shortest path first algorithm. OSPF is an interior gateway protocol (IGP). VRRP, RIPv1, and HSRP do not support VLSM, the virtual router redundancy protocol is a computer networking protocol that provides for automatic assignment of avialable internet protocol rotuers to participating hosts. this increases the avialability and reliability of routing paths via automatic default gateway selections on a IP subnetwork the hot standby router protocol is a cisco proprietary redundancy protocol for establishing a fault tolerant default gateway the routing information protocol is one of the oldest distance-vector routing protocols which employs the hop count as the routing metric. RIP precents routing loops by implementing a limit on the number of hops allowed in a path from source to destination. while RIPv1 does not support VLSM, RIPv2 does support VLSM but was not an option in this question.
A user's smartphone is displaying text in other languages in their web browser when accessing the company's main website. Which of the following is the MOST likely cause of the issue?
On Path Attack an on path attach previously known as a man in the middle attack is a general term when a perpetrator positions himself in a conversation between a user and an application, either to eavesdrop or impersonate one of the parties, making it appear as if a normal exchange of information is occurring. If your user and server are both in the US but the attacker is performing the on path attack from russia, then the server will utilize the russian language in the text since it sees the connection coming from a russian IP address.
Barbara has connected her personal wireless router to a network jack inside her office. The router cannot get a DHCP address even though her corporate laptop can get a DHCP address when connected to the same jack. Barbara checked the router's configuration to ensure it is set up to obtain a DHCP address. Which of the following is the MOST likely reason that the router is not getting a DHCP address?
Only allow listed MAC addresses can connect to the network allow lists specify MAC addresses as a security mesasure implemented by the administrator to only grant access to a specific user. it avoids a person with maliciious intentions to access the corporate network. since the router has a different mac address, it is blocked from connecting to the wired network. allow listed mac addresses can be implemented automatically using different forms of port security on a network switch
Jason, a network technician, is troubleshooting a single-mode fiber that provides network connectivity to a remote site. He sees that the link light is off on the router's network interface, and suspects that the fiber may have a break somewhere between his router and the remote site. Single-mode fiber is not providing network connectivity to a remote site. Which of the following tools could be used to identify the location of the break in the fiber?
Optical Time Domain Reflectometer OTDR is used by organizations to certify the performance of new fiber optic links and detect problems with existing fiber links. An OTDR can identify if a fiber cable is program and provide an approvimate location for the break in meters orfeet.
A network administrator, Tamera, follows the best practices to implement firewalls, patch management, and security policies on his network. Which of the following should be performed to verify that the security controls are in place?
Penetration Testing Pentesting is the practice of testing a computer system, network, or web application in order to find vulnerabilities that an attacker could exploit. it can be used to ensure all security controls are properly configured and in place AAA is a term for a framework for inteligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. Testing AAA might be part of a larger pentest but by itself would not test for the firewalls and patch management systems sufficiently. a disaster recovery test (DR test) is the examination of each step in a disaster recovery plan as outlined in a organization's business continuity/disaster recovery planning process. a disaster recovery test would not test the firewalls, patch management, or security policies a single point of failure is a part of a system that if it fails, will stop the entrie system from working. a single point of failure test is used to identify a single point of failure in the nwtowrk or system and it is not disgned to test the network's firewalls, patch management, or security policies
You have been asked by your supervisor, Tamera, to ensure that you enable 802.3af on a managed switch. Which of the following features does she want you to enable?
PoE The IEEE af standard defines power over ethernet and support 15.4 of DC power to each device. AT standard defines PoE+ and supports 25.5 of dc power to each device. PoE technology describes a system to to safely transfer electrical power, along with data, to remove devices over standard data cables in an ethernet network. Port bonding is the combining of multiple network connections in parallel by any of several methods, in order to increase throughput beyond what a single connection could sustain, to provide redundancy in case one of the links should fail, or both. VLANS are a part of the Q standard. a vlan is any broadcast domain that is partitioned and isolated in a computer network at the data link layer. trunking is also covered by the Q protocol and supports vlans.
Which of the following types of fire suppression systems utilizes a sprinkler system with water to extinguish a fire but requires both an actuator and the sprinklers to be tripped prior to water being released?
Pre action system a fire suppression system is an engineered set of components that are designed to extinguish an accidental fire in a workplace or datacenter. a pre action system minimizes the risk of accidental release from a wet pipe system. both a detector actuation like a smoke detector and a sprinkler must be tripped prior to water being released. a wet pipe system is the most basic type of fire suppression system and it involved using a sprinkler system and pipes that always contain water in the pipes special suppression systems like a clean agent system either use a halocarbon agent or inert gas. when releases, the agents will displace the oxygen in the room with the inert gas and suffocates the fire. HVAC units are responsible for maintaining the proper temperature and humidty within a datacenter.
A technician is troubleshooting a workstation connectivity issue. The technician believes a static ARP may be causing the problem. What should the technician do NEXT according to the network troubleshooting methodology?
Remove the ARP entry on the user's workstation based on the network troubleshooting methodology, you should try to test your theory to determine the cause once you have established a theory of probable cause. in this scenario the technician has a theory that the static arp entry is the cause of the problem. since this issue has already caused the workstation not to communicate, the best way to test your theory would be to remote the static arp entry and see if the issue is resolved. if this doesnot fix the issue you would need a new hypothesis to test. 1. identify the problem 2. establish a theory of probable cause 3. test the theory to determine the cause 4. establish a plan of action to resolve the problem and identify potential effects 5. implement the solution or escalate as necessary 6. verify full system functionality and if applicable, implement preventative measures 7. document findings, actions, outcomes, and lessons learned
Mark is setting up a DHCP server on a segment of the corporate LAN. Which of the following options is NOT required in the DHCP scope to allow hosts on that LAN segment to be assigned a dynamic IP address and still be able to access the Internet and internal company servers?
Reservations the DHCP must provide an IP address, subnet mask, default gateway, and a DNS server to each client to effectively acces the internet. using DHCp reservations is not required to be configured to meet the requirements provided in the question. DHCP reservations allow the DHCP server to preset an IP addrss to a specific client based on its MAC address. This ensures that the client will always get the same IP address from the DHCP server when it connects to the netwrok. DHCp rservations are usually used with servers or printers on your internal network and are rarely used with end user or client devices.
Which of the following network devices is used to separate broadcast domains?
Router a router is a networking hardware that connects computer networks and forwards data packets between those netwroks. a router operates at the entwork layer (layer 3) of the OSI model and makes routing devisions based upon IP addresses. Each switchport on a rotuer is a separate collision domain and a separate broadcast domain. a hub is a network hardware device for connecting multiple ethernet devices together and making the mact as a single netwrok segment. a hub operates at the physical layer of the OSI model. All devices connected by a hub are in a single ocllision domain and are a single broadcast domain, therefore they must use half duplex for communcation and CSMA/CD. a switch is a networking hardware that connects devices on a computer network by using packet switcheing to receive and forward data to the destination device. a swithc operates at thedata link layer (layer 2) of the OSI model and makes swtiching devision based upon MAC addresses. Each swithcport on a switch is a separate collision domain but all switchports are in a common broadcast domain a bridge is a netwroking hardware theat forwards traffice between network segments at the data link (layer 2) of the OSI model using MAC addresses. each switchport on a bridge is a separate collision domain, but all switchports are in a common broadcast domain
A wireless networking technician has completed an assessment of a wireless network and documented the detected signal strengths in various locations. Which of the following best describes this document?
Site Survey Report A wireles site surevey report will usually take the form of a floorplan with a color coded series of rings on it to show the signal strength of wireless network signals in various locations. this is often referred to as a heat map by technicians. the technician perfoming the survey will doment this information and use it as a tool during troubleshooting and optimization efforts concerning the wireless coverage in a specific office or building. a logical network diagram illustrates the flow of information through a network and shows how devices communicate with eachother. it typically includes elements like subnets, network objects and devices, routing protocols and domains, voice gateways, traffic flow, and network segments network baselining is the act of measuring and rating the performance of a network in real time situations. providing a network baseline requires testing and reporting the physical connectivity, normal network utilization, protocol usage, peak network utilization, and average throughput of the network usage. a network audit entails collecting data, identifiying threats and areas of weakness, and compiling a formal audit report. this report is then sent on to network admistrators and other relevant parties.
You are troubleshooting a point-to-point microwave link between two buildings that is supposed to operate at 1800 MHz. You suspect there is an issue with the frequency as it is transmitted or received. Which of the following tools would you use to observe the frequency as it is transmitted or received?
Spectrum analyzer a spectrum analyzer is used to measure the magnitude of an input signal's frequency. a wifi analyzer is used to gather information about the available wireless networks, troubleshoot wireless netowrking issues, ensure optimal router placement, and identify existing coverage areas. a tone generator is used with a toner probe to accurately identify the location of a cable pair or conductor within a wiring bundle, cross connection point or at the remtoe end. a tone generator is used with copper cables, not fiber optic cables a time domain relectometer (TDR) is used to determine the characteristics of electrical lines by observing reflected waveforms to characterize and locate faults in copper cables.
The administrator modifies a rule on the firewall, and now all the FTP users cannot access the server any longer. The manager calls the administrator and asks what caused the extreme downtime for the server. In regards to the manager's inquiry, what did the administrator forget to do first?
Submit a change request a change request should be submitted through the change management process prior to any changes being made. Change management is a systematic approach to dealing with the transition or transformation of an organization's goals, processes, or technologies.
Which type of network device operates at layer 2 of the OSI model and allows connected devices to operate at full-duplex since each port is in their own collision domain?
Switch a switch is a networking hardware that connects devices on a computer network by using packet switching to receive and forward data to the destination device. a switch operates at the data link (layer 2) of the OSI model and makes switching decisions based on the MAC addresses. each switchport on a switch is a separate collision domain, but all switchports are in a common broadcast domain. router is a networking hardware that connects computer networks and forwards data packets between those networks. a router operates at the network layer of the OSI model and makes routing decisions based upon IP addresses. each switchport on a router is a separate collision domain and a separate broadcast domain. a hub is a network hardware device for connecting multiple ethernet devices together and making them act as a single network segment. a hub operates at the physical layer of the OSI model. all devices connected by a hub are in a single collision domain and a single broadcast domain. therefore they must use half duplex for communication and CSMA/cd. a wireless access point is a networking device that allows other wifi devices to connect to a wired network. a wireless access point operates at the physical layer of the OSI model to extend the wired network into the wireless domain.
Which of the following provides accounting, authorization, and authentication via a centralized privileged database, as well as challenge/response and password encryption?
TACACS+ TACACS+ is a AAA protocol to provide AAA services for access to routers, network access points, and other networking devices. TACACS+ is a remote authentication protocol, which allows a remote access server to communicate with an authentication server to validate user access onto the network. TACACS+ allows a client to accept a username and passwrod, and pass a query to a TACACS+ authentication server. Multifactor authentication is an authentication scheme that works based on something you know, something you have, are, do, or somewhere you are. these schemes can be made stronger by combining them. Network access control (NAC) is a means of ensuring endpoint security by ensuring that all devices connecting to the network conform to a health policy such as its patch level, antivirus/firewall configuration, and other factors internet security association and key management protocol (ISAKMP) is used for negotiating establishing, modification, and deletion of SAs and related parameters in the IPSec protocol.
Which of the following authentication protocols was developed by Cisco to provide authentication, authorization, and accounting services?
TACACS+ that is an extension to tacacs and was developed as a proprietary protocol by cisco. the remote authentication dial in user service (RADIUS) is a networking protocol that operates on port 1812 and provides centralized authentication, authorization, and accounting management for users who connect and use a network service but cisco did not invent it kerberos is a network authentication protocol designed to provide strong mutual authentication for client server applications using secret key cryptography developed by MIT Challenge handshake authentication protocol (CHAP) is used to authenticate a user or netowkr host to an authentication entity. chap is an authentication protoco lbut does not provide authorization or accounting services.
A customer is trying to configure an 802.11b wireless card in an old laptop to connect to an 802.11g wireless router. When the customer scans for the wireless network's SSID (Dion-Corp), it is not displayed within Windows. What is the MOST likely reason that the SSID is not being displayed?
The broadcast is disabled on the wireless router if the secure set identifier (SSID) is disabled, then the wireless network name will not be broadcasted to any available devices within range. Both wireless B and G use the same frequency band (2.4) and would not cause this issue. encryption that is enabled or disabled would not affect the SSID broadcast since the SSID is sent out in clear text. dhcp support is used once a device ocnnects to a network. therefore it would not affect the SSID broadcast
You have installed and configured a new wireless router. The clients and hosts can ping each other. The network uses a fiber optic WAN connection with 1 Gbps throughput. The wired clients have fast connections, but the wireless clients are displaying high latency when a ping is performed. The wireless clients are also only receiving 300 Mbps when downloading files from the Internet. Which of the following is MOST likely the cause of the slow speeds experienced by the wireless clients?
The wireless access point is experiencing RF interference if interference in the wireless spectrum occurs, more retransmissions will be needed and thereby slowing speeds experienced and increasing latency. a high signal to noise ratio is a good thing on a wireless network and leeds to faster speeds and lower retransmissions. the fiber connection itself is only used for WAN connection, therefore you can use wired or wireless infrastructure for your internal LAN and connect the LAN to the WAN connection at the router the wireless network is already getting throughputs of 300mbps so it must be using 802.11n, AC, or AX for its wireless access points if you switched it to g you would slow down the wireless network mores since it has a maximum throughput of 54Mbps
You typed IPCONFIG at the command prompt and find out your IP is 192.168.1.24. You then go to Google.com and search for "what is my IP," and it returns a value of 35.25.52.11. How do you explain why your computer has two different IP addresses?
This is caused because your gateway is conducting NAT or PAT your computer network uses a private IP address for machines within the network and assigns a public IP address for traffic bein routed over the network using either a NAT or a PAT. Most small office home office networks utilize a single public IP for all of their devices and use a technique knwon as PAT to associate the public IP with each internal client's private IP when needed. Network Address translation (NAT) and port address translation (PAT) allow multiple devices on a LAN to be mapped to a single public IP address to conserve the IP address. in NAT, private IP addresses are translated into public IP addresses. in PAT, private IP addresses are translated into a single public IP address and their traffic is segregated by port numbers.
Which of the following technologies deliver multiple voice calls over a copper wire if you have an ISDN or T-1 connection?
Time division multiplexing time division multiplexing allows for two or more signals or bitstreams to be transferred in what appears to be simultaneous sub channels in one communication channel but is physically taking turns on the channel. this is the technology used in a single PRI (ISDN or T-1) service to essentially share a single cable but pass multiple calls over it.
Which of the following is the BEST way to regularly prevent different security threats from occurring within your network?
User training and awareness an enterprise network's end users are the msot vulnerable attack vector. Studies have shown that an investment in end user cybersecurity awareness training has the best return on investment of any risk mitigation strategy.
Which of the following components is used by an agent to send a complete set of key-pair values about a significant event or condition that is occurring in real-time by providing a full list of variables and values for a given device to a manager?
Verbose Trap The simple Network Management Protocol uses ports 161 and 162 and it is a networking protocol used for the management and monitroing of network-connected devices in internet protocol networks. a trap is an asynchronous notification from the agent to the manager. A trap is sent by the agent to notify the management of a significant event that is occurring in real time, such as an alarming condition. a verbose trap may contain all the information about a given alert as its payload. a granular trap contains a unique object identifier number and a value for the OID. a verbose trap contains more information and data than a granular trap, and therefore requires more bandwidth to send the verbose trap over the network.a unique object identifier identifies a variable that can be read or set using the SNMP protocol.
Your company has just finished replacing all of its computers with brand new workstations. Colleen, one of your coworkers, has asked the company's owner if she can have the old computers that are about to be thrown away. Colleen would like to refurbish the old computers by reinstalling a new operating system and donating them to a local community center for disadvantaged children in the neighborhood. The owner thinks this is a great idea but is concerned that the private and sensitive corporate data on the old computer's hard drives might be placed at risk of exposure. You have been asked to choose the best solution to sanitize or destroy the data while ensuring the computers will still be usable by the community center. What type of data destruction or sanitization method do you recommend?
Wiping data wiping or clearing occurs by using a software tool to overwrite the data on a hard drive or other media. Data wiping may be performed with a 1x,7x, or 35x overwriting, with a higher number of times being more secure. this allwos the hard drive to remain functional and allow for hardware reuse. degaussing a hard drive involves demagnetizing a hard drive to erase its stored data. you cannot use a hard drive once it has been degaussed. therefore it is a bad solution for this scenario purging involves removing sensitive data from a hard drive using the devices internal electronics or an outside source such as a degausser, or by using a cryptographic erase function if the drive supports one. shredding involves the physical destruction of the hard drive. this is a secure method of destruction but doesnt allow for device reuse.
Which of the following would require the network administrator to schedule a maintenance window?
a minor release upgrade of a production router during an update of a production router, the router would not route packets, and the network traffic would be affected. therefore it would be necesary to announce ta mantenance window. a maintennace window is a period of time designated in advance by the technical staff, during which preventitive maintenance that could disrupt servie is allowed to be performed.
Which network device operates at Layer 3?
a router a router is a layer 3 device, a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the interenet. routers make the internet work by forwarding data using a unified addressing system. in our TCP/IP networks, routers forward their traffic base upon the IP address of the packets. a hub and repeater are both layer 1 physical layer devices. a bridge is a layer 2 data link layer device.
A network engineer is designing an 802.11g wireless network that uses three wireless access points for complete coverage. Which of the following channel selections would result in the LEAST amount of interference between each access point?
adjacent access points should be assigned with channels 1,6,11 with a 20MHZ channel width because the overlapping signals are from access points from unrelated non overlapping channels, the access points are least likely to interfere with eachother. for wireless b and g networks, you should always use 1,6,11 to ensure you are using non overlapping frequencies
Which of the following layers within software-defined networking focuses on resource requests or information about the network?
application layer the application layer focuses on the communication resource requests or information about the network the control layer uses the information from applications to decide how to route a data packet on the network and to make devisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to. the infrastructure layer contains the physical networking devices that receive information from the control layer about where to move thde data and then perform those movemements the management plane is used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations
You have been asked to install a media converter that connects a newly installed RG-6 cable to the existing Cat 6a infrastructure. Which type of media converter should you use?
coaxial to ethernet a media converter is a layer 1 device that changes one type of physical network connection to another. in this case, we are convrting coaxial (RG-6) cable to Cat 6a (ethernet) cable
A network administrator recently set up a network computer lab and discovered some connectivity issues. The administrator can ping the fiber uplink interface, but none of the new workstations plugged into the switch are responding to the technician's ICMP requests. Which of the following actions should the technician perform next?
determine if the link lights are lit for the ports a technician can use the LED's on the switchports to quickly monitor activity and performance for the interfaces. by determining if the link lights are lit for the ports, the administrator can verify if there is any activity on the network, if the ports are enabled, and if the layer 1 switch components are working properly. additionally, some switches have LEDs to indicate if the switchport is operating in half duplex, or full duplex and the speed of the link.
What remediation strategies are the MOST effective in reducing the risk to an embedded ICS from a network-based compromise?
disabling unused services segmentation segmentation is the best method to reduce the risk to an embedded ICS system from a network based compromise. additionally you could disable unused serverices to reduce the footprint of the embedded ICS. many of these embedded ICS systems have a large number of default services running. so by disabling the unused services, we can better secure these devices. By segmenting the devices off the main portion of the network, we can also better protect them a NIDS might detect an attack or compromise, but it would not reduce the risk of the attack succeeding since it can only detect it patching is difficult for embedded ICS devices since they usually rely on customized software applications that rarely provide updates
The network administrator noticed that the border router has high network capacity loading during non-working hours. This excessive load is causing outages for the company's web servers. Which of the following is the MOST likely cause of the issue?
distributed DOS a distributed denial of service attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web services a denial of service attack is a cyber attack in which the perpetrator seeks to make a machine or network resource unavailable to its inteded users by temporarily or indefinitely disrupting the services of a host connected to the internet ARP spoofing is a type of attack in which a malicious actor sens falsified ARP (address resolution protocol) messges over a local area network. this results in the linking of an attacker's mac address with the IP address of a legitimate comptuer or server on the network. session hijacking also known as TCP session hijacking, is a method of taking over a web user session by obtaining the session id and acting as the authorized user an evil twin is a rogue wireless access point that acts as a legitimate wifi access point so that an attacker can gather personal or corporate information without the users knowledge
Dion Training has created a guest wireless network for students to use during class. This guest network is separated from the corporate network for security. Which of the following should be implemented to require the least amount of configuration for a student to access the Internet over the guest network?
enable ssid broadcst for the guest wireless network Since security was not listed as a requirement for the guest wireless network, it would be easiest not to set up any encryption, passwords or authentication mechanisms on the network. isntead, you should enable the SSID broadcast for the guest network so students can easily find and connect to it using MFA, WEP, or 802.1x would require the students to complete additional configurations prior to connecting to the guest network
Dion Training allows its visiting business partners from CompTIA to use an available Ethernet port in their conference room to establish a VPN connection back to the CompTIA internal network. The CompTIA employees should obtain internet access from the Ethernet port in the conference room, but nowhere else in the building. Additionally, if any of the Dion Training employees use the same Ethernet port in the conference room, they should access Dion Training's secure internal network. Which of the following technologies would allow you to configure this port and support both requirements?
implement NAC Network Access Control uses a set of protocols to define and implement a policy that describes how to secure access to network nodes whenever a device initially attempts to access the netwrok. NAC can utilize an automatic remediation process by fixing non compliant hosts before allowing network access. Network access control can control access to a network with policies, including pre-admission endpoint security checks and post admission controls over where users and devices can go on a network and what they can do. in this scenario, implementing NAC can identify which machines are known and trusted Dion assets and provide then with access to the secure internal network. NAC could also determine unknown machines (assumed to be those of comptia employees) and provide the mwith direct internet access only placing them onto a guest network or VLAN.
Your router has been turning itself off and on again for a few weeks. You begin to think back to when these issues began to occur and remember that each time it happened the lights also dimmed momentarily. You hook up a device to monitor the power being supplied to the router and identify that brownouts are frequently occurring, resulting in the router's power cycling. What should you (a network technician) do to solve this problem?
install an uninterruptable power supply (UPS) the best solution would be to install a UPS since you are a network technician and not an electrician, you should not install a new electrical circuit. the primary function of UPS is to provide battery backup when the electrical power fails or drops to an unacceptable voltage level. it ensures that your electrical equipment gets a consistent current so damage and device power cycling do not occur. a surge protector defends against possible voltage spikes that could damage your appliances, electronics, or equipment. a network technician is not qualified to install a new electrical outlet since that is a job of an electrician. the scenario presents issues that focus on the power levels therefore installing an upgraded router would not solve these issues
You are troubleshooting a cable modem for a home user's network. The connection speeds are much lower than you expected. You suspect the coaxial cable between the wall jack and the cable modem is faulty. Based on your research, a coaxial cable used in data networks should have an impedance of 50 ohms. Which of the following tools should you use to measure the resistance of the coaxial cable?
multimeter a multimeter is a measuring instrument that can measure the voltage, resistance, and amperage of a cable or conduit. To test this cable, you should set the multimetre to resistance and conect one of the multimeters leads to each end of th ecoaxial cable to determine the resistance as measured in ohms. a cable tester is used to verify the electrical connections in a twisted pair or coaxial cable a cable certifier is used to test the continuity of a cable and verify that a cable meets its specifications such as the bandwidth, frequency, and length a spectrum analyzer is used to measure the magnitude of a input signal's frequency
Tamera is troubleshooting a mail server connectivity issue and needs to review the MX records for DionTraining.com. Which of the following tools should she utilize?
nslookup The nslookup command is used to query the domain name system to obtain information about host addrsses, mail exchanges, nameservers, and related information. the nslookup command has an interactive and non interactive mode. Arp command is used to view and modify the local address resolution protocol cache of a device which contains recently resolved mAC addresses of IP hosts on the netwrok. the route command isused to create, view, or modify manual entries in the network routing tables of a computer or server. the telnet command is used to open a command line interface on a remote computer or server. telnet operates in plain textmode and should never e used over an untrusted or public network.
A network technician needs to monitor the network to find a user who is browsing websites that go against the company's acceptable use policy. What should the technician use to view the website and find the user browsing it?
packet sniffer packet sniffers can capture and analyze network user traffic. this information can be queried to view website addresses, content, and sometimes even password information. this differs from intrusion dtection system in that the ids waits to receive implicitly malicious data in a network before logging the event.
You are currently troubleshooting a network connection error. When you ping the default gateway, you receive no reply. You checked the default gateway, and it is functioning properly, but the gateway cannot connect to any of the workstations on the network. Which of the following layers could be causing this issue?
physical ping requests occur at network layer 3, therefore the problem could exist in physical layer 1, data link layer 2, or network layer 3. since physical layer 1 is the only chaice given from the layers, it must be the answer. since the gateway cannot reach any of the other devices on the network, it is most likely a cable issue between the gateway and the network switch
You are currently troubleshooting a workstation in the office and determined that it is an issue with the cabling somewhere between the workstation and the switch. You have tested the patch cable from the workstation to the wall jack and it is not faulty. You want to check the port on the switch next. Which of the following would BEST help you identify which switch port is associated with the workstation's wall jack?
proper labelling you should always use proper labeling of your cables, wall jacks, and patch panels to make it easy to locate which switchport is associated with each portion of the cable distribution plant. ensuring everything is properly labeled will help when you need to troublshoot a network connection in your interior cable distribution plant. a standard procedure is a set of step by step instructions compiled by an organization to help workers carry out routine operations a baseline is a process for studying the network at regular intervals to ensure that the network is working as designed. inventory management refers to the process of ordering, storing, and using a company's inventory.
When you arrived at work today, you saw a message on your computer screen stating that your hard drive has been encrypted and you must pay 1 ETH to get the decryption key. What type of attack has occurred against your workstation?
ransomware ransomeware is a type of malwarefrom cryptovirology that threatens to publish the victim's personal data or perpetually block access to it unless a ransom is paid. malware is any software intentionally designed to cause damage to computer, server, client, or computer network. by contrast, software that causes unintentional harm due to some deficiency is typically described as a software bug. malware includes viruses, worms, logic bombs, and many other malicious types of code. phishing is a type of social engineering where an attackers ends a fraudulent email designed to trick a human victim into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware. a brute force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly.
Max is a network technician who just terminated the ends on a new copper cable used between two legacy switches. When he connects the two switches using the cable, they fail to establish a connection. What is MOST likely the issue?`
the cable is a straight through cable there are two types of cables, straight through and crossover. in this instance, a crossover cable would be needed to be used to communicate with legacy switches since they wont support MDIx. Medium dependent interface crossover is a version of the medium dependent interface enabling a connection between corresponding devices, such as a switch to another swithc. fi the switch doesnt MDIX, then you must use a crossover cable to connect them bend radius cannot be the correct answer to this question since copper cables are being used and not fiber cables. bend radius is a concern when using fiber cables as it leads to increase reflections and a decrease in signal strength. an RJ11 connector only has 6 pins and is smaller than a rj45 connector. the technician would visually be able to see the difference as the RJ 11 connector would not fit properly in the switchports.
Which type of antenna broadcasts an RF signal in a specific direction with a narrow path?
unidirectional directional antennas broadcast radio frequencies in a single direction (unidirectional) or two directions (bidrectional) to create a zone or area of coverage. unidirectional antennas focus on the broadcast signal in a signal direction insead of all directions, focusing the transmission and making the signal stronger. a specific type of unidrectional antenna is known as a Yagi antenna. omni directiona antennas broadcast radio freqeuncies in all directions creating a large sphere of coverage. the antenna has the capability to send and receive signals in a circumfrence around the antenna a patch antenn is a type of antenna with a low profile that can be mounted on a surface. a patch antenna can be omnidirectional, bidrectional, or unidirectional, therefore it is not the best answer to this question and unidirectional should be chosen instead
