net+ practice 3

Your company's corporate headquarters provided your branch office a portion of their Class C subnet to use at a new office location. You must allocate the minimum number of addresses using CIDR notation in order to accommodate each department's needs. What is the correct CIDR notation for the Human Resources (HR) department's subnet, which requires 25 devices?

/27 since the HR department needs 25 devices plus a network ID and a broadcast IP, it will require 27 IP addresses. the smallest subnet that can fit 27 is /27 (32 addreses). a /27 will borrow 3 host bits and assign those to the network portion of the subnet mask. this would create a subnet with 2^5 available host IP addresses, or 32 total IP addresses. of the 32 ip addresses, there are 30 available for clients to use, one for the network ID and one for the broadcast ID.

You are configuring a point-to-point link and want to ensure it is configured for the most efficient use of your limited pool of available public IP addresses. Which of the following subnet masks would be BEST to use in this scenario?

/30 the most efficient subnet mask for a ptp link is actually a /31 subnet which only provides 2 addresses. this will only work if both routers use a newer routing protocol like OSPF, IS-IS, EIGRP, or RIPv2. the most widely accepted and used method is to use a /30 subnet conssiting of 4 IP addresses. the first is the network IP the last is the broadcast, and the other 2 IP's can be assigned to the routers on either end of the point-to-point network. /30 and /31 can be used for point to point networks

Your co-worker has just installed an unmanaged 24-port switch. He is concerned with the amount of broadcast traffic that may exist when using this device. How many broadcast domains are created when using this single 24-port switch?

1 a switch only has 1 broadcast domain. routers and VLANs split up broadcast domains since this is an unmanaged switch, it will only have a single broadcast domain, but it will have 24 collision domains. If this was a managed layer 3 switch, it could provide routing functions and break apart the broadcast domains. Since this was an unmanaged switch, there must be only 1 broadcast domain on this switch.

Your office is located in a small office park, and you are installing a new wireless network access point for your employees. The companies in the adjacent offices are using Wireless B/G/N routers in the 2.4 GHz spectrum. Your security system uses the 5 GHz spectrum, so you have purchased a 2.4 GHz wireless access point to ensure you don't cause interference with the security system. To maximize the distance between channels, which set of channels should you configure for use on your access points?

1,6,11 Wireless access points should always be configured with channels 1/6/11 to maximize the distance between channels and prevent overlaps.

A network technician must replace a faulty network interface card on Dion Training's web server. The server currently uses a multimode fiber optic cable to connect to a switchport on a fiber-optic network switch. Which of the following types of NICs should the technician install on the server?

10GBase-SR 10GBase-SR is a 10 gigabit ethernet LAN standard for use with multimode fiber optic cables using short wavelength signaling. 1000Base-T is a standard for gigabit ethernet over copper wiring. 1000Base-FX and 1000Base-LR are standard for gigabit ethernet over single mode fiber optic cabling. For the exam, remember the memory aid, "S is not single" which means that if the naming convention contains base S as a part of its name then it uses a multimode fiber optic cable..

What port number does POP3 utilize?

110

What is the broadcast address associated with the host located at 172.16.200.130/26?

172.16.200.191 in classless subnets using variable length subnet mask, the broadcast address is the last IP address associated within an assigned range. in this example, the CIDR notation is /26 so each subnet will contan 64 IP addrseses. since the IP address provided is .130 the broadcast domain is 191.

What is the broadcast address associated with the host located at 192.168.0.123/29?

192.168.127 in classless subnets using variable length subnet mask, the broadcast address is the last IP address associated within an assigned range. In this example, the CIDR notation is /29 so each subnet will contain 8 IP addresses. Since the IP address provided is 192.168.0.123, the broadcast address will be 192.168.0.127

Which cellular technology utilizes new frequency bands to reach proposed speeds of up to 70 Gbps?

5G 5g is a cellular technology that is made up of three different types: low, mid and high band mmwave technology low band reaches an average speed of 55 up to 150 mid band reaches averaage 150 up to 1.5 high band reaches an average speed up to gbps with a theoretical speed up to 70. 4g is made up of LTE and LTA-A. Long term evolution is a packet data communications specification providing an upgrade path for both GSM and CMDA. LTE is average 20 up to 150 LTE-A has a average speed of 40 up to 300

Which of the following levels would an information condition generate?

6

What port number does LDAPS utilize?

636 the lightweight directory access protocol secure sues port 636 and is an open vendor neutral industry standard application protocol for accessing and maintaining distributed directory information servies over an internet protocol netwrok that is encrypted with an SSL connection the LDAP uses port 389 and is not secured. SQL uses port 1433 and is a microsoft database compatible with SQL

Which type of wireless network utilizes the 2.4 GHz frequency band and reaches up to 11 Mbps speeds?

802.11b the B standard uses a 2.4 frequency o provide speeds up to 11mbps.

Which type of wireless network utilizes the 2.4 GHz or 5 GHz frequency bands and reaches speeds of 108 Mbps to 600 Mbps?

802.11n the n standard utilizes a 2.4 frequency to provide wireles networking speeds up to 108 Mbps or a 5.0 GHz frequency to provide wireless networking at speeds up to 600. N supporst the use of MIMO technology to use multiple antennas to transmit and receive data at higher speeds. N supports channel bonding by combinging two 20 MHz channels into a single 40 MHz channel to provide additional bandwidth the A standard utilizes a 5 frequency to provide wireless networking at speeds up to 54. the B standard utilizes a 2.4 frequency to provide wireless networking at speeds up to 11 mpb the G standard utilizes a 2.4 frequency to provide wireless networking speeds up to 54 ac utilizes 5 ghz to provide wireless networking at the theroretical speeds up to 3.5 gbps. AC uses channel bonding to create a single channel up to 160 MHz to provide additional bandwidth. AC uses MUMIMO technology to use multiple antennas to transmit and receive data at higher speeds

What access control model will a network switch utilize if it requires multilayer switches to use authentication via RADIUS/TACACS+

802.1X if you are using radius and tacacs with the switch, you need to use x for the protocol. The x standard is a network authentication protocol that opens ports for network access to the network. this defines port security. the user's identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server.

You are setting up uplink ports for multiple switches to communicate with one another. All of the VLANs should communicate from the designated server switch. Which of the following should be set on the trunk ports if VLAN 1 is not the management VLAN?

802.1q The IEEE 802.11Q standard is used to define VLAN tagging for ethernet frames and the accompanying procedures to be used by bridges and swtiches in handling such frames. Traffic should be properly tagged when combined over a single trunk port to ensure they are not sent to the wrong VLAN by mistake if VLAN tagging is not enabled, all of the VLAN traffic will be sent to the native or default VLAN, VLAN 1. by default VLAN 1 is enabled and all unused ports are assigned to it. q is vlan tagging for ethernet frames d is stp af is poe x is authentication

A company needs to implement stronger authentication by adding an authentication factor to its wireless system. The wireless system only supports WPA with pre-shared keys, but the back-end authentication system supports EAP and TTLS. What should the network administrator implement?

802.1x using PAP the admin can utilize x using EAP-TTLS with PAP for authentication since the backend system supports it. Password authentication protocol is a password based athentication protocol used by point to point protocol to validate users mac address filtering does not filter based on IP addresses but instead it filters based on the hardware address of a network interface card wpa2 is a secure method of wireless encrpytion that relies on the use of preshared or the 802.1x protocol. it states that the system only supports wpa so 2 cant be used PKI with user authentication would be extremely secure but it is only used with EAP TLS on TTLS. TTLS only works with credential based authentication like a username and password.

Due to numerous network misconfiguration issues in the past, Dion Training adopted a policy that requires a second technician to verify any configuration changes before they are applied to a network device. When the technician inspects a newly proposed configuration change from a coworker, she determines that it would improperly configure the AS number on the device. Which of the following issues could have resulted from this configuration change if it was applied?

BGP routing issues would have occurred border gateway protocol is used to route data between autonomous systems. a collection of networks within the same administrative domain is called an autonomous system. the routers within an autonomous system to use an interior gateway protocol, such as the routing information protocol, or the open shortest path first protcol exchange routing information among themselves. autonomous systems operate at layer 3 and are focused on wired networks. therefore the frequency mismatch decreased wireless coverage areas, and spanning tree ports would not be affected by the improper configuration of an autonomous system number on a device

Which of the following errors would be received if raw data is accidentally changed as it transits the network?

CRC error cyclic redundancy checksum is an error detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data as it transits on the network. the crc number in the interface statistics is the number of packets that were received that failed the cyclic redundancy checksum or CRC upon receipt. if the checksum generated by the sender doees not match the one calculated by this interface upon receipt, a crc error is counted and the packet is rejected.

You are working as a network technician running new unshielded twisted pair cables from the intermediate distribution frame to the individual offices on the same floor. The cable comes in 1000 foot spools. You just cut the cable off of the spool and need to prepare it for connection to the backside of the patch panel. Which of the following tools should you use to remove the outer insulation on the UTP cable?

Cable stripper a cable stripper is a hand held tool that is used to remove the insulation or otuer sheath from copper cables such as UTP, STP, or coaxial cables. a cable snip or cable cutter is used to cut copper cables into shorter legnths from a longer spool of wound cable a cable crimper is used to join the internal wires of a twisted pair cable with metallic pins houses inside a plastic connector such as an RJ45 connector. a punch down tool is used to insert wires into insulation displacement connectors on patch panels, keystone modules, or punchdown blocks

Which of the following security features should be enabled to configure a quality of service filter to manage the traffic flow of a Cisco router or switch and protect it against a denial-of-service attack?

Control Plane Policing the CPP feature allwos users to configure a quality of service filter that manages the traffic flow of control plane packets to protect the control plane of cisco IOS routers and switches against recon and DOS attacks. this helps protect the control plane while maintaining packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch.

you discovered there is an unauthorized service running on the host. Which of the following ACL entries should be implemented to prevent further access to the unauthorized service while maintaining full access to the approved services running on this host?

DENY TCP ANY HOST 71.168.10.45 EQ 3389 since the question asks you to prevent unauthorized service access, we need to block port 3389 from accepting connections on 71.168.10.45 (the host). this option will deny ANY workstation from connecting to this machine, over the remote desktop protocol service that is unauthorized.

Which of the following cloud services should an organization choose in order to deliver virtual desktops to end-users over the Internet on a per-user license basis?

DaaS desktop as a service is a cloud computing offering where a service provider delviers virtual desktops to end users over the internet. licensed with a per user subscription. DaaS is often combined with virtual desktop infrastructure platform s a service is a complete development and deployment environment in the cloud with resources that enable you to deliver everything from simple cloud ased apps to sophisticated cloud enabled enterprise applications Infrastructure as a service is a type of cloud computing service that offers essential compute, storage, and networking resources on demand, on a pay as you go bsis software as a service allows users to connect to and use cloud based apps over the internet. common examples are email, calendaring, and office tools such as microsoft office. SaaS provides a compltee software solution that you purchase on a pay as you go basis from a cloud service provider.

Which of the following describes the process of layer protective measures in the network to protect valuable data and information?

Defense in depth its an approach to cybersec in which a series of defensive mechanisms are lyered in order to protect valuable data and information.

The physical security manager has asked you to assist with the risk assessment of some proposed new security measures. The manager is concerned that during a power outage, the server room might be targeted for attack. Luckily, they have many different protection measures in place to keep intruders out of the server room. During a power outage, which of the following security controls would still be usable?

Door locks

A network technician needs to connect two switches. The technician needs a link between them that is capable of handling 10 Gbps of throughput. Which of the following media would BEST meet this requirement?

Fiber Optic Cable to achieve 10gbps, you should use cat 6a,7,8, or a fiber optic cable

Dion Training is concerned about an attacker gaining access to their network and gaining access to their confidential financial data. What could be implemented to attempt to redirect an attacker to a different server that doesn't contain any real financial data?

Honeypot A honeypot is a computer security mechanism set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally a honeypot consists of data that appears to be a legitimate part of the site but is actually isolated and monitored and seems to contain information or a resource of value to attackers, who are then tricked into spending their time attacking the honeypot instead of your real servers.

Which network device can detect and alert on threats facing the network by using signatures, but cannot automatically react to the threats detected?

IDS an intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations. an ids can detect a threat but not react.

Dion Training believes there may be a rogue device connected to their network. They have asked you to identify every host, server, and router currently connected to the network. Which of the following tools would allow you to identify which devices are currently connected to the network?

IP scanner an IP scanner is used to monitor a network's IP address space in real time and identify any devices connected to the network. Essentially, the tool will send a ping to every IP on the network the n create a report of which ip addresses sent a response.

Which of the following utilizes a well-written set of carefully developed and tested scripts to orchestrate runbooks and generate consistent server builds across an enterprise?

Infrastructure as Code (IAC) infrastructure as code is designed with the idea that a well coded description of the server/network operating environment will produce consistent results across an enterprise and significantly reduce IT overhead through automation while precluding the existence o security vulnerabilities. SDN uses software to define networking boundaries but does not necessarily handle server architecture in the same way that IaC can. IaaS is a computing method that uses the cloud to provide any or all infra needs

Edward's bank recently suffered an attack where an employee made an unauthorized modification to a customer's bank balance. Which tenet of cybersecurity was violated by this employee's actions?

Integrity

Dion Training uses a VoIP conferencing solution to conduct its weekly staff meetings. When Jason is talking, some of the employees say it sounds like he is speeding up and slowing down randomly. Tamera is sitting in the office with Jason, and she says Jason is speaking at the same rate the entire time. Which of the following network performance metrics would be most useful in determining why the VoIP service is not presenting a consistent pace when delivering Jason's voice over the network?

Jitter a network condition that occurs when a time delay in the sending of data packets over a network connection occurs.

A network administrator wants to increase the speed and fault tolerance of a connection between two network switches. To achieve this, which protocol should the administrator use?

LACP the link aggregation control protocol provides a method to control the bonding of several physical ports to form a single logical channel. The LACP is defined in the 802.3AD standard. the Link layer discovery protocol (LLDP) is a vendor neutral link layer protocol used by network devices for advertising their identtiy, capabilities, and neighbors on an IEEE 802 local area network, principally wired Ethernet. The layer 2 tunneling protocol (L2TP) is a tunneling protocol used to support virtual private networks or as part of the delivery of services by ISPs. the lightweight directory access protocol is an open vendor neutral industry standard application protocol for acessing and maintaining distributed directory information services over an internet protocol network.

Which of the following network performance metrics is used to represent the round-trip time it takes for a packet to be sent by a device to a server and then a response received from that destination server?

Latency Latency is the measure of time that it takes for data to reach its destination across a network. we measure network latency as the round trip time from a workstation to the distant end and back. bandwidth is the maximum rate of data transfer across a given network. Now, bandwidth is more of a theoretical concept that measures how much data could be transferred from a source to a destination under ideal conditions Throughput is an actual measure of how much data is successfully transferred from the source to a destination. therefore we often measure throughput instead of bandwidth to monitor our network performance.

The fiber-optic connection between two of the Dion Training offices was broken. A network technician used a fusion splicer to repair the cable, but now the connection is experiencing reduce transmission efficiency, slower connection speed, and intermittent downtime. Which of the following is the MOST likely reason for these issues?

Low optical link budget An optical link budget is a calculation that considers all the anticipated losses along the length of a fiber optic connection. Signal loss across a fiber optic cable occurs naturally due to the distance of the cable, as well as from losses due to multiplexing, bends in the cable, imperfect connections, patches, or splices along the fiber optic cable. If the circuit is disgned with a low optical link buddget and subsequently needs to be repaired or spliced, it would create a fiber connection that becomes too weak to pass the light across the entire fiber optic cable asymmetric routing is when network packets leave via one path and return via a different path. a missing route occurs when the dynamic or static routes in a router do not contain a route needed for specific traffic being routed. a switching loop or bridge loop occurs in computer networks when there are more than one layer 2 paths between two endpoints. In this scenario none of the routing or switching was changed due to the broken cable, therefore the issue is not a missing route, switching loop, or asymmetrical routing.

You have been asked to troubleshoot a router which uses label-switching and label-edge routers to forward traffic. Which of the following types of protocols should you be familiar with to troubleshoot this device?

MPLS multi protocol label switching is a mechanism used within computer network infrastructures to speed up the time it takes a data packet to flow from one node to another. the label based switching mechanism enables the network packets to flow on any protocol. BGP is border gateway protocol and it refers to a gateway protocol that enables the internet to exchange routing information between autonomous systems OSPF is a link state routing protocol that was developed for IP networks and is based on the shortes path first algorithm.

Which parameter must be adjusted to enable a jumbo frame on a network device?

MTU a jumbo frame is an ethernet frame with a payload greater than the standard maximum transmission unit (MTU) of 1500 bytes. jumbo ferames are used on a local area network that support at least 1gbps and can be as large as 9000 bytes. by adjusting the MTU on a given network devices interface, you ccan enable or prevent jumbo frames from being used on the network

Which of the following WAN technologies would MOST likely be used to connect several remote branches that have no fiber, microwave, or satellite connections available?

POTS plain old telephone system its connected to almost every ffacility in the US. DSL and dial up services can be received over POTS OC3 is a type of fiber connection WiMAX is a type of microwave connection starlink is a type of satelite connection

You are working as a network technician and need to create several Cat 5e network cables to run between different computers and the network jacks on the wall. The connections between the switch, the patch panel, and the wall jacks have already been installed and tested. Which of the following tools would NOT be necessary to complete this task?

Punchdown Tool a punchdown tool is used to connect a network cable to a patch panel, 110 block, or the inside portion of a wall jack, therefore it is not needed for this task a wirestripper is used to remove the outer plastic shielding from the cat 5e cable so that you can reah the inner wiring pairs. The cable tester is used to verfiy the electrical connections in a twisted pair or coaxial cable a cable crimper is used to join the internal wires of a twisted pair cable with metallic pins houses inside a plastic connector, such as an RJ-45 connector.

A company is installing several APs for a new wireless system that requires users to authenticate to the domain. The network technician would like to authenticate to a central point. What solution would be BEST to achieve this?

RADIUS a remote authentication dial in user service (RADIUS) server provides AAA management for users connecting to a wired or wireless netowrk, which includes the ability to authenticate users. Link aggregation control protocol is an open standard of ethernet link agregation a proxy server is a server application that acts as an intermediary between client and server

Your mother says there is something wrong with her computer, but unfortunately, she doesn't know how to fix it. She asks if you can remotely connect to her computer and see if you can fix it. Which of the following technologies would BEST allow you to remotely access her computer and interact with her Windows 10 laptop?

RDP its a microsoft protocol designed to facilitate application data transfer securityy and encryption between client user devices and a virtual network server. it enables a remote user to add a graphical interface to the desktop of another computer.

An administrator notices an unused cable behind a cabinet that is terminated with a DB-9 connector. What protocol is likely to be used with this cable?

RS-232 RS-232 is a standard for serial communication transmission of data. it formally defines the signals connecting a data terminal equipment such as a computer terminal and a DCE. a DB-9 connector is often found on a rollover or console cable and is used to connect a router to a laptop using the rs-232 serial transmsision protocol.

A network architect is designing a highly redundant network with a distance vector routing protocol to prevent routing loops. The architect wants to configure the routers to advertise failed routes with the addition of an infinite metric. What should the architect configure to achieve this?

Route Poisoning route poisoning is a method to prevent a router from sending packets through a route that has become invalid within computer networks. This is achieved by changing the route's metric to a value that exceeds the maximum allowable hop count so that the route is advertised as unreachable.

You have configured your network into multiple segments by creating multiple broadcast domains. Which of the following devices should you use to allow the different network segments to communicate with each other?

Router a router is used to allow different network segments and broadcast domains to communicate with eachother. if you have a layer 3 switch this would also function as a router and allow communication to occur. since the question did not specify if the switch was 2 or 3, we must assume it was a traditional layer 2 whichcannot route traffic from one domain to antohre. a bridge is a layer 2 device and cannot connect multiple broadcast domains hub is a layer 1 device and cannot connect different collision or broadcast domains together

What is an example of a signaling protocol used to initiate, maintain, and terminate a real-time VoIP session?

SIP Session Initiation Protocol is a signaling protocol for initiating, maintaining, and terminating real time sessions that include voice, video, etc. SIP uses port 5060 and 5061. Virtual router redundancy protocol (VRRP) is a protocol used for the automatic assignment of available internet protocol routers to participating hosts in order to increase the availability and reliability of routing paths via automatic default gateway selections. it uses port 112

Which of the following types of agreements is used to document the commitment between a provider and client in terms of quality and availability?

SLA a service level agreement is a documented commitment between a service provider and a client, where the quality, availability, and responsibilities are agreed upon by both parties. a non disclosure agreement is a documented agreement between two parties that define what data is considered confidential and cannot be shared outside of that relationship. an NDA is used to protect an organization's intellectual property an acceptable use policy is a set of rules applied by the owner, creator, or admin of a network, website, or service, that restricts how the netwrok, website, or system may be used and sets guidelines as to how it should be used. a memorandum of understanding is a non binding agreement between two or more organizations to detail what common actions they intend to take

A technician is concerned about security and is asked to set up a network management protocol. Which network management protocol will provide the best security?

SNMPv3 simple network management protocol (SNMP) is an internet standard protocol for collecting and organizing information about a managed devices on IP networks and for modifying that information to change device behavior. Three significant versions of SNMP have been created, with v3 being the most secure. the serial line internet protocol is an encapsulation of the internet protocol designated to work over serial ports and router connections. Temporal key integrity protocol (TKIP) is used as a method of encryption with 802.11 networks that rely on WPA. SLIP and TKIP are not considered management protocols

A coworker is sitting next to you while you log into your workstation. They carefully glance over at your keyboard as you are entering your password without you noticing. What type of social engineering attack are they conducting?

Shoulder Surfing

Which of the following network devices is used to separate collision domains?

Switch a switch is a networking hardware that connects devices on a computer network by using packet switching to receive and forward data to the destination device. a switch opeates at the data link layer and makes the switching devisions based upon MAC addresses. each switchport on a switch is a separate collision domain, but all switchports are in a common broadcast domain a hub is a network hardware device for connecting multiple ethernet devices together and making them act as a single network segment a hub operates at the physical layer. all devices connected by a hub are in a single collision domain and a single broadcast domain, therefore they must use half duplex for communication and CSMA/CD a wireless access point is a networking dvice that allows other wifi devices to connect to a wired network. a wireless access point operates at the physical layer of the OSI model to extend the wired netwrok into the wireless domain. a repeater is a netowrking device that receives a signal and then rebroadcasts it to extend the distance covered by a network. a repeater cn operate s a wired or wireless repeater

A network administrator wants to separate web servers on the network logically. Which of the following network device will need to be configured?

Switch logical separation of network devices are accomplished using VLAN's which are configured on the network switches.

You are conducting an intensive vulnerability scan to detect which ports might be open to exploitation. During the scan, one of the network services becomes disabled and impacts the production server. Which of the following sources of information would provide you with the most relevant information for you to use in determining which network service was interrupted and why?

Syslog the syslog server is a centralized log managemet solution. by looking through the Syslog server logs, the technician could determine which service failed on which server since all the logs are retained on the syslog server from all of the network devices and servers. network mapping is conducting using active and passive scanning techniques and could determine which server was offline but not waht caused the interuption firewall logs would only help determine why the network connectivity between a host and destination may have been disrupted a network intrustion detection system is used to detect hacking activities, DDOS, and port scans on a computer network. it is unliekyl to provide the details needed to identify why the network service was interrupted

Company policies require that all network infrastructure devices send system-level information to a centralized server. Which of the following should be implemented to ensure the network administrator can review device error information from one central location?

Syslog server System Logging Protocol uses port 514 and is a way network devices can use a standard message format to communicate with a logging server. it was designed specifically to make it easier to monitor network devices. devices can use a syslog agent to send out notification messages under a wide range of specific conditions

Which of the following is a connection-oriented protocol?

TCP a connection oriented protocol is a form of data transmission in which data is transmitted and confirmed that it is received by the receiver. If it isn't received, the data is retransmitted. Examples of connection-oriented protocols include TCP, SSH, and SSL. a connectionless protocol is a form of data transmission in which data is transmitted automatically without determining whether the receiver is ready or even whether a receiver exists. ICMP, UDP, IP, and IPX arewell known examples of connectionless protocols

You are working as a network technician and have been asked to troubleshoot an issue with a workstation. You have just established a theory of probable cause. Which of the following steps of the CompTIA troubleshooting methodology should you perform NEXT?

Test the theory to determine the cause

You have been dispatched to investigate some sporadic network outages. After looking at the event logs for the network equipment, you found that the network equipment has been restarting at the same time every day. What should you implement to correct this issue?

UPS an uninterruptible power supply is a battery system that can provide short term power to electrical units. since all devices are restarting simultaneously, it is likely due to a power outage. in this case a UPS would continue to supply power to the network equipment during power failures or under voltage events

An attacker is using double tagging to conduct a network exploit against your enterprise network. Which of the following types of attacks is being conducted?

VLAN hopping vlan hopping is an attack where the attacker is able to send traffic from one VLAN into another by either double tagging the traffic or conducting switch spoofing. ARP spoofing is a type of attack in which a malicious actor sends falsified ARP messages over a local area network. This results in the linking of an attacker's MAC address with the IP address of a legitimate computer, server, or gateway on the network. DNS spoofing or DNS poisoning is an attack that corrupts the Domain Name System data in the DNS resolvers cache and causes the name server to return an incorrect result record, such as an attacker's IP address instead of the IP of the legitimate server. a rogue DHCP server is a dhcp server set up on a network by an attacker or by an unaware user nad is not under the control of network admins. Rogue DHCP servers are also commonly used by attackers for the purpose of network attacks such as an on path or man in the middle attack.

Which of the following open-source remote access tools allows users to connect to their desktop remotely, see what is on their screen, and control it with their mouse and keyboard?

VNC virtual network computing is a remote access tool and protocol. it is used for screensharing on Linux and MacOS.

You just bought a new wireless access point and connected it to your home network. What type of network have you created?

WLAN a wireless locan area network connects computers within a small and specific area geographically using wifi. since your wireless access point is simply extending your local area network to the wireless domain, it is still a local area network but is now called a wireless local area network.

A workstation is unable to connect to a file server on a 100BASE-TX network. The technician begins to troubleshoot the issue and has gathered the following information: 1) Workstation01 has an IP address of 10.0.1.25/25 2) Workstation01 can ping the default gateway (RouterA, Ethernet0/0) using its IP address 10.0.1.1/25 3) The file server (DIONTRAININGFS01) has an IP address of 10.0.1.145/25 4) Workstation01 cannot ping the IP address assigned to DIONTRAININGFS01 5) Workstation02 with an IP address of 10.0.1.200/25 can successfully ping DIONTRAININGFS01 When Workstation01 attempted to ping DIONTRAININGFS01, it received a "destination host unreachable" error message. Which of the following is the MOST likely explanation for the connectivity issue between Workstation01 and DIONTRAININGFS01?

Workstation 01 and DIONTRAININGFS01 are on different subnets since the IPs listed are all using /25 for their CIDR notation, you should be able to determine that they are on two separate subnets. this indicates that workstation2 and fs1 are on different subnets. This can be solved by adding a route in RouterA to pass traffic between the two subnets. Since the network is a 100BASE-TX network, it cannot be a wavelength mismatch because 100BASE-TX networks use copper media and not fiber media for data transmission.

A new network administrator is hired to replace a consultant who ran the network for several months and whose contract was just canceled. After a month of working on the network, the new network administrator realized some network issues and configuration changes in the server settings. The log files on the servers do not contain any error messages related to the issues or changes. What could be the problem?

a backdoor has been installed to grant someone access to the network a hacker or the previous admin left a piece of software or an SSH protocol to allow themselves access to the network and change the server settings. The consultant may be disgruntled that their contract was canceled and that the new network admin was hired t oreplace them. The last ACL on the firewall should be set to DENY ANY ANY as this is a form of implicit deny and considered a best practice in network security a brute force password attack uses trial and error to gues login info encryption keys or find a hidden web page tacacs and radius misconfigurations would lead to authentication issues, not to log erasures.

A technician needs to limit the amount of broadcast traffic on a network and allow different segments to communicate. Which of the following should the technician install to satisfy this requirement?

add a multilayer switch and create a VLAN by adding a multilayer (layer 3) switch, the tech can improve network routing performance and reduce broadcast traffic. Creating a vlan provides LAN segmentation, as well, within the network and the multilayer switch can conduct the routing between VLANs as needed. Just adding a single router would only create two broadcast domains, but adding the multilayer switch and configuring VLANs would allow you to add as many broadcast domains as you need. Each VLAN is its own broadcasst domain a bridge is a layer 2 device and it doesnt break apart broadcast domains a firewall isnt designated to break apart domains, this is a job for a router or a layer 3 switch

A network administrator has set up a firewall and set up only three allow rules so that traffic can be sent over ports 21, 110, and 25. Next, they added a final rule of "deny any any" to the end of the ACL to minimize the attack surface and better secure the network. Unfortunately, now the administrator is receiving complaints from users that they cannot access any web pages using their URLs, such as DionTraining.com. Which of the following should the administrator do to correct this issue?

add a rule to the ACL to allow traffic on ports 80 and 53 the HTTP protocol uses port 80 and is an application layer protocol for distributed, collaborative, hypermedia information systems using unencrypted data transfer. the Domain Name System uses port 53 and is a hierarchical and decentralized naming system for computers, services, or other resources connected to the internet or a private network. if the outbound port 80 is not open, then users will not be able to connect to a remote web server. if 53 is not open, users will be unable to conduct a DNS name resolution and determine the IP address of the given web server based on its domain name.

You are working at the service desk as a network security technician and just received the following email from an end-user who believes a spear phishing campaign is being attempted against them:What should you do to prevent any other employees from accessing the link in the email above while still allowing them access to any other web pages at the domain freesmartphone.io?

add http://www.freesmartphone.io:8080/claim.php to the browser's group policy blocklist there are two ways to approach this question. first you can consider which is the right answer. by adding the full URL of the phishing link to the browser's group policy blocklist, the specific webpage will be blocked from being accessed by the employees while allowing the rest of the domain to be accessible. now why not just block the entire domain? Maybe the rest of the domain isnt suspect but just this one page is. there maybe someone using a legitimate site like github to host their phishing campaign. you only want to block their portion of github the second approach to answering this question would be to rule out the incorrect answers. if you used DENY TCP to the firewall ACL answer, you would block all access to the domain, blocking legitimate traffic as well as possible malicious activity if you used the DENY IP ANY ANY to filter traffic at the IPS, you would block any IP traffic to ANY website over port 8080. if you added the link to the load balancer, this would not block it either, there fore, we are only left with the correct answer of using a group policy in this case.

What happens when convergence on a routed network occurs?

all routers learn the route to all connected networks routers exchange routing topology information with eachother by using a routing protocol. when all roters have exchanged routing information with all other routers witin a network, the routers have converged. in other words, all routers agree on what the network topology looks like

Eduardo, a network technician, needs to protect IP-based servers in the network DMZ from an intruder trying to discover them. What should the network technician do to protect the DMZ from ping sweeps?

block all ICMP traffic to and from the DMZ a ping sweep is a basic network scanning technique used to determine which of a range of IP addresses map to live hosts (computers). a ping sweep occurs when a ICMP echo request message is sent to each target in a network and then waits for the ICMP echo replies to report if the target was available or not. to disable ping sweeps on a network, admins can block ICMP echo request from outside sources or block any outbound ICMP echo replies from being transmitted from their network. if you only blocked inbound echo replies to the DMZ it would still allow an attacker to send an inbound echo request and the servers t osend an outbound echo reply which would not stop the ping sweep.

Which of the following network devices is used to separate collision domains?

bridge a bridge is a networking hardware that forwards traffic between network segments at the data link layer of the OSI model using MAC addresses. each switchport on a bridge is on a separate collision domain, but all switchports are in a common broadcast domain. a hub is a network hardware device for connecting multiple ethernet devices together and making them act as a single network segment. it is a layer one device. all devices connected on a hub are in the same collision and broadcast domain. therefore they must run on half duplex for communication and CSMA

You are assisting the company with developing a new business continuity plan. What would be the BEST recommendation to add to the BCP?

build redundant links between core devices the business continuity plan focuses on the tasks carried out by an organization to ensure that critical business functions continue to operate during and after a disaster. by keeping redundant links between core devices, critical business services can be kept running if one link is unavailable during a disaster. This is the best choice to maintain a high availability network that can continue to operate during periods of business disruption

A user was moved from one cubicle in the office to a new one a few desks over. Now, they are reporting that their VoIP phone is randomly rebooting. When the network technician takes the VoIP phone and reconnects it in the old cubicle, it works without any issues. Which of the following is MOST likely the cause of the connectivity issue?

cable short since the scenario states the VoIP phone works properly from the old desk, it is properly configured and the hardware itself works. This indicates the problem must be caued by the new desk which contains a different network cable from the switch to the wall jack in the cubicle. This is most likely a bad cable such as one with a short in it. to verify this theory, one should use a cable tester to verify if the cable does have a short or not attenuation is a possible cause, it is unlikely becuase they didnt move too far from their original desk.

using the results provided was the cable properly crimped or not 3,6 SHORT

cable was not properly crimped cable certifiers can provide a pass or fail status following the industry standards and can also show detailed information such as open or short, or the length of the cable when a short is detected, bu the cable's full length is shown, this indicates the cable was incorrectly crimped. an open inidcates that the electrical signal is not reaching the other end of the cable a short indicates that the electrical signal is crossing two wires at the same time both of these are indications of an incorrectly crimped cable

A company is having a new T1 line installed. Which of the following does this connection MOST likely terminate?

demarcation point the telecom company usually terminates the circuits at the main distribution facility at the demarc point. a main distribution frame is a signal distribution frame for connecting equipemnt to cables and subscriber carrier equipment outside the plant an intermediate distribution frame is a distribution fram in a centeral office or customer premises which cross connects the user cable media to individual user line circuits and may serve as a distribution point for multipair cables from the main dstribution frame to individual cables connected to equipment in areas remote from these frames

You are creating a wireless link between two buildings in an office park utilizing the 802.11ac standard. The antenna chosen must have a small physical footprint and be lightweight as it will be mounted outside the building. Which type of antenna should you install?

directional patch antenna a patch antenna is a type of radio antenna wit ha low profile which can be mounted on a flat surface. a patch antenna is typically mounted to a wall or a mast and provides coverage in a limited angle pattern. patch antennas can be directional or omnidirectional. but a directional antenna should be used for a connection between two buildings within the line of sight with eachothre. a yagi or directional antenna could be used but if the distance is smaller than about 300 feet, a patch antenna would be enough. yagi is for long distances

A technician is called to investigate a connectivity issue to a remote office connected by a fiber optic cable. Using a light meter, it is determined that there is excessive dB loss. The installation has been working for several years. The switch was recently moved to the other side of the room and a new patch cable was installed. Which of the following is most likely the reason for the excessive dB loss?

dirty connectors when fiber optic connectors become dirty, signal loss can cause severe problems and performance issues. something as simple from a tehnician's hand can render a fiber connector dirty and cause a loss of signal. the technician will need to use an appropriate cleaning cloth to clean the dirty connectors and restore the service. Since the switch was only moved to the other side of the room, it is unlikely that it now exceeds the distance limitations for a fiber cable since those are measured in hundreds of meters the question does not mention that the cable was bent so its unlikely to be a bend radius limitation affecting the signal. Fiber optic cables use different wavemengths depending on the type of fiber optic cable used. its unlikely that the wrong patch cable was used as most organizations only implement a single type of fiber infrastructrue to minimize the number and types of cables needed to support them.

You are trying to connect to a router using SSH to check its configuration. Your attempts to connect to the device over SSH keep failing. You ask another technician to verify that SSH is properly configured, enabled on the router, and allows access from all subnets. She attempts to connect to the router over SSH from her workstation and confirms all the settings are correct. Which of the following steps might you have missed in setting up your SSH client preventing you from connecting to the router?

generate a new ssh key when configuring your ssh connection, you must ensure that a key is established between your client and th server. if you never set up an SSH key, you will need to generate a new key to get ssh to connect properly. since the other technician was able to connect on her machine, we can rule out a ssh server issue, so it must be an issue with your account or client. the only option that relates solely to your account or client is the possibility that a key was not properly generated for your client.

A college needs to provide wireless connectivity in a cafeteria with a minimal number of WAPs. What type of antenna will provide the BEST coverage?

high gain omnidirectional antenna

Dion Worldwide has created a network architecture that relies on two main data centers, one in the United States and one in Japan. Each satellite office in the United States and Canada will connect back to the American data center, while each satellite office in Asia will connect back to the Japanese data center. Both the American and Japanese data centers are interconnected, as well. Therefore, if a client in the Philippines wants to send a file to the office in Miami, it will go first to the Japanese datacenter, then route across to the American datacenter, and then to the Miami satellite office. Which of the following network topologies best describes the Dion Worldwide network?

hub and spoke hub and spoke topology is a network topology where a central device (the hub) is connected to other multiple devices (the spokes). a bus topology is a network topology in which nodes are directly connected to a common network media, such as a coaxial cable, known as a bus a star topology is a network topology where each individual piece of a netwrok is attached to a central node, such as a switch a ring topology is where each node connects exactly to two other nodes forming a ring

You are working for a brand new startup company who recently moved into an old office building because the CEO liked the "charm" of the place. You have been tasked with converting a small janitorial closet into an IDF to support the new office network. You measure the closet and determine that you can install a two-post rack inside of it, and all your necessary networking equipment will fit in the two-post rack. You test the power outlet installed in the closet, and it is sufficient for your needs. What is the NEXT thing you should be concerned with to ensure this closet can be used as your IDF?

is there adequate airflow and cooling in the closet since you are converting an old closet yo need to ensure you have 3 main things power space cooling

Which of the following layers within software-defined networking focuses on providing network administrators the ability to oversee network operations, monitor traffic conditions, and display the status of the network?

management plane the management plane is used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations the application layer focuses on the communication resource requests or information about a network the control layre uses the information from applications to decide how to route a data packet on the network and to make decisions about how the traffic should be prioritized, how it should be secured, adn where it should be forwareded to the infrastructure layer contains the physical networking devices that receive information from the control alyer about where to move the data and then perform those movements

The Chief Information Officer (CIO) in your company has been trying to convince the Chief Security Officer (CSO) that the company should move its data to a SaaS solution to save some money in the budget. The CSO is hesitant to move all of the company's data because she is concerned with the risk involved in moving the corporation's sensitive data to a SaaS solution. The CSO has been asked for a reason behind her fears. Which of the following might be her response?

migrating all of the data to a SaaS will result in a loss of full control over our data and resources migrating all corporate data to a SaaS solution will lose full control over the data and its protection. If the company intends to move sensitive data to a cloud based solution it should seek out a private cloud solution or a PaaS/IaaS solution instead since it will allow them to retain much mroe control over their data. there is no evidence that cloud solutions are more exposed than on premise solutions to malware and hackers. since the proposol is to mgirate information out of the internal network, this should not decrease perfomrance but instead increase it. since SaaS is proposed, there are no incompatibility issues sine SaaS solutions are almost always web based solutions and compatible with any web browser.

While monitoring the network, you notice that the network traffic to one of the servers is extremely high. Which of the following should you utilize to verify if this is a concern?

network baseline high network traffic can be a sign of a possible attack conducted either by an insider or someone out of the network to steal relevant information. by revieweing the baseline, you can determine if the traffic is actually high and if any configurations are out of the baseline ultimately causing the issue. by knowing what normal looks like, you can then more easily identify the abnormal. a bseline is a process for studying the network at regular intervals to ensure that the network is working as designed.

A company is implementing enhanced user authentication for system administrators accessing the company's confidential servers. They intend to use two-factor authentication to accomplish this. Which of these BEST represents two-factor authentication?

password and keyfob something you know and something you have

Jonah is conducting a physical penetration test against Dion Training. He walks up to the access control vestibule and tells an employee standing there. He says, "I forgot my access card on my desk when I left for lunch, would you mind swiping your badge for me so I can go to my desk and retrieve my access card?" What type of social engineering attack is Jonah attempting?

piggybacking piggybacking is a social engineering attempt by cyber threat actors in which they trick employees in hleping them gain unauthorized access into the company premises. the big difference between tailgaiting and piggybacking is permission. tailgating is when an unauthorized person physically follows an authorized person into a restricted area.

A company is setting up a brand new server room and would like to keep the cabling infrastructure out of sight but still accessible to the network administrators. Infrastructure cost is not an issue. Which of the following should be installed to meet the requirements?

raised floor Raised floors allow the ccabling to be placed under the floor, but still accessible to the network administrators. A conduit is a tube through which power or data cables pass. Conduits are usually metal or plastic pipes and it makes accessing the cables difficult when maintenance is going to be performed. cable trays are a mechanical support system that can support electrical cables used for power distribution, control, and communication. Cable trays can be installed on the ceiling or under the floor if you are using a raised floor system. If cable trays are installed in the ceiling, they can be difficult to reach and work on. Patch panels are useful in a cable distribution plant, but they will not allow the cables to be distributed throughout the entire work area. A patch panel is a piece of hardware with multiple ports that help organize a group

When installing a network cable with multiple strands, a network technician pulled the cable past a sharp edge. This resulted in the copper conductors on several of the wire strands being exposed. If these exposed conductors come into contact with each other, they can form an electrical connection. Which of the following conditions would result in this scenario?

short a short is an electrical term that is an abbreviatoin for a short circuit. a short generally means that an unintended connection between two points is allowing current to flow here it should not. in this scenario the short is caused by the damage cable in which two or more codnductors are connected.. this has caused the calbe to fail and will report as a short when using a cable tester. electrostatic discharge is the sudden flow of electricity between two electrically charged objects crosstalk is the coupling of voltage to an adjacent line through mutual coupling composed of mutual inductance, a coupling capaticance or both. crosstalk occurs within twisted pair cable when the pairs between untwisted or no shielding or insulation remains

Over the past week, your network users have reported that the network has been operating slowly. You have made some changes to the network to increase its speed and responsiveness, but your supervisor is requesting that you prove that the network is actually faster and doesn't just "feel" faster. Which of the following should you use to prove that the current configuration has improved the network's speed?

show the results of a new performance baseline assessment compare the results of the baseline before and after the changes were made.

Christina recently purchased a new Android smartphone and is going on a trip. At the airport, she found a public wireless network called "FreeAirportWiFi" and connects to it. She noticed a question mark (?) icon showing in the toolbar next to the Wi-Fi icon. Christina attempts to open a webpage but gets an error of "The page cannot be displayed." She begins to troubleshoot the device by verifying that the airplane mode is disabled, Bluetooth is enabled, and tethering is enabled. Next, Christina attempts to make a phone call, which works without any issues. Which of the following is MOST likely the issue with Christina's smartphone?

the smartphone is connected to the wifi but is not authenticated yet

What can be issued from the command line to find the layer 3 hops to a remote destination?

traceroute traceroute will determine every hop between the host and the destination using ICMP. traceroute is used for linux an dUNIX systems. Tracert is used for windows systems the command will issue a series of pings from the host to the destination incrementing the time to live by one each time. as each packet passes through a router or firewall, the TTL is decreased by 1.

A technician has installed an 802.11n network, and most users can see speeds of up to 300Mbps. A few of the users have an 802.11n network card but cannot get speeds higher than 108Mbps. What should the technician do to fix the issue?

upgrade the WLAN card driver N networks can support up to 600 Mbps with the netwrok card's proper software drivers. Without them, they can only achieve 108 Mbps since they cannot communicate with the increased data compression rates. Wireless network interface card drivers are software programs installed on your hard disk that allow your opeating systtem to communicate with you wireless and network adapters. WIreless and network driver problems usually occur due to missing, outdated, or corrupt drivers.

Students at Dion Training have been reporting extreme performance degradation across the network every Friday morning. Which of the following should the network technician review FIRST to identify the root cause of the network performance issues?

utilization the technician should first review the utilization on the network during the time period where network performance issues are being experienced. this will then be compared to the average performance of the network throughout the rest of the week. this could be compared against the baseline. Since the only issue is only occurring during a specific time period at a recurring interval (every friday morning) its likely that an over utilization issue is causing the decreased performance. the link status could be checked to ensure the link is up and operational but it is unlikely to determine the root casue fo the slower network performance being experienced. Reviewing the network utilization can help identify why the slowness is being experienced.

Ted, a file server administrator at Dion Training, has noticed that many sensitive files have been transferred from a corporate workstation to an IP address outside of the local area network. Ted looks up the IP address and determines that it is located in a foreign country. Ted contacts his company's security analyst, verifying that the workstation's anti-malware solution is up-to-date and the network's firewall is properly configured. What type of attack most likely occurred to allow the exfiltration of the files from the workstation?

zero day since the firewall is properly configured and the anti malware solution is up to date, this signifies that the zero day vulnerability may have been exploited.