Network +
Which subnet mask is commonly used in class A networks to make them the size of a class C network?
255.255.255.0
Which formulas can be used to calculate the magic number?
256 - the intersecting octet 2^h
In today's business and computing environment import/export controls generally only apply to which tiers of country? -3 -4 -1 -2
3 4
MySQL installations default to port _____.
3306
What port number does MySQL use?
3306
Which port must be open for RDP traffic to cross a firewall?
3389
Cat 8
40GBASE-T 40 Gbps 30 meters
SMB (Server Message Block)
445 used for network file shares
Which wifi frequency band offers 24 unlicensed communications channels in the US?
5 GHz
Stateful Firewall
A firewall that can inspect each incoming packet to determine whether it belongs to a currently active connection A process called stateful inspection and is therefore legitimate
Router
A Layer 3 device Routes traffic between IP subnets Router inside of switches sometimes called layer 3 switches often connects diverse network types LAN,WAN,copper, fiber
What is the fundamental difference between a MAN and a WAN?
A MAN covers a small geographical area. And WAN covers a large geographical area
What's the difference between a PDU and a UPS?
A PDU distributes power while a UPS stores power and serves as a backup power source
Which DNS record is used to find a fully-qualified domain name (FQDN) from a given IP address?
A PTR Record
stateless packet inspection
A firewall inspection method in which individual packet attributes such as IP address, port number, and protocols are inspected and filtered.
Disadvantages to spine and leaf architecture?
Additional switches may be costly
Describes how a DHCP reservation works?
Addresses for hosts are reserved by matching MAC addresses of the host to the address assigned to it by a network administrator
What happens when convergence on a routed network occurs?
All routers learn the route to all connected networks
What happens when convergence on a routed network occurs?
All routers learn the routes to all connected networks
out-of-band management
Allows management outside of normal communications channels (not using network resources).
Multiple User Multiple Input Multiple Output (MU-MIMO)
Allows multiple users to access the wireless network and access point at the same time
What is marking (QoS)?
Alters bits within a frame, cell, or packet, which indicates handling of traffic
What is the purpose of ACL when configuring CoPP?
An ACL identifies which traffic is relevant to CoPP policies
SNMP (Simple Network Management Protocol)
An Application-layer protocol used to exchange information between network devices. UDP 61
What's the essential difference between an IPS and an IDS?
An IDS can only detect and log suspicious activity. An IPS can react when alerted to such activity
Switch
An OSI Layer 2 device Forwards traffic based on data link address Bridging done in hardware Application-specific integrated circuit (ASIC) Many ports and features The core of an enterprise network May provide power over ethernet (PoE) Multilayer switch Includes Layer 3 routing functionality
Which virtual network connection type assigns a VM its IP address from the physical network?
Bridged Although a bridged vNIC communicates through the host's adapter, it obtains its own IP address, default gateway, and subnet mask from a DHCP server in the physical LAN
Which type of transmission would be used if an application needed to send packets to every other host on your network?
Broadcast
An attacker guesses an executive's password ("M@nd@lori@n") to a sensitive database after chatting for a while at a club. What kind of password attack did the hacker use?
Brute-Force
What is LTE-A?
Builds on 4G by using and upgraded interface / antenna Doubles LTE download speed to 300 Mbit/s
Which fiber connector contains two strands of fiber in each ferrule?
MT-RJ
Which 802.11 specification supports simultaneous connections of 2.4GHz and 5GHz transmissions? -n -a -b -ac -g
ac
Multiple Input Multiple Output (MIMO) is supported by which 802.11 specifications? -b -g -ac -a -n
ac n
What types of communication is sensitive to Jitter?
Real-time media such as voice communication and live video is sensitive to delay and therefore susceptible to it
Which power management/availability solution might you implement to address isolated outages and offer multiple connectivity paths within your data center?
Redundant Circuits
What is Dynamic ARP inspection?
Relies on DHCP snooping to prevent on-path attacks, that stops ARP poisoning at a switch level
What are the four phases in the social engineering attack cycle?
Research Building Exploit Exit
Which congestion control techniques help prevent network congestion?
Retransmission Policy Window Policy Acknowledgement policy Discarding Policy Admission Policy
Trusted Platform Modules (TPM) and up-to-date firmware can help to protect against which kind of threats?
Rootkits/bootkits
A new switch is connected to another switch by way of a network cable, and 3 computers are connected to the new switch. Which network topology is being used?
Star-bus
A project manager is tasked with the planning of a new network installation. The customer requires that everything discussed in the meetings is installed and configured when a network engineer arrives onsite. Which document should the project manager provide the customer?
Statement of work
What are the primary data link flow control methods?
Stop-and-wait method go-back-n-sliding window method Selective repeat sliding window method
What does SAN stand for?
Storage Area Network
Why is it important to use structured cabling standard when installing and managing cabling system?
Structured cabling standards describe the best ways to install various types of networking media to maximize performance and minimize
In a large organization, how do you typically request permission to perform a network change?
Submit a change request form
/24
Subnets: 1 IPs: 256 Usable: 254
/28
Subnets: 16 IPs: 16 Usable: 14
/25
Subnets: 2 IPs: 128 Usable: 126
/29
Subnets: 32 IPs: 8 Usable: 6
/26
Subnets: 4 IPs: 64 Usable: 62
/30
Subnets: 64 IPs: 4 Usable: 2
/27
Subnets: 8 IPs: 32 Usable: 30
Explain the key difference between how symmetric encryption works and how asymmetric encryption works?
Symmetric encryption uses the same key during both the encryption and decryption of data Asymmetric encryption requires the use of two keys. One to decrypt and one to encrypt
Stratum 2
Sync'd to stratum 1 servers
What is SONET?
Synchronous Optical Network- Layer 1 technology High-speed WAN that uses fiber. Usually in a ring topology Uses ATM
Your company wants to develop a voice solution to provide 23 simultaneous connections using VoIP. Which of the following technologies could BEST provide this capability? DOCSIS T1 DSL POTS
T1
What is the purpose of QoS?
To categorize traffic, apply a policy, and prioritize them in accordance with a QoS policy
Access control lists are used for which purposes in network communications?
To enable basic security for a network To restrict updates for routers to only specific interfaces
Which type of switch connects all devices in a rack to the rest of the network?
ToR Switch Top of rack switch connects all the other devices in the rack to the rest of the network
Which part of a toner and probe kit emits an audible tone when it detects electrical activity on a wire pair?
Tone locator
Memo of Understanding (MOU)
agreement between two or more parties, expresses a convergence of will between the parties indicating an intended common line of action (e.g. have MOU with vendors as part of emergency preparedness)
What is IPsec?
an encryption protocol suite that defines a set of rules for encryption, authentication, and key management for TCP/IP transmissions
What is the primary difference between how WPA2-Personal and WPA2-Enterprise are implemented on a network?
WPA2-Enterprise requires a RADIUS authentication server
What's the difference between WPA2/3-Personal & WPA2/3-Enterprise?
WPA2/3-Enterprise authenticates users individually with an authentication server
What is trunking?
When a single switch can support traffic belonging to several VLANs across the network
A documented system life cycle can be useful in which situations?
When determining budgets and allocations of resources
A hidden node normally occurs under which circumstances?
When nodes are close enough to the access point but too far away from each other
Which of the following criteria can a packet filtering firewall not use to determine whether to accept or deny traffic?
application data Packet filtering firewalls are limited to information contained within layer 3&4 headers. Such as: IP addresses TCP flags Protocols such as ICMP
You are configuring a network to utilize SNMPv3 to send information from your network devices back to an SNMP manager. Which of the following SNMP options should you enable to ensure the data is transferred confidentially? authPriv authNoPriv authProtect authEncrypt
authPriv
What is Fiber channel?
connects servers and storage together in a very high speed network. Requires a fiber channel switch
differential backup
copies all changes made since the last full backup
What command will ensure the configuration changes you made to a switch will persist after you restart the switch?
copy running-config startup-config or Copy run start
SMTP TLS/SSL
tcp/587
Which of the following would capture the network traffic used by an application?
tcpdump
External EIGRP Administrative Distance
170
What is the range of addresses for the first subnet created by using the subnet mask of 255.255.255.192 in the 192.168.0.0 class C network?
192.168.0.0-192.168.0.63
Which wifi frequency will best travel through objects like walls?
2.4 GHz
Which type of equipment should be used for telecommunications equipment and have an open design? 2/4 post racks Rail racks Vertical frame Ladder racks
2/4 post racks
802.11ac provides an advantage over 802.11n by incorporating increased channel bonding capabilities. What size channels does 802.11ac support?
20, 40, 80 and (optional) 60 MHz channels
What size bonded channels do 802.11ac and 802.11ax support?
20, 40, 80 and 160 MHz channels
Global Unicast address prefix for IPv6
2000::/3
What ports do FTP and SFTP utilize?
21,22
A network administrator needs to allow employees to upload files to a remote server securely. What port must be allowed through the firewall? 21 22 25 161
22
Unknown or unbelievable administrative distance
255
Which subnetmask is required to create subnets capable of hosting 2000 hosts?
255.255.248.0
Which 802.11 standard functions in both the 2.4-GHz and 5-GHz bands?
802.11n
What are the two layers effective risk management happens at?
Security Business
Give three examples of networked devices that are not computers
Security cameras SCADA that might be monitoring environmental controls Electric utilities Water and sewage Traffic signals Mass transit Manufacturing equipment Refrigeration units Lighting and entry systems
What is defense in depth?
Security implementation in layers
Which data link layer flow control method offers the most efficient frame transmission when sending large volumes of data?
Selective repeat sliding window
One of your users is complaining that they cannot connect to the share drive inside their windows-based office network. You believe that their host-based firewall may be blocking this service. What port should you verify is open in the firewall?
Server Message Block 445
An administrator arrives at work and is told that network users are unable to access the file server. The administrator logs into the server and sees the updates were automatically installed last night, and the network connection shows "limited" with no availability. What rollback action should the technician perform?
Server's NIC drivers An IP address is attached to a NIC's MAC address, which would not change in the event of an update. Sometimes, software updates can accidentally adjust hardware driver settings, so it is good to always review these settings first to eliminate this.
SRV record
Service record; used to define the location of various specific services.
What is SOP?
Standard operating procedures (SOP) are a detailed explanation of how a policy is to be implemented.
Which advantages do 2.4 GHz transmission have over 5 GHz transmissions?
The have a wider signal coverage area They are more compatible with older devices They are better at penetrating obstacles and barriers
Why would you need separate RA guard policies for network hosts and routers attached to a switch?
The hosts policy blocks all RA messages for interfaces with policy applied, while the routers policy would only need to filter RA messages to ensure they're coming from a trusted router
Which of the following is the MOST LIKELY reason why the server is unreachable from the Internet?
The most likely cause is that the NAT has not been properly configured on the border firewall. This would cause the internal network users to access the web servers still (since internal traffic doesn't have to transit the firewall) but would still prevent Internet users from accessing the web server.
A technician added memory to a router, but the router never recognizes that memory. The router is then powered down, and the technician relocates all of the memory to different modules. On startup, the router does not boot and displays memory errors. Which of the following is the MOST likely cause of this issue?
The most likely cause is that the memory chips are faulty because they have suffered from electrostatic discharge (ESD) during the chips' installation and movement.
zone transfer
The passing of DNS information from one name server to a secondary name server
Host ID
The portion of an IP address that identifies the host on a network, as determined using the subnet mask.
If a DHCP server is configured properly with a scope and the service is healthy yet still no addresses are being assigned what is the most likely cause?
The scope has not been activated yet
When a wireless signal encounters a large obstacle, what happens to the signal?
The signal reflects or bounces towards its source
A remote access policy might typically define which connectivity characteristics?
The type of device you can use to connect
Jitter
The variability of latency over time across a network.
A user has installed a new wireless printer on the network. The user cannot get it connected to the Internet but can print locally. All other office users can reach the Internet but cannot connect to the new wireless printer. All users are wireless in this part of the office. What MOST likely has occurred? -They installed the printer in infrastructure mode -They installed the printer in the wrong subnet -They misconfigured the gateway on the wireless printer -They installed the printer in ad-hoc mode
They installed the printer in ad-hoc mode
What do network based firewalls protect against? What do they ignore?
They provide a defense against the primary source of intrusion, the internet. They do not mitigate the risk that malware from user devices add to the network and they cannot respond to problems that get through edge defenses
Most modern-day bandwidth speed testers are implemented in which manner?
Through browsers
Which of the following technologies deliver multiple voice calls over a copper wire if you have an ISDN or T-1 connection? CSMA/CD Time-division spread spectrum Analog circuit switching Time-division multiplexing
Time-division multiplexing
NetFlow
a tool used to gather information about data flowing through a network
Material Safety Data Sheet (MSDS)
information sheets that must be provided by the manufacturer for all hazardous products
DOCSIS
(Data Over Cable Service Interface Specification) A security technology used for filtering packets and maintaining customer privacy on cable Internet services
Which IP addressing technique subnets a subnet to create subnets of various sizes?
(VLSM)-Variable Length Subnet Mask
What is route poisoning?
*Route Poisoning* is a method used by routing protocols to advertise a route with "bad" metrics. This enables the receiving router to remove the route from its routing table.
By default, which channel in a 2.4 GHz wireless network do not overlap? -3 -1 -11 -6 -9 -8
-1 -11 -6
Which subnet mask would be used to supernet 2 class C networks together into a single subnet with 512 hosts?
255.255.254.0
IPAM is responsible for providing which type of network service? -Resolving host names to IP addresses -Synchronizing the time on network clients and servers -Assigning IP addresses to client systems -Administration and monitoring of DHCP and DNS servers -Statically configuring IP addresses
-Administration and monitoring of DHCP and DNS servers
Virus signatures are identified by anti-virus applications by using which techniques?
-Algorithms -Heuristic engines
What characteristics of a bridge distinguish it from a switch? -Bridges can connect dissimilar types of media? -Switches operate at layer 2 of the OSI model, bridges operate at layer 3 -bridges connect host systems together, switches connect network segments -Switches connect host systems together, bridges connect network segments -Bridges can connect dissimilar architectures
-Bridges can connect dissimilar types of media? -Switches connect host systems together, bridges connect network segments -Bridges can connect dissimilar architectures
Which symptoms might be indicative of an intermittent short in a network environment? -Picking up signals from a different connection -Packets arriving out of sequence -Broadcast storms -Incorrect pin assignments -Periodic connectivity loss
-Broadcast storms -Periodic connectivity loss
What are some functions of a load balancer?
-Configurable load (Manage across servers) -TCP offload (Protocol overhead) -SSL offload (Encryption/Decryption) -Caching (Fast response) -Prioritization (QoS) -Content switching (Application-centric balancing)
Documentation of an issue should include which values? -Your theory -Corrective actions -Your list of probably causes -Outcomes -Initial problem (date, reported by, scope)
-Corrective actions -Outcomes -Initial problem (date, reported by, scope)
ARP poisoning is often used as a part of what types of threats or attacks? -Rogue access points -Denial of service -Man-in-the-middle -Logic bombs -Session hijacking -Social engineering
-Denial of service -Man-in-the-middle
Which of the following types of conversions can be performed by media converters? -Electrical signals (copper wire) to light signals (fiber optic) -Physical address to logical address -Switching to Routing -Protocol X to protocol Y -Multi-mode fiber to single mode fiber
-Electrical signals (copper wire) to light signals (fiber optic) -Multi-mode fiber to single mode fiber
A load balancer can provide which networking features? -Even distribution of traffic across servers performing the same function -Extended connectivity for wireless clients -Converting analog voice signals to IP data packets -Improved performance and availability by ensuring servers do not become overwhelmed -Connecting dissimilar network architectures
-Even distribution of traffic across servers performing the same function -Improved performance a
Permissions to a file system resource can be granted to which types of objects? -Groups -Ports -Addresses -Computers -Protocols -Users
-Groups -Computers -Users
Which statement correctly describes a Native VLAN? -It is the only VLAN to receive a tag -It always receives its tag after all other VLANs -It is the only VLAN to not receive the tag -It always receives its tag before all other VLANs
-It is the only VLAN to not receive the tag
What characteristics distinguish TFTP from FTP and FTPS? -It uses UDP as its transport protocol -It is more secure -It is a simplified version of FTP -It used TDP as its transport protocol -It us more reliable
-It uses UDP as its transport protocol -It is a simplified version of FTP
"Data Pooling" refers to which public cloud risk considerations? -Infrastructure is shared by multiple tenants -Disaster recovery/backup concerns -An attack on one tenant could impact other tenants -Legal trans-boarder requirements -No common concerns or interests for security
-No common concerns or interests for security -Infrastructure is shared by multiple tenants
Rank the following wireless security configurations from least secure to most secure -Open -WPA2+TKIP/AES -WPA2+AES -WEP -WPA+TKIP
-Open -WEP -WPA+TKIP -WPA+TKIP/AES -WPA2+AES
which command line tools can be used to test and troubleshoot DNS? -Ping -Tracert -Nslookup -Ipconfig -Pathping
-Ping -Nslookup
Which objects are typically monitored using SNMP? -Printers -Files -Network Utilization -Servers -Users -Routers
-Printers -Network Utilization -Servers -Routers
The MTBF value of a device is typically derived from which factors? -Product experience/customer feedback -Performance baselines -Product testing -Warranty duration -Purchase history
-Product experience/customer feedback -Product testing
Auto-negotiation can automatically configure which settings on a network adapter?
-Speed -Flow -Duplex mode
Which statements about type 1 hypervisors are correct? -They are generally only used in smaller environments for testing and development -They can be installed directly on top of hardware -They generally perform better as they consume fewer system resources -They require an operating system to be installed -They are always open source
-They can be installed directly on top of hardware -They generally perform better as they consume fewer system resources
Which mitigation methods can be implemented to reduce the effects of network crosstalk? -Use shielded cables -Increase the signal strength -Avoid sources of power when running cables -Run cables closer together -Increase the speed of the connection
-Use shielded cables -Avoid sources of power when running cables
What are the advantages of using virtualization on a network?
-efficient use of resources -cost and energy savings -fault and threat isolation -simple backups, recovery, and replication
Rank the following obstructions(from lowest to highest) according to the amount of attenuation the can cause for wireless communications -wooden door -concrete wall -drywall -cinderblock -brick wall -glass windows
-glass windows -wooden door -drywall -cinderblock -brickwall -concrete wall
You are configuring a point-to-point link and want to ensure it is configured for the most efficient use of your limited pool of available public IP addresses. Which of the following subnet masks would be BEST to use in this scenario? /24 /28 /29 /30
/30 The most efficient subnet mask for a point-to-point link is actually a /31 subnet, which only provides 2 addresses For the exam, if you see the option of /30 or /31, remember, they can be used for point-to-point networks.
The most accurate time sources available by standard network connections reside at which stratum of the network time protocol?
1
What four functions do all routers perform?
1. Connect dissimilar networks. 2. Interpret Layers 3 and 4 addressing and other information. 3. Determine the best path for data to follow. 4. Reroute traffic if a primary path is down but another path is available.
State the switch port sequencing method
1.) Blocking 2.)Listening 3.) Learning 4.) Forwarding
What is the minimum amount of ESD required to damage sensitive electronic equipment?
10 Watts
Cat 5e
1000BASE-T 1000 Mbps (1 Gbps) 100 meters A higher-grade version of wiring that contains high quality copper, offers a high twist ratio, and uses advanced methods for reducing cross talk.
Cat 6
1000base-t/10gbase-t 1000 mbps/10 gbps 100 meters/55 meters
Cat 5
100BASE-TX 100 Mbps 100 meters
Cat 3
10BASE-T 10 Mbps 100 meters
Cat 6a
10GBASE-T 10 Gbps 100 meters
Cat 7
10GBASE-T 10 Gbps 100 meters
If one wireless router is using channel 6 and you want to setup an additional router using a different channel, which would be the best channel to use? -8 -4 -6 -5 -10 -11
11
OSPF administrative distance
110
RIP Administrative Distance
120
What is the port number for SQL server?
1433 *Connections to installations of microsoft SQL server from other databases or applications
Which is the internet standard MTU?
1500 bytes
What is the port number for SQLnet, also called Oracle Net Services?
1521 *Used for connections to installation of oracle database from other databases or applications
Session Initiation Protocol (SIP)
5060/5061 is used for VoIP and audio/video conferencing.
Syslog port number and what is it used for?
514 Manages and stores information about system events
What is the port number for DNS?
53
SMTP over TLS
587
Which Ethernet cable category was the first support gigabit transfer rates? -3 -5 -6 -6a -5e
5e
What port number is used by LDAPS protocol?
636
If there are 6 bits available to address host systems in a network, how many hosts can you accommodate?
64
Your company has decided to upgrade its legacy phone system to use VoIP devices instead. The new phones will download the configurations from a server each time they boot up. Which of the following ports needs to be opened on the firewall to ensure the phones can communicate with the TFTP server? -21 -53 -69 -161
69
What is the greatest number of host bits you could borrow from the host portion of a class B subnet mask and still have at least 130 hosts per subnet
8 bits
HTTP uses which port number for requests between web servers and web clients?
80
Which is the standard most coffee shop hotspot routers run on?
802.11g
Power over Ethernet + (PoE+)
802.1at 25.5 watts
Which of the following protocols are designed to avoid loops on a Layer 2 network? OSPF RIPv2 802.1q 802.1d
802.1d
A network administrator would like to enable authentication for wireless network users. Which of the following would be the best choice?
802.1x
What access control model will a network switch utilize if it requires a multilayer switch to use authentication via RADIUS/TACACS+
802.1x
Which standard adapted EAP to WLANs?
802.1x EAPoL (EAPoverLAN)
What is used to authenticate wireless wireless network users?
802.1x Port-based You don't get access until you authenticate
A company needs to implement stronger authentication by adding an authentication factor to its wireless system. The wireless system only supports WPA with pre-shared keys, but the back-end authentication system supports EAP and TTLS. What should the network administrator implement?
802.1x using EAP with MSCHAPv2
Power over Ethernet (PoE)
802.3af 15.4 watts
What is PoE++?
802.3bt type 3: 51w, 600mA max current type 4: 71.3, 960mA max current PoE 10GBASE-T
EIGRP administrative distance
90
What port number does IMAP4 over SSL use?
993
What port number does POP3 over SSL use?
995
Resolvers
A DNS client that requests information from DNS name servers.
DSCP (Differentiated Services Code Point)
A field in an IP packet that enables different levels of service to be assigned to network traffic.
A company is installing several APs for a new wireless system that requires users to authenticate to the domain. The network technician would like to authenticate to a central point. What solution would be BEST to achieve this?
A Remote Authentication Dial-in User Service (RADIUS) server provides AAA management for users connecting to a wired or wireless network, which includes the ability to authenticate users. As servers are inherently not built with wireless access capabilities, an access point would have to be included in the setup for the RADIUS to work correctly with wireless clients.
What is SD-WAN?
A WAN built for use with the cloud Networking devices have different phases of operation Divided logically to extend the functionality and management of a single device
What is the fundamental distinction between a MAN & a WAN?
A WAN covers a large geographical area and MAN covers a smaller, more defined geographical area
A new network administrator is hired to replace a consultant who ran the network for several months and whose contract was just canceled. After a month of working on the network, the new network administrator realized some network issues and configuration changes in the server settings. The log files on the servers do not contain any error messages related to the issues or changes. What could be the problem?
A backdoor was installed to access the network
What is a cable snip?
A cable snip or cutter is used to cut copper into shorter lengths from a larger spool of wound cable
fiber-optic cable
A cable that transmits data at close to the speed of light along glass or plastic fibers.
CDMA (Code Division Multiple Access)
A cellular standard in which everyone communicates at the same time. Each call uses a different call The codes are used to filter each call on the receiving side Used by Verizon and sprint
What is 3G technology?
A cellular technology upgraded over 2G with improved speeds (Mbit/s). With bandwidth improvement that allowed new functionality like GPS, mobile TV, video on demand, and video conferencing
What is a channel service unit/ data service unit?
A channel service unit (CSU) / data service unit (DSU) device is designed to connect a terminal device to a T1 line It converts the digital data frames from the LAN into appropriate frames for a WAN and vice versa
What is a VPN concentrator?
A device that encrypts/decrypts VPN traffic tunneled through an untrusted network. Often integrated into a firewall Software based options available
Stateless firewall
A firewall that manages each incoming packet as a stand-alone entity without regard to currently active connections. Stateless firewalls are faster than stateful firewalls, but are not as sophisticated.
Describe black box penetration testing
A form of penetration testing where the tester is not given any information about the target
Multiplexing
A form of transmission that allows multiple signals to travel simultaneously over one medium. Getting more out of a limited network
Which backup type, if performed daily would offer the lowest RTO and why?
A full backup created everyday would offer the lowest RTO because it contains all backed up data together in one place
Autonomous System (AS)
A group of routers and their data networks that share a common routing policy and administration
What is a cable stripper?
A hand held device that is used to remove the insulation or outer sheath from copper cables such as UTP, STP, or coaxial
What is MPLS (Multiprotocol Label Switching)?
A high performance WAN technology that directs data from one router to the next base on short path labels applied at layer 2.5 rather than IP network Addresses. Therefore any transport medium and protocol can be used inside
What is a hop?
A hop is the moving of a packet from one LAN to another.
Partial Mesh Topology
A hybrid of a hub-and-spoke topology and a full-mesh topology. Provides an optimal route between selected sites
What is the fundamental distinction between a layer 2 switch and a router?
A layer 2 switch belongs only to its local network. While a router belongs to two or more networks
What is needed for communication between Vlans?
A layer 3 device/router
Trivial File Transfer Protocol (TFTP)
A light version of FTP that uses a small amount of memory and has limited functionality. UDP 69
Intermediate System to Intermediate System (IS-IS)
A link-state routing protocol similar in its operation to OSPF as it uses cost. Not as popular though
Open Shortest Path First (OSPF)
A link-state routing protocol that uses a metric of cost, which is based on the link speed between two routers. Supports IPv4 & VLSM Interior OSPF is a popular IGP because of its scalability, fast convergence, and vendor interoperability.
Describe the distribution layer in three tier architecture
A midpoint between core and users communicates between access switches manages path to end users
Which statement best describes CDMA? -A multiplexing method based on time divisions -A multiplexing method based on collision detection and avoidance -A global system for mobile phone service -A multiplexing method based on coded signals
A multiplexing method based on coded signals
DHCP (Dynamic Host Configuration Protocol)
A network service that provides automatic assignment of IP addresses and other TCP /IP configuration information to devices on the network.
LACP (Link Aggregation Control Protocol)
A network specification that enables the bundling of several physical ports together to form a single logical channel.
Memorandum of Understanding (MOU)
A non-binding agreement between two or more organizations to detail an intended common line of action they intend to take Usually used internally AKA Letter of Intent
An offsite backup service is involved in an investigation currently. Because of this, they are not recycling outdated tapes. Which of the following is the MOST likely reason for this? -The process of discovery -A chain of custody breach -A data transport request -A notice of a legal hold
A notice of a legal hold A legal hold is a process that an organization uses to preserve all forms of relevant information when litigation is reasonably anticipated. If a legal hold notice has been given to the backup service, they will not destroy the old backup tapes until the hold is lifted.
What is a Storage Area Network?
A part of a network that looks & feels like a local storage device, that provides block level access
Border Gateway Protocol (BGP)
A path vector that uses the number of autonomous system hops instead of router hops Backbone of the internet Widespread utilization Slow convergence Exterior
ad hoc mode
A peer-to-peer wireless configuration where each wireless workstation talks directly to other workstations.
OTDR (Optical Time-Domain Reflectometer)
A performance testing device for use with fiber-optic networks. An OTDR works by issuing a light-based signal on a fiber-optic cable and measuring the way in which the signal bounces back (or reflects) to the OTDR. Based on the type of return light signal, an OTDR can accurately measure the length of the fiber; determine the location of faulty splices, breaks, bad or mismatched connectors, or bends; and measure attenuation over the cable.
The MTTF value of a device refers to which characteristic?
A point after which a device is no longer considered to be reliable
Domain Name System (DNS)
A protocol that translates domain names into IP addresses.
QSFP
A quad (4-channel) small form-factor compact hot-pluggable transceiver that is also used for data communication applications. Four 1 Gbit/s = 4 Gbit/s
Dynamic ARP Inspection (DAI)
A security feature on some switches that verifies each ARP request has a valid IP to MAC binding and stops ARP poisoning at the switch level
ADSL (asymmetric digital subscriber line)
A service that transmits digital voice and data over existing (analog) phone lines.
What is a Nas?
A shared storage device that is accessible over the network, that provides block level access
What is the difference between an open circuit and a short circuit?
A short circuit is one where connection exists in places they shouldn't. While an open circuit is one where needed connections are missing
What is the difference between short circuits and open circuits?
A short circuit is one where connections exist in places they shouldn't while an open circuit is one where connections are missing
What are two use cases for a VIP?
A single VIP(virtual IP address) can be used to represent a cluster of resources such as a web server It can also be used to assign different IP addresses to multiple instances of the same service running on a single machine
What is split DNS?
A split-DNS is deploying separate DNS servers for security and privacy management of internal and external networks. Using two sets of DNS information and which set you get is based on the source IP address of the requester. Either internal or external
What device must be installed on a DSL network to protect the sound quality of phone calls?
A splitter
GSM (Global System for Mobile Communications)
A standard created by the European Telecommunications Standards Institute (ETSI) used to describe communication protocols for second-generation (2G) cellular networks and devices. It has now become the default global standard for mobile communications in more than 219 countries and territories. Uses multiplexing
SFP (Small Form Factor Pluggable)
A standard hot-swappable network interface used to link a connectivity device's backplane with fiber-optic or copper cabling. 1 Gbit/s fiber
A home user reports to a network technician that the Internet is slow. The network administrator discovers that multiple unknown devices are connected to the access point. What is MOST likely the cause of this issue? -An evil twin has been implemented -A successful WPS attack has occurred -The user is experiencing ARP poisoning -The user is connected to a botnet
A successful WPS attack has occurred
crossover cable
A twisted pair patch cable in which the termination locations of the transmit and receive wires on one end of the cable are reversed. T-568A on one side and a T-568B
straight-through cable
A twisted pair patch cable in which the wire terminations in both connectors follow the same scheme. T-568B on both ends
SPF protocol (Sender Policy Framework)
A type of TXT record that helps prevent mail spoofing. Allows to check that incoming mail really did come from an authorized host.
nslookup
A utility that is used to test and troubleshoot domain name servers.
RSTP (Rapid Spanning Tree Protocol)
A version of the Spanning Tree Protocol that can detect and correct for network changes much more quickly.
What is the difference between a vulnerability and an exploit?
A weakness of a system, process, or architecture that could lead to compromised information or unauthorized access is known as a vulnerability The act of taking advantage of a vulnerability is known as an exploit
802.11ax (WiFi 6)
A wireless standard that uses the 2.4, 5, and 6 GHz ranges. Bandwidth: 9.6 Gbps (MU-MIMO) backward compatible with older 2.4 and 5 GHz devices.
What are the three major elements that control access to a network and it's resources?
AAA (Authentication, authorization, accounting)
What is cable management standard?
ANSI/TIA/EIA 606 Helps with standards for reports, drawings, work orders by providing a standard format
Which fiber cable connector is preferred when the least amount of return loss (reflection) is required? -APC -SC -LC -UPC -MT-RJ
APC
Rick is upset that he was passed over for a promotion. He decides to take revenge on his nemesis, Mary, who got the job instead of him. Rick sets up a man-in-the-middle attack against Mary's computer by redirecting any layer 2 traffic destined for the gateway to his own computer first. Rick is careful only to affect the traffic associated with Mary's computer and not the entire network. Which type of man-in-the-middle attack is Rick conducting against Mary?
ARP cache poisoning
What characteristic of ARP makes it particularly vulnerable to being used in a Dos attack?
ARP performs no authentication
Workers in a company branch office must visit an initial web page and click the "I agree" button before being able to surf the web. Which of the following is this an example of? An end-user license agreement An SLA An AUP An MOU
AUP stands for acceptable use policy. If you're agreeing to what you can and can't view, you accept the AUP.
Which type of network can be created with as little as a wireless router and a connection to an ISP?
Ad-Hoc
You are working at the service desk as a network security technician and just received the following email from an end-user who believes a phishing campaign is being attempted. *********************** From: [email protected]: [email protected]: You won a free iPhone! Dear Susan, You have won a brand new iPhone!Just click the following link to provide your address so we can ship it out to you this afternoon: (http://www.freephone.io:8080/winner.php)*********************** What should you do to prevent any other employees from accessing the link in the email above while still allowing them access to any other webpages at the domain freephone.io? Add http://www.freephone.io:8080/winner.php to the browser's group policy block list
Add http://www.freephone.io:8080/winner.php to the browser's group policy block list
Which protocol is used to establish a secure and encrypted VPN tunnel that can be initiated through a web browser?
An SSL VPN is a type of virtual private network that uses the Secure Sockets Layer protocol in a standard web browser to provide secure, remote-access VPN capability. In modern browsers and servers, it is more common to use TLS (transport layer security) which is the successor to SSL.
What is an ACL?
An access control list (ACL) is a list of users or groups and the permissions they're given. Linux ACLs, like Linux owner, group, and world permissions, consist of three permission bits, one each for read, write, and execute permissions. The file's owner can assign ACLs to an arbitrary number of users and groups, making ACLs more flexible than Linux permissions, which are limited to groups defined by the system administrator.
You have installed and configured a new wireless router. The clients and hosts can ping each other. The WAN connection is 10Gbp/s. The wired clients have fast connections, but the wireless clients are slow to ping and browse the Internet. Which of the following is MOST likely the cause of the slow speeds experienced by the wireless clients?
An access point experiencing RFI from fluorescent light bulbs
DKIM (domainKeys identified mail)
An authentication method included in a TXT record that uses encryption to verify the domain name of an email's sender.
HTTPS (Hypertext Transfer Protocol Secure)
An encrypted version of HTTP. It uses port 443. Uses SSL.
CRC (Cyclic Redundancy Check)
An error detection method that can be applied to blocks of data, rather than individual words. Both the sender and receiver calculate EDC; if they match, the data is assumed to be valid.
What is Frame Relay?
An industry standard, Frame Relay is a switched data link layer protocol that uses virtual circuits to connect remote LANs to a WAN
ESP (Encapsulating Security Payload)
An option within IPsec to provide confidentiality, integrity, and authentication for the security of packets
Which of the following is most likely to use an RJ-11 connector to connect to a computer to an ISP using POTS line? -Multilayer switch -DOCSIS modem -Access Point -Analog modem
Analog modem Converts digital pulses into tones that can be carried over analog telephone lines and vice versa DSL also uses RJ-11 DOCSIS modem is a cable modem and would requires a coaxial cable with a F-type connector
Which IoT wireless standard is used to sync data from a smartwatch, bike computer, and smart phone to a single user account?
Ant+
How many characters are used for the passphrase when you have configured WPA/WPA2 for your wireless security?
Any value between 8 and 63
A what layer should you troubleshoot a website access issue?
Application 7
Which of the following layers within SDN networks focuses on resource requests or information about the network? -Application layer -Management Plane -Control Layer -Infrastructure Layer
Application Layer
What are the four parts of Software defined networking?
Application Layer Control Layer Infrastructure Layer Management Layer
A new piece of malware attempts to exfiltrate user data by hiding the traffic and sending it over a TLS-encrypted outbound traffic over random ports. What technology would be able to detect and block this type of traffic? Intrusion detection system Application-aware firewall Stateful packet inspection Stateless packet inspection
Application-aware firewall A Web Application Firewall (WAF) or Application-Aware Firewall would detect both the accessing of random ports and TLS encryption and could identify it as suspicious
Packet Shaping/Traffic shaping
Apply certain bandwidth or data usages to certain application. A way of prioritizing applications. Set important applications to have higher priorities than others.
SPB (Shortest Path Bridging)
As described in IEEE's 802.1aq standard, a descendent of the Spanning Tree Protocol that can detect and correct for network changes much more quickly.
How does MPLS work?
At its core, MPLS is basically a more efficient way of forwarding and routing packets, which are the basic building blocks of data transmitted over the Internet.
Which log type is used to prove who did what and when?
Audit log
Routing prefixes, which are assigned in blocks by IANA and distributed by the Regional Internet Registry (RIR), are known as what? -Network handle -Autonomous system number -Route aggregation -Top level domain
Autonomous system number An ASN (or Autonomous System Number) is used to control routing with BGP routing protocols to route traffic across the network.
Which of the following connector types is used to terminate DS3 connections in a telecommunications facility? 66 block BNC F-connector RJ-11
BNC
A ______ is a central conduit that connect the segments of a network
Backbone
incremental backup
Backup that copies only the changed data since the last backup.
802.11b
Band: 2.4 GHz Bandwidth: 11 Mbps
802.11g
Band: 2.4 GHz Bandwidth: 54 Mbps
802.11a
Band: 5 GHz Bandwidth: 54 Mbps (1999)
What is WDM (Wavelength Division Multiplexing)?
Bidirectional communication over a single strand of fiber using different frequencies
What is the correct order data is encapsulated?
Bit, Frame, Packet, Segment, Data
What are the STP port states, and what do they mean?
Blocking- Listen- Learning- Forwarding-
What type of adapters are required on servers in an FCoE storage network?
CNA (Converged Network Adapter)
Which Carrier Sense technology is used on wireless networks to reduce collisions?
CSMA/CA Carrier Sense Multiple Access with Collision Avoidance
route command
Can create , view , or modify manual entries in the network routing tables of a computer or server
What is the earliest standard twisted-pair cabling standard that meets the minimum requirements for 10GBASE-T transmissions at 100 meters?
Cat 6a
What is the earliest twisted pair cabling standard that meets the minimum requirements for 10G Based-T transmissions
Cat 6a
Cat 6a
Category 6a wire; augmented CAT 6 UTP wiring that supports 10GbE networks at the full 100-meter distance between a node and a switch.
Which of the following is a document used in cyber forensics that lists everywhere evidence has been?
Chain of custody
What is Hot Standby Routing Protocol (HSRP)?
Cisco proprietary first hop redundancy protocol which allows for an active and standby router to be used together
Which Bluetooth power class has the highest power output?
Class A
What is a classless routing protocol? What are some examples of classless routing protocols?
Classless routing protocols are routing protocols that include the subnet mask information when the routing tables or updates are exchanged Examples: OSPF EIGRP RIPv2 or newer IS-IS
What are the options for dynamic VLAN assignment?
Client device information Authentication processes Unauthorized devices WLAN traffic
Which QoS technique operates at Layer 2 to more efficiently route Ethernet traffic between VLANs?
CoS (Class of Service)
A flashing amber light on a network adapter might be indicative of which networking problem?
Collisions
Jason wants to use his personal cell phone for work-related purposes. Because of his position, Jason has access to sensitive company data, which might be stored on his cell phone during its usage. The company is concerned about this but believes that it might be acceptable with the proper security controls in place. Which of the following should be done to protect both the company and Jason if they allow him to use his personal cell phone for work-related purposes? Establish a consent to monitoring policy so that the company can audit Jason's cell phone usage Establish an AUP that allows a personal phone to be used for work-related purposes Conduct real-time monitoring of the phone's activity and usage Establish an NDA that states Jason cannot share the confidential data with others
Conduct real-time monitoring of the phone's activity and usage the BEST solution is to conduct real-time monitoring of the phone's activity since it is a technical control that could quickly identify an issue. The other options are all administrative controls (policies), which are useful but would not actually identify if the sensitive data was leaked from Jason's phone.
What do the letters in the CIA triad stand for?
Confidentiality, Integrity, Availability
What does management plane in SDN do?
Configure and manage the devices also known as Application Layer
What kind of issues might indicate a misconfigured ACL
Connectivity and performance issues between two hosts in which some applications or ports can make the connection while others can't, could indicate this issue
Campus Area Network (CAN)
Connects LANs that are building-centric across a university, industrial park, or business park Up to a few miles
Describe the core layer in three tier architecture
Contains web servers, databases, applications
What are the two primary features that gives proxy servers an advantage over NAT?
Content filtering & file caching
What are the three tiers of 3 tier architecture ?
Core- Web servers, databases, applications Distribution- A midpoint between core and users communicates between access switches manages path to end users Access- Where the users connect end stations and printer
An administrator would like to test out an open-source phone system before investing in hardware and phones. Which of the following should the administrator do to BEST test the software? Create virtual IP phones that utilize the STP protocol in your lab Deploy an open-source VDI solution to create a testing lab Deploy new SIP appliances and connect them to the open-source phone applications Create a virtual PBX and connect it to SIP phone applications
Create a virtual PBX and connect it to SIP phone applications
What is a common technique used by malicious individuals to perform a man-in-the-middle attack on a wireless network?
Creating an evil twin
What type of cable is depicted in the graphic? -Rollover -Multimode Fiber -Coaxial -Straight Through -Crossover
Crossover
Which type of cable should be used to make a network connection from one computer directly to another computer?
Crossover
Which term refers to the study of cryptographic systems?
Cryptanalysis
What technology does Bluetooth use to take advantage of the 79 channels allocated to the bluetooth band
DFHSS
You have just moved into a new apartment and need to get internet service installed. Your landlord has stated that you cannot drill any holes to install new cables into the apartment. Luckily, your apartment already has cable TV installed. Which of the following technologies should you utilize to get your internet installed in your apartment? Wireless router DSL modem Satellite modem DOCSIS modem
DOCSIS (Data Over Cable Service Interface Specification) is an international telecommunications standard that permits the addition of high-bandwidth data transfer to an existing cable television system. Many cable television operators employ it to provide Internet access over their existing hybrid fiber-coaxial (HFC) infrastructure. Most people today call these cable modems, but technically, they are DOCSIS modems.
List 3 transport methods that can be used to support an SD-WAN
DSL, Cable broadband, fiber broadband, leased line, MPLS, Cellular, satellite
DSSS (Direct Sequence Spread Spectrum)
Data divided into small chunks spread over all frequencies within one or three channels at the same time. DSSS uses the available bandwidth more efficiently than FHSS and tends to have a higher throughput
What is DLP?
Data loss prevention - used to prevent the disclosure of PII across the network. Can be network based (managing e-mail) or endpoint (preventing copying or printing of sensitive info).
Which of the following applies to data as it travels from Layer 1 to Layer 7 of the OSI model? -Tagging -Encapsulation -Tunneling -De-encapsulation
De-encapsulation De-encapsulation occurs as the data travels up the OSI layers. As information travels down the OSI model from layer 7 to layer 1, it is encapsulated along the way.
Which VLAN on a switch cannot be renamed or deleted?
Default VlAN
How do you secure the management plane do in SDN?
Define QoS filter to protect the control plane Control packets should have priority Prioritize management traffic. Block unnecessary control plan traffic types Rate limit traffic sent to the control plane
802.1x
Defines port based Network Access Control which prevents anyone from communicating on a switch before providing correct authentication. And access points to filter the packets from users who are and are not already authenticated by an existing RADIUS server
What is a SOA record?
Defines what the DNS server is managing Zone details Structure Serial number Refresh, retry, caching information or TTL
Recursive query (DNS)
Delegates the lookup to a DNS server. Does the work than reports back. Large DNS cache provides speed advantage
PaaS (Platform as a Service)
Delivery option On demand access to a complete ready to use cloud-hosted platform, for developing, running, maintaining, and managing applications
Which communication technology would MOST likely be used to increase bandwidth over an existing fiber-optic network by combining multiple signals at different wavelengths?
Dense wavelength-division multiplexing (DWDM) is a high-speed optical network type commonly used in MANs (metropolitan area networks). DWDM uses as many as 32 light wavelengths on a single fiber, where each wavelength can support as many as 160 simultaneous connections.
A third-party vendor has just released patches to resolve a major vulnerability. There are over 100 critical devices that need to be updated. What action should be taken to ensure the patch is installed with minimal downtime?
Deploy the patch in a testing environment, quickly conduct testing, and then immediately install it in the production enviornment
What two important address are included in an Ethernet Frame?
Destination MAC addresses Source MAC addresses
RPO (Recovery Point Objective)
Determines backup frequency
Describe congestion management
Determines the order in which packets are sent out an interface based on priorities assigned to those packets
Which mobile device management techniques allows you to selectively wipe only corporate data while leaving personal data intact?
Device partitioning/containerization
A wireless signal having to move around a large object such as a hill or building is known as which type of interference?
Diffraction
What does DFHSS stand for?
Digital Frequency Hopping Spread Spectrum
Which type of cloud service connectivity method would typically allow for unlimited data transfers once implemented? -Pay as you go -Native VPN -VPN appliance -Remote Desktop -Direct Connection
Direct Connection
Which service in Windows Server 2016 authenticates remote users & computers to the windows domain & its corporate network resources?
DirectAccess
What is the DORA process?
Discover Offer Request Acknowledge
netstat -r (command)
Displays the routing table on the local computer
The network administrator noticed that the border router has high network capacity loading during non-working hours. This load is causing web services outages. Which of the following is the MOST likely cause of the issue? Evil twin Session hijacking Distributed DoS ARP cache poisoning
Distributed Denial of Service (DDoS) is when a computer or multiple computers are compromised due to a network breach or virus attack. This kind of attack can impact the network and cause outages or slowness if your workstation is affected and acting as part of a botnet.
What are the five subtypes of DoS attacks?
Distributed DoS Distributed Reflection DoS Amplified DRDoS Permanent DoS Friendly DoS
Iterative query (DNS)
Do all of the queries yourself Your DNS cache is specific to you
Service Level Agreement (SLA)
Documents the quality, availability, and responsibilities agreed upon by a service provider and a client
Which type of security camera would you likely see mounted on the ceiling of a bank or other secure location?
Dome
In which life cycle phase is an old device removed from the network?
During the implementation phase of a system life cycle, you deploy new equipment to replace old equipment, and continue testing to achieve a now stable baseline
What is the difference between dynamic ARP entries and static ARP table entries?
Dynamic ARP table entries are created when a client makes an ARP request, where as static ARP table entries are entered manually using the ARP utility
What is the difference between dynamic ARP table entries and static ARP table entries?
Dynamic ARP table entries are created when a client makes an ARP request, whereas static ARP table entries are manually added using the ARP utility
What does DHCP stand for?
Dynamic Host Configuration Protocol
What IPsec encryption type encrypt the IP header?
ESP (Encapsulating Security Payload)
Which type of switch is best used for connections to web servers?
Edge Switch In a 3 tiered architecture, edge switches connect directly to hosts such as servers, printers, and workstations Ideally hosts connect only to edge switches and never to switches at other layers
An outside organization has completed a penetration test for a company. One of the report items reflects the ability to read SSL traffic from the web server. What is the MOST likely mitigation for this reported item?
Ensure patches are deployed
A company has a secondary datacenter in a remote location. The data center staff handles cable management and power management. The building's security is also handled by the data center staff with little oversight from the company. Which of the following should the technician do to follow the best practices? Secure the patch panels Ensure power monitoring is enabled Ensure rack security is performed Secure the UPS units
Ensure rack security is performed
configuring radio balancing in a wireless controller refers to which feature?
Ensuring that all 802.11n clients are connected to 802.11n access points
Lightweight Directory Access Protocol (LDAP) is used for which purpose?
Establishing communication from an application to a network directory service
802.3
Ethernet
what protocols header includes the source MAC Address?
Ethernet
Marking (QoS)
Evaluates the policies, configuration, and information regarding the action to be taken when a packet is out of profile and decides what to do with the packet
Which types of wireless access points might be used by an attacker to gain access to confidential information? -Evil Twin -WLAN -Hot Spot -SSID -Rogue
Evil twin Rogue
link-local unicast address prefix
FE80::/64
Which type of port scanning method disguises the location of the sender?
FTP bounce
In the event of a fire, the most appropriate failure policy is a _______ policy
Fail Open
A network technician needs to connect two switches. The technician needs a link between them that is capable of handling 10 Gbps of throughput. Which of the following media would BEST meet this requirement?
Fiber Optic Cable To achieve 10 Gbps, you should use CAT 6a or a fiber cable. Since CAT6a isn't an option, fiber is the best answer here. CAT 5e can only operate up to 100 meters at 1 Gbps of speed.
What are the advantages of fiber optic cabling?
Fiber Optic cables contain glass fibers that allow for greater transmission speeds, much greater max cable lengths, very high resistance to noise, and excellent security
You have been asked to install a media converter that connects a newly installed multimode cable to the existing CAT5e infrastructure. Which type of media converter should you use?
Fiber to Ethernet
What do host based firewalls ignore protection of?
Files on servers and a virtualized portion of the networks
arp -d
I am the command used to delete an entry from the address resolution protocol table.
Which options should typically be included in a software asset management implementation?
License overages Mobile device operating systems
When trying to connect two geographically dispersed offices using a VPN connection. You have been asked to configure their networks to allow VPN traffic into the network. Which device should you configure first? -Router -Modem -Switch -Firewall
Firewall You should first configure the Firewall because it is installed at the network's external boundary. By allowing the VPN connection through the firewall, two networks can be connected and function as a single intranet
What is FHRP?
First Hop Redundancy Protocol provides an additional default gateway if one fails
What are some technologies used in flow control?
Flow control, Congestion control, QoS
What is the role of a switch?
Forward or drop frames based on the destination MAC address Gather a constantly updating list of MAC addresses Maintain a loop free environment using STP
Which WAN technology relies on virtual circuits and point-to-multipoint connections?
Frame Relay
A malicious user is blocking wireless devices from connecting to the Internet when people are in the coffee shop. What is the malicious user performing? -Man-in-the-middle attack -Blacklisting IP addresses in the ACL -Frequency jamming -Spoofing
Frequency jamming Frequency jamming is one of the many exploits used to compromise a wireless environment. It works by denying service to authorized users as legitimate traffic is jammed by the overwhelming frequencies of illegitimate traffic. There is no indication that the malicious user is creating a rogue AP (which is a form of spoofing) or performing a MITM attack by having users connect through their laptop or device. Also, there is no mention of certain websites or devices being blocked logically. Therefore there is no blacklisting of IP addresses performed.
You have been asked to connect three 802.11a devices to an 802.11g access point configured with WEP. The devices are within 20 feet of the access point, but they still cannot associate with the access point. Which of the following is the MOST likely cause of the devices not associating with the WAP? Interference Frequency mismatch Signal loss Mismatched encryption
Frequency mismatch
SaaS (Software as a Service)
Full Dine-In experience option On-demand access to ready-to-use, cloud hosted application software
802.3x
Full-Duplex Flow Control in ethernet
WPA3 (Wi-Fi Protected Access 3)
GCMP block cipher mode(Galois/counter mode protocol), stronger encryption than WPA2 Also uses AES
What is GLBP?
Gateway Load Balancing Protocol Cisco proprietary similar to HSRP. Focuses on load-balancing over redundancy
When a router can't determine a path to a message's destination, where does it send the message?
Gateway of last resort
You are trying to connect to a router using SSH to check its configuration. Your attempts to connect to the device over SSH keep failing. You ask another technician to verify that SSH is properly configured, enabled on the router, and allows access from all subnets. She attempts to connect to the router over SSH from her workstation and confirms all the settings are correct. Which of the following steps might you have missed in setting up your SSH client preventing you from connecting to the router?
Generate a new SSH key
What is required to use a clientless VPN?
HTML 5 compliant browser
What does a load balancer do?
Helps to evenly distribute traffic to each device in a cluster so that every device carries a portion of the load
A college needs to provide wireless connectivity in a cafeteria with a minimal number of WAPs. What type of antenna will provide the BEST coverage? -High gain -Bidirectional -Dipole -Omni-directional
High gain
What is the name of the simplified network configuration introduced with windows 7?
Homegroup
Give three examples of routing metrics used by routers to determine the best of various available routing paths.
Hop count, theoretical bandwidth, actual throughput, path latency, path load, MTU, cast, reliability, network topology
What is COOP (Continuity Of Operation Plan)?
How to perform business functions in the event of a disaster
Enhanced Interior Gateway Routing Protocol (EIGRP)
Hybrid of distance vector and link state protocols that uses bandwidth and delay Cisco proprietary Interior
A technician is tasked with troubleshooting a network's slowness. While troubleshooting, the technician is unable to ping any external websites. Users report they can access the sites using the web browsers. What is the MOST likely cause? ICMP traffic being blocked by the firewall VLAN hopping TACACS misconfiguration MTU black hole
ICMP traffic being blocked by the firewall
What 4 things does a DHCP server assign to a client that connects to the network?
IP address Subnet Mask Default gateway DNS server IP address
Which encryption protocol does GRE use to increase the security of transmissions?
IPsec
What protocol does not include some kind of integrity check field in its header?
IPv6
What is considered a classless routing protocol?
IS-IS is known as a classless protocol. Classless routing protocols are those protocols that include the subnet mask information when the routing tables or updates are exchanged. Other classless routing protocols include EIGRP, RIPv2 (or newer), and OSPF.
Which encryption type most likely is used for securing the key exchange during a client-to-server VPN connection?
ISAKMP
Which type of WAN service uses 2 dedicated phone lines to provide a bandwidth of approximately 128 kbps?
ISDN
Which email protocol allows an email client to read mail stored on the mail server?
Imap4
Out-of-band management refers to which process?
Implementing redundancy to allow for continued network management in the event of failure.
Wireless Client Isolation
Imposes strict rules via firewalls that restricts a wireless clients ability to communicate with device on the network other than the default gateway
WPA3 PSK authentication process
Includes mutual authentication Creates shared session key without sending data over the network No more four way handshake, no hashes, no brute force using SAE
What does MPLS initial configuration contain?
Information where all of the different sites may be located and what labels may be used to switch data to those locations
Janet is a system administrator who is troubleshooting an issue with a DNS server. She notices that the security logs have filled up and must be cleared from the event viewer. She recalls this being a daily occurrence. Which of the following would BEST resolve this issue? Increase the maximum log size Log into the DNS server every hour to check if the logs are full Install an event management tool Delete the logs when full
Install an event management tool
Statefull packet inspection attempts to ____.
Insure that each inbound packet is a legitimate response to outbound traffic to guarantee all inbound traffic is in response to outbound requests, or is a part of a valid communication
A network technician connects three temporary office trailers with a point-to-multipoint microwave radio solution in a wooded area. The microwave radios are up, and the network technician can ping devices in all office trailers. However, connectivity is sporadic. What is the cause of this issue?
Interference
List available options for connecting to cloud resources
Internet VPN Remote access connections A leased line from ISP Private or dedication direct connection
A network administrator is troubleshooting an issue with unstable wireless connections in a residence hall. Users on the first and second floors report that the hall's SSID is not visible in the evenings. The network administrator has verified that the wireless system is operating normally. What is the cause of the issue being reported by the users?
Internet router maintenance would simply take the network down for the duration of the update/maintenance.
QSFP+
Is a 4 channel SFP+ = four 10Gbit/s = 40Gbit/sec
LAG (Link Aggregation Group)
Is the combined collection of physical ports to achieve greater bandwidth
What are the two types of secondary VLANs?
Isolated VLAN Community VLAN
Namespace
It contains the entire collection of computer names and their IP addresses
Nameserver
It holds these databases, which are organized in a hierarchical structure
Which local storage characteristics would be considered to be benefits over cloud storage? -It is more accessible and scalable -It is less expensive -It is faster -It is better protected against disaster -It offers better control of backups and access
It is better protected against disaster It is faster
Why might you choose to implement a wireless network using the 5GHz band as opposed to the 2.4 GHz Band?
It is generally less congested
What happens when switches don't have a MAC address in its table?
It sends the frame to everyone
Why is PoE useful?
It uses one wire for both network and electricity useful in difficult to power areas
TKIP (Temporal Key Integrity Protocol) had which primary benefits?
It was compatible with devices that supported WEP It offered better security than WEP
What advantages does SHA provide over older hashing algorithms?
Its resistant to collisions, but the hashing processes takes longer than with less secure methods
Scrambled or garbled communications when using VoIP or video conferencing applications is an indication of which type of network issue?
Jitter
What is Kerberos?
Kerberos is a network authentication and authorization protocol within a windows domain environment. It provides secure authentication over a insecure network using key encryption to verify the identity of clients
The network administrator is troubleshooting a switch port for a file server with dual NICs. The file server needs to be configured for redundancy, and the dual NICs need to be combined for maximum throughput. What feature on the switch should the network administrator ensure is enabled for best results?
LACP is a protocol used to control the combining of ports. Link Aggregation groups combine numerous physical ports to make one high bandwidth path. This method can increase bandwidth and therefore, throughput. It can also provide network redundancy and load balancing.
What is 4G and LTE?
LTE is a 4G that converged GSM & CDMA providers bases on GSM and Edge that supports 150 Mbit/s download rates
Which of these cellular technologies offer the fastest speeds?
LTE-A
Which SAN component is responsible for identifying the storage available to any given system?
LUN
A network engineer is designing a campus-wide wireless network. Wireless access points will be distributed across the campus for maximum availability. The network is to be designed to handle a large number of roaming wireless devices. What feature should he employ?
LWAPP is the best choice because it serves as a standard single point that allows quick and efficient management of multiple wireless devices at a time. Lightweight Access Point Protocol (LWAPP) is the name of a protocol that can control multiple Wi-Fi wireless access points at once. This can reduce the amount of time spent on configuring, monitoring, or troubleshooting a large network.
What is the lowest layer of the OSI model at which LAN's & WAN's support the same protocols?
Layer 3
802.3ad
Link Aggregation Control Protocol (LACP)
802.1AX
Link aggregation control protocol- The seamless combination of multiport network interfaces or ports as 1
Which availability solution is not specifically designed for high availability, but provides it by default?
Load Balancing
What does LUN stand for?
Logical Unit Number
What describes an IPv6 address of ::1?
Lookback
Your company is using a T1 connection for its connectivity to the internet. When you arrived at work this morning, you found that your internet connection was not working properly. You began troubleshooting and verified that the network's router is properly configured, the cable is connected properly between the router and the T1's CSU/DSU, but the T1 remains down. You call your ISP, and they have requested that you test the interface on the CSU/DSU to ensure it hasn't failed. Which tool should you utilize to perform this test? Cable tester Tone generator Light meter Loopback adapter
Loopback adapter
Attenuation
Loss of power in a signal as it travels from the sending device to the receiving device
Which switch port protection method uses a whitelist of acceptable values to accept traffic?
MAC filtering
Which wireless authentication method involves maintaining a list of authorized addresses?
MAC filtering
What does enabling 802.1X port-based prevent?
MAC spoofing Duplicate IP's
What kind of software can be used to secure employee-owned device?
MDM
100BASE-FX
MMF 100 Mbps 2 km
100BASE-SX
MMF 100 Mbps 300m
1000BASE-SX
MMF 1000 Mbps 220-550 Meters
10GBASE-SR
MMF - 10Gbps, 26m-400 m
Which type of service can route different protocols based on labels?
MPLS
Where is MPLS inserted into message headers?
MPLS labels together are sometimes called a shim because they are inserted in between layer 2 and layer3. For this reason, MPLS is sometimes said to belong to layer 2.5
You have been asked to add an entry to your DNS records to allow SMTP traffic to be sent out using your domain name. Which type of record should you add to your DNS record?
MX record is used for outgoing (SMTP) and incoming (POP3/IMAP) traffic
An additional network segment is urgently needed for QA testing on the external network. A software release could be impacted if this change is not immediate. The request comes directly from management, and there is no time to go through the emergency change management process. Which of the following should the technician do? Wait until the maintenance window and make the requested change First document the potential impacts and procedures related to the change Send out a notification to the company about the change Make the change, document the requester, and document all network changes Explanation
Make the change, document the requester, and document all the network changes. Since the request came directly from management, if they have sufficient authority to authorize the change, it can be performed outside of the emergency change control process. This should be a RARE occurrence.
Port Monitoring or Mirroring
Makes a copy of all traffic destined for a port and sends it to another port
What does the control plane in SDN do?
Manages actions of data plane Routing tables, session tables, NAT tables, and Dynamic routing protocol updates also known as Control layer
What is congestion management?
Manages the volume of traffic throughout the network so traffic congestion doesn't impact network performance
A network administrator was told by the Chief Information Officer (CIO) to set up a new office with a network that has redundancy. What topology would BEST meet the CIO's requirement? -Hybrid -Bus -Mesh -Star
Mesh A mesh topology connects every endpoint to every other endpoint, creating a fully redundant network
Tim is a network administrator who is setting up three additional switches in his test lab. While configuring the switches, he verifies the connectivity but finds that when he pings one of the switches using its IP address, he receives "Destination Unreachable." What kind of issue is this? Denial of service attack Misconfigured DNS settings Misconfigured split-horizon RADIUS authentication errors
Misconfigured split-horizon
What are the PoE power modes?
Mode A- common mode data pair power Mode B- power on spare pair 4 pair- Power on all 4
Which type of wireless technology are OFDM, QAM, and QPSK examples of? Frequency Modulation RF interference Spectrum
Modulation
Star Topology
Most popular physical LAN topology where devices connect to a single point If the central device fails the entire network fails
A network technician is tasked with designing a firewall to improve security for an existing FTP server on the company network and is accessible from the Internet. The security personnel are concerned that the FTP server is compromised and is possibly being used to attack other company servers. What is the BEST way to mitigate this risk? Add an outbound ACL to the firewall Change the FTP server to a more secure SFTP Use the implicit deny of the firewall Move the server to the company's DMZ
Move the server to the company's DMZ
What is mGRE?
Multipoint Generic Router Encapsulation *Cisco common protocols - Used mainly for Dynamic Multipoint VPN - The VPN builds itself and tunnels are built dynamically Allows remote sites to communicate to each other when needed without the need to first communicate with the main office
What does MPLS stand for?
Multiprotocol Label Switching
With which network connection type does the VM obtain IP addressing information from its host?
NAT Mode In NAT mode a VM options IP addressing information from its host rather than from a server or router on the physical network
How do you find MAC addresses on a network using IPv6
Neighbor Discovery Protocol
How do you find a MAC address on a network on a network using IPv6?
Neighbor Discovery Protocol Also uses DAD (Duplicate address detection) to prevent duplicate IPs
What do well-chosen subnets accomplish?
Network documentation is easier to manage.
When you list a router's routing table, one of the routes is labeled with ab "S". Which routing protocol was used to create this route?
None. This route is static and was configured by a network administrator
Asynchronous Transfer Mode (ATM)
OSI Layer 2 A common protocol transported over SONET In the data link layer (layer 2) of the OSI model, the basic unit of transfer is called a frame. In an ATM network, these frames are called cells These 53-byte "cells" spaced evenly appart -48 bytes for data, 5 byte routing header Which allows for faster switching of the cells across the network. High throughput, real-time, low latency, data, voice, and video max speeds of OC-192 About 10 gigabits per second
QoS
OSI Layer 2 The process of controlling traffic flows Ethernet frame header in a 802.1Q trunk Usually applied through the intranet
Bridge
OSI layer 2 device Distributed traffic based on MAC address Imagine a switch with two to four ports Makes forwarding decisions in software Connects different physical networks can connect different topologies Gets around physical networks size limitations/collisions An example of a modern bridge is a wired access point. Bridges wired ethernet to wireless
Firewall
OSI layer 4 (TCP/UDP) some firewalls can filter OSI layer 7 Can encrypt traffic into/out of the network Protect your traffic between sites Can proxy traffic A common security technique Most firewalls can be layer 3 devices(routers) Usually sits on ingress/egress of the network
Which routing protocol might send packets over a longer route if there is less traffic on that route?
OSPF
What are two common link-state protocols?
OSPF (Open Shortest Path First) ISIS (Intermediate System-Intermediate System)
Which tool is used to characterize and find faults with fiber cabling?
OTDR
What are packet drops?
Occurs during link congestion when a router's interface queue overflows and causes packet loss
A technician needs to ensure wireless coverage in the green space near the center of the college campus. The antenna is being installed in the middle of the field on a pole. Which type of antenna should be installed to ensure maximum coverage?
Omnidirectional
Which power backup method will continually provide power to a server if the power goes out during a thunderstorm?
Online UPS
Port forwarding is commonly used in which types of applications?
Online gaming servers Voice over IP applications Peer to peer downloading
What secured tunneling protocol might be able to cross firewalls where IPsec is blocked?
OpenVPN
Which tunneling protocol is a component of the IPsec protocol suite?
OpenVPN
Which cloud computing service model gives a software developer access to multiple operating systems for testing?
Platform as a Service (PaaS) *The delivery option
IANA (Internet Assigned Numbers Authority)
Organization responsible for assigning IP addresses to public networks.
Which type of attack is designed to damage a system to the point of it generally needing to be replaced?
PDos
A network technician wants to allow HTTP traffic through a stateless firewall. The company uses the 192.168.0.0/24 network. Which of the following ACLs should the technician implement? PERMIT SRCIP 192.168.0.0/24 SPORT:80 DSTIP:192.168.0.0/24 DPORT:80 PERMIT SRCIP 192.168.0.0/24 SPORT: ANY DSTIP:ANY DPORT 80 PERMIT SRCIP:ANY SPORT:80 DSTIP:192.168.0.0/24 DPORT ANY PERMIT SRCIP: ANYSPORT:80 DSTIP:192.168.0.0/24 DPORT:80
PERMIT SRCIP 192.168.0.0/24 SPORT: ANY DSTIP:ANY DPORT 80 This will permit traffic from the internal network (192.168.0.0/24) from any port to access the external network (any IP) to port 80 (HTTP). Since this is a stateless firewall, you must include the SPORT (source port) ANY to allow the outbound connection through the firewall
Which email protocol allows an email client to download email messages to the local computer?
POP3
Which of the following WAN technologies would MOST likely be used to connect several remote branches that have no fiber or satellite connections? OC12 POTS WiMax OC3
POTS
A technician has punched down only the middle two pins (pins 4 and 5) on an Ethernet patch panel. Which of the following has the technician cabled this port to be used with? 10BaseT POTS 568B 568A
POTS is short for plain old telephone service. The technician made a cable for use with a telephone since it only requires two pins (send and receive).
Sharing a common internet connection over DSL is an example of which type of service?
PPPoE
You have been asked by your supervisor, Martha, to ensure that you enable 802.3af on a managed switch. Which of the following features does Martha want you to enable?
PoE
A network technician needs to monitor the network to find a user who is browsing websites against the company policy. What should the technician use to view the website and find the user browsing it?
Packet Sniffers They can capture and analyze network user traffic. This information can be queried to view website addresses, contents, and sometimes even the password information. This differs from an intrusion detection system in that IDS' wait to receive implicitly-malicious data in a network before logging the event
What is the simplest form of a firewall? How does it work?
Packet filtering which can be either a device or application. It examines the header of every packet of data it receives on any of its interfaces
Four router functions
Packet switching, packet filtering, internetwork communication, path selection
parabolic antenna
Parabolic antennas work well for outside wireless applications where you want directional control of the signal (such as when connecting two buildings) and over a longer distance.
What cable is best suited for ultra-high-speed connections between a router and switch on the same rack?
Passive twinaxial cable
You are creating a wireless link between two buildings in an office park utilizing the 802.11ac standard. The antenna chosen must have a small physical footprint and be lightweight as it will be mounted outside the building. Which type of antenna should you install?
Patch
Which termination point uses standard RJ-45 connections?
Patch Panel
A network consists of 5 computers all running windows 10 professional. All the computers are connected to a switch, which is connected to a router, which is connected to the internet. Which networking model does the network use?
Peer-to-peer
A network technician wants to allow HTTP traffic through a stateless firewall. The company uses the 192.168.0.0/24 network. What ACL should the technician implement?
Permit SRCIP 192.168.0.0/24 SPORT: ANY DSTIP: ANY DPORT
VPC Endpoint
Permits private connections from your VPC to supported AWS services.
You are working as a network administrator and are worried about the possibility of an insider threat. You want to enable a security feature that would remember the Layer 2 address first connected to a particular switch port to prevent someone from unplugging a workstation from the switch port and connecting their own laptop to that same switch port. Which of the following security features would BEST accomplish this goal?
Persistent MAC learning, also known as Sticky MAC, is a port security feature that enables an interface to retain dynamically learned MAC addresses when the switch is restarted or if the interface goes down and is brought back online. This is a security feature that can be used to prevent someone from unplugging their office computer and connecting their own laptop to the network jack without permission since the switch port connected to that network jack would only allow the computer with the original MAC address to gain connectivity using Sticky MAC
A WiFi Analyzer is typically used in which scenario?
Planning, surveying and mapping a new WiFi implementation
The Chief Information Officer (CIO) wants to improve the security of the company's data. Which management control should be implemented to ensure employees are using encryption to transmit any sensitive information over the network? Policies VPN HTTPS Standards
Policies
What port should be open so you can remote into the corporate office's linux server from a branch office?
Port 22 SSH
Light Weight Directory Access Protocol (LDAP)
Port 389
What is the port number for HTTP?
Port 80 TCP
A network technician must allow HTTP traffic from the internet over port 80 to an internal server running HTTP port 81. What is this an example of?
Port forwarding
Your network has been the victim of a data breach. Your company has hired an incident response team to help control the breach's damage and restore the network to its full functionality. The incident response team wants to connect a packet capture device to the switch that connects your servers to the DMZ. Which of the following should be configured to ensure the packet capture device can receive all the network traffic going to and from the servers? 802.1q 802.1x Port mirroring Port security
Port mirroring
What is port security?
Port security is a feature of a network switch that lets you configure a physical port for a specific MAC address.
Which two fields in an Ethernet frame help synchronize device communications but are not counted towards the frame's size?
Preamble and SFD ( Start Frame Delimiter)
Performance concepts such as traffic shaping, Qos and diffServ are primarily concerned with providing what kind of service?
Prioritization of packets by importance
Which type of documentation outlines how a business collects, uses, shares and stores information?
Privacy Policy
Port trunking
Process of data from multiple VLANs on a single switch being carried through a single network link between switches
What does the data plane in the SDN do?
Processes frames and packets, forwarding, trunking encryption, and NAT also known as Infrastructure Layer
File integrity refers to which process?
Protecting a file from unauthorized changes
Sally, in the web development group, has asked for your assistance in troubleshooting her latest website. When she attempts to connect to the web server as a user, her web browser issues a standard HTTP request but continually receives a timeout response in return. You decided to capture the entire TCP handshake between her workstation and the webserver to troubleshoot the issue best. Which of the following tools would BEST allow you to capture and then analyze the TCP handshake? Protocol analyzer Packet sniffer Spectrum analyzer Tone generator
Protocol Analyzer A protocol analyzer or packet analyzer (like Wireshark) has the capability to capture the handshake and display it for analysis. A packet sniffer, though, will only capture the handshake. Neither a spectrum analyzer or a tone generator would be helpful in this situation.
A company has added many new users to the network that is causing an increase in network traffic by 200%. The engineers' original projection was that the new users would only add 20-30% more network traffic, not 200%. The network administrator suspects that a compromise of the network may have occurred. What should the network administrator have done previously to prevent this network breach? Create VLANs to segment the network traffic Place a network sniffer on segments with new employees Provide end-user awareness and training for employees Ensure best practices were implemented when creating new user accounts
Provide end-user awareness and training for employees
What is a verbose trap?
Provides a full list of variables and values for a given device it manages using key pairs in real time
Which device can be used to increase network performance by caching websites?
Proxy Server
Your company has just installed a new web server that will allow inbound connections over port 80 from the internet while not accepting any connections from the internal network. You have been asked where to place the web server in the network architecture and configure the ACL rule to support the requirements. The current network architecture is segmented using a firewall to create the following three zones: ZONE INTERFACE, IP addressPUBLIC, eth0, 66.13.24.16/30 DMZ, eth1, 172.16.1.1/24PRIVATE, eth2, 192.168.1.1/24Based on the requirements and current network architecture above, what is the BEST recommendation? -Put the server in the DMZ with an inbound rule from eth1 to eth0 that allows port 80 traffic to the server's IP -Put the server in the PUBLIC zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP -Put the server in the DMZ with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP -Put the server in the PRIVATE zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP
Put the server in the DMZ with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP
Which one of these would support a 40 Gbit/sec Ethernet network link?
QSFP+
Implementing a rack diagram can assist in which task?
Quickly determine which equipment is necessary when purchasing
Users connecting to an SSID appear to be unable to authenticate to the captive portal. Which of the following is the MOST likely cause of the issue?
RADIUS
What backend database authentication servers are used in tandem /w 802.1x ?
RADIUS, Kerberos, TACACS, TACACS+, Active Directory (LDAP)
A network technician needs to install a server to authenticate remote users before accessing corporate network resources when working from home. Which kind of server should the network technician implement? DNSSEC PPP RAS VLAN
RAS A remote access server is a type of server that provides a suite of services to connect users to a network or the Internet remotely. Usually, this will be an RDP or VNC server.
List 3 IGPs (Interior Gateway Protocols)
RIP, RIPv2, OSPF, IS-IS, EIGRP
An administrator notices an unused cable behind a cabinet that is terminated with a DB-9 connector. What protocol was MOST likely used on this cable? RS-232 802.3 ATM Token ring
RS-232 is a standard for serial communication transmission of data. It formally defines the signals connecting a DTE (data terminal equipment) such as a computer terminal and a DCE (data circuit-terminating equipment or data communication equipment).
How is latency measured and in what unit?
RTT (round trip time), Millie seconds
What are core routers?
Routers that are located in side the same autonomous system
Which of the following network concepts is prevented by using a split-horizon? -Large routing tables -Duplicate addresses -Network collisions -Routing loops
Routing loops
A network's design includes gateways connecting an assembly-line network. The assembly-line network uses specialized cabling and interfaces to allow the assembly-line robots to communicate with one another. Which type of network would you classify this design as? CSU/DSU SCADA/ICS IS-IS LAN
SCADA/ICS
What kind of device can be used to configure and manage physical and virtual networking devices across the network?
SDN controller or Network Controller
Which type of WAN service would be most effective for real-time communications such as voice over IP and video conferencing?
SDSL
Which form of SHA was developed by private designers?
SHA-3
After a recent breach, the security technician decides the company needs to analyze and aggregate its security logs. Which of the following systems should be used?
SIEM
What is an example of a signaling protocol used in VoIP telephony?
SIP
Which of the following statements is not true? -SMF has a thinner core than MMF -SMF supports lower bandwidths than MMF -MMF is better suited than SMF for backbone connections within data centers -MMF signals experience greater reflection within the core than SMF signals
SMF supports lower bandwidths than MMF
10GBASE-LR
SMF, 10Gbps, 10km
1000BASE-LX
SMF/MMF 1Gbps 5 km/550m
When hosting a secure email server for access from the internet ,which port should be open on the corporate firewall?
SMTP over SSH or TLS uses port 587
What would alert a network administrator each time a network link is disabled?
SNMP Trap Can be configured on monitored devices to monitor devices through constant polling
A technician is concerned about security and is asked to set up a network management protocol. Which network management protocol will provide the best security?
SNMPv3 Simple Network Management Protocol (SNMP) is an Internet-standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Three significant versions of SNMP have been created, with SNMPv3 being the most secure.
A man-in-the-middle attack that downgrades a secure connection to an unsecure one is known as which option?
SSL Stripping
A network technician has been asked to make the connections necessary to add video transported via fiber optics to the LAN within a building. There will be one fiber connector for the Tx port and another connector for the Rx port. Which of the following type of connectors should be used to connect to the fiber optic cables?
ST
Which fiber connector does not support full-duplex transmissions?
ST
Which kind of multiplexing assigns slots to nodes according to priority and need?
STDM- Statistical Time Division Multiplexing
RTO - Recovery Time Objective
Same as Maximum Tolerable Downtime, or MTD.
Which security functions can be performed by a proxy server? -Shielding internal addresses from the public internet -Connecting dissimilar network architectures -Malware detection -Virus scanning -Packet examination and filtering
Shielding internal addresses from the public internet Packet examination and filtering
Which Cisco command lists configured VLANs on a switch?
Show VLAN
E1
Signal Level- n/a # of T1 Signals- n/a # of voice channels: 30 Speed: 2.0 Mbps It can handle voice and digital services (with a mix-n-match service). It is the European signal of DS1. It has higher bandwidth than T1 because of T1 reserves bits for overhead.
T1
Signal Level: DS1 # of T1 Signals: 1 # of voice channels: 24 speed: 1.544 Mbps
T3
Signal Level: DS3 # of T1 signals: 28 # of voice channels: 672 Speed: 44.736 Mbps
Signals traveling through areas in which many wireless communications systems are in use will exhibit a lower___________ because of the high proportion of noise.
Signal to noise ratio
What information transmitted message might an IDS use to identify network threats?
Signature
What is 5G?
Significant performance improvements over 4G technology with higher frequencies with 10 Gbit/s and slower speeds of 100-900 Mbit/2
Hub and Spoke Topology
Similar to Star but with WAN links instead of LAN connections and it is used for connecting multiple sites.
What are the advantages of spine and leaf architecture?
Simple cabling Redundant Fast
What is SAE?
Simultaneous Authentication of Equals. WPA3 changes the PSK authentication process. Uses Diffie-hellman derived key exchange with authentication components also known as the 'dragonfly handshake'.
Your company has two office buildings which are connected via a copper network cable that is buried underground. There is some construction being performed near the buildings. Now, the second building discovers they have suffered a network outage that doesn't appear to be temporary. What is the MOST likely cause of the outage?
Since the issue started after construction began, it is most likely that the construction crew broke the cable during digging operations. This can cause an open circuit or short circuit, depending on how the cable was cut/broken by the construction workers. This can be verified using a Time-Domain Reflectometer to determine exactly where in the cable the break has occurred
Suppose you're assisting with a cable installation using fiber-optic cabling that will support Gigabit Ethernet. You're approved to install segments up to 4000 m in length. What kind of cable are you using?
Single Mode Fiber
Which of the following network infrastructure implementations would be used to connect two remote sales machines back to the main campus for all of their data and voice network traffic?
Single-mode fiber Single-mode fiber can carry different types of data signals over long distances without losing any integrity. Therefore it is the best choice. You can lease a pair of single-mode fibers from the local telecommunications provider (called dark fiber) since it will already be buried underground and ready for your use.
SFP+
Small Form Factor Pluggable Plus. A type of SFP that can send and receive data at rates of up to 10 Gbps.
Single-mode fiber (SMF)
Smaller core size Covers longer distances More expensive
What are the fields contained within the an IEEE Ethernet frame header?
Source and Destination MAC address FCS Field
Microsoft SQL Server
TCP 1433
Oracle SQL *Net
TCP 1521
H.323
TCP 1720 A VoIP standard that handles the initiation, setup, and delivery of VoIP sessions.
H.232
TCP 1720 works with A/V (audio visual)
MySQL free
TCP 3306
LDAPS (Lightweight Directory Access Protocol Secure)
TCP 636
What is the port number for POP(SSL)?
TCP 995
How does a network device determine if a specific packet is the start of a new traffic flow?
TCP flags
What is a message called that is delivered by TCP? What is a message called that is delivered by UDP? At what layer do the protocols work?
TCP-segment UDP-datagram Transport
What method does a GSM network use to separate data on a channel?
TDMA-Time Division Multi Access Digital data on GSM systems is separated by time slots on a channel using TDMA
Which current protocol is used to create secure transmissions for HTTP browsing sessions?
TLS
IaaS (Infrastructure as a Service)
Take and bake option On demand access to cloud-host physical and virtual servers, storage, and networking
Which linux based command line foot can be used to capture packets for future analysis
Tcpdump
Which hexadecimal block in an IPv6 address is used for the Subnet ID?
The 4th one
Which security features should be enabled to configure a quality of service filter to manage the traffic flow of cisco router or switch and protect it against a denial-of-service attack?
The Control Plane Policing, or CPP, feature allows users to configure a QoS filter that manages the traffic flows of control plane packets to protect the control plane of Cisco IOS routers and switches against reconnaissance & denial-of-service attacks
Mark is setting up a DHCP server on a segment of the corporate LAN. Which of the following options is NOT required in the DHCP scope to allow hosts on that LAN segment to be assigned a dynamic IP address and still be able to access the Internet and internal company servers? -default gateway -reservations -DNS -subnet mask
The DHCP must provide a default gateway, DNS server, and subnet mask to each client to effectively access the Internet. Using DHCP reservations is not required to be configured to meet the requirements provided in the question.
802.1w
The IEEE standard that describes RSTP (Rapid Spanning Tree Protocol), which evolved from STP (Spanning Tree Protocol).
802.1D
The IEEE standard that describes, among other things, bridging and STP (Spanning Tree Protocol).
802.3af
The IEEE standard that specifies a way of supplying electrical Power over Ethernet (PoE). 802.3af requires Cat 5 or better UTP or STP cabling and uses power sourcing equipment to supply current over a wire pair to powered devices. PoE is compatible with existing 10Base-T, 100Base-TX, 1000Base-T, and 10GBase-T implementations.
Simple Mail Transfer Protocol (SMTP)
The Internet standard protocol for transferring e-mail messages from one computer to another. Port 587
Which of the following protocols must be implemented for two switches to share VLAN information?
The VLAN Trunking Protocol (VTP) allows a VLAN created on one switch to be propagated to other switches in a group of switches (that is, a VTP domain).
0.0.0.0/0
The address for a default route
Who is responsible for the security of hardware on which a public cloud runs?
The cloud provider is always responsible for the underlying hardware
Which characteristics distinguishes a logic bomb from other types of threats?
The code remains dormant for a period of time after infection
Why is SMF more efficient over long distances than MMF?
The core of SMF is much narrower than that of MMF, and reflects very little. The light does not disperse as much along the fiber.
A neighbor hacks into your secured wireless network on a regular basis, but you didn't give her the password. What loophole was most likely left?
The default password was not changed
Why do APC ferrules create less back reflection than do UPC ferrules?
The end faces are placed at an angle to each other, and the reflection is sent back in a different direction than the source of the signal
One of your coworkers downloaded several, very large video files for a special project she's working on for a new client. When you run your network monitor later this afternoon, what list will your coworker's computer likely show up on?
Top Listeners Top listeners are host that receive on inordinate amount of data
The last part of an FQDN is called the______
Top level domain
What are leaf switches known as?
Top of rack switches
You are working as a service desk analyst. This morning, you have received multiple calls from users reporting that they cannot access websites from their work computers. You decide to troubleshoot the issue by opening up your command prompt on your Windows machine and running a program to determine where the network connectivity outage occurs. Which tool should you use to determine if the issue is on the intranet portion of your corporate network or if it is occurring due to a problem with your ISP?
Tracert is a command-line utility used to trace the path of an IP packet as it moves from its source to its destination. While using ping will tell you if the remote website is reachable or not, it will not tell you where the connection is broken. Tracert, though, performs a series of ICMP echo requests to determine which device in the connection path is not responding appropriately.
What is classification (QoS)?
Traffic is placed into different categories Does not alter any bits in the frame or packet
What addresses does an 802.11 contain that an 802.3 frame does not?
Transmitter address and receiver address
Segmentation of a data stream happens at which layer of the OSI model?
Transport
Which port mode on a switch enables that port to manage traffic for multiple VLANs?
Trunk
What is twist ratio and why is it important?
Twist ratio is the number of twists per meter or foot. The more twists per foot in a pair of wires, the more resistant the pair will be to cross-talk or noise.
The "T" in 100BaseT stands for which cable characteristic?
Twisted pair cabling
Which type of address duplication conflict is most likely to happen in a network environment?
Two hosts configured with the same statically assigned IP address
IBSS (Independent Basic Service Set)
Two or more wireless nodes communicating without the use of an access point in ad hoc mode
Which network element enables unified communication devices to connect to and traverse traffic onto the PSTN? Access switch UC gateway UC server Edge router
UC gateway Unified Communications (UC) enables people to use different modes of communication, media, and devices to communicate with anyone, anywhere, anytime.
Network Time Protocol (NTP)
UDP 123
TFTP (Trivial File Transfer Protocol)
UDP 69 A simple version of FTP that uses UDP as the transport protocol, and does not require a logon to the remote host.
How to visually tell the difference between UPC and APC connectors?
UPC connectors are usually blue APC connectors are usually green
What does user account control seek to control?
Unintentional or unauthorized changes
How does a vNIC get a MAC address without manual intervention?
Upon creation, each vNIC is automatically assigned a MAC address
How does a vNIC get a MAC address?
Upon creation, each vNIC is automatically assigned a MAC address
A network administrator is tasked with building a wireless network in a new building located right next door. The wireless clients should not have visibility to one another but should have visibility to the wired users. Users must seamlessly migrate between the buildings while maintaining a constant connection to the LAN. How should he configure the new wireless network in the new building?
Use the same SSIDs on the same channels with AP isolation For users to be able to seamlessly migrate between the two buildings, both Access Points (AP) must use the same SSIDs. They must be on different channels, though. Otherwise, interference would occur. Access Point (AP) isolation is a technique for preventing mobile devices connected to an AP from communicating directly with each other.
FHSS (Frequency Hopping Spread Spectrum)
Used by bluetooth, data transmitted in short bursts in sequence on a particular frequency band. Cheaper than DSSS and performs better than DSSS in crowed indoor environments
What are audit logs?
Used to record which user performed an action
An attacker configures a VLAN frame with two tags instead of just one. The first tag directs the frame to the authorized VLAN. After the frame enters the first VLAN, the switch appropriately removes the tag, then discovers the next tag, and sends the frame along to a protected VLAN, which the attacker is not authorized to access. What kind of attack is this?
VLAN hopping or double tagging
How to troubleshoot DNS?
Verify IP, Subnet mask, default gateway, DNS server IP Use nslookup or dig to test address resolution Try a different DNS- Google, Quad9
You have just upgraded a small office LAN switch. When you finish, a user states they can no longer access the network. You check the user's workstation but do not see any LED lights lit on their NIC. What should you check next? Verify the switch is connected to the router Verify the device is using the correct cable type Verify the NIC is operating properly Verify the network cable is attached to the new switch
Verify the network cable is attached to the new switch This is most likely a layer 1 issue.
What is VRRP?
Virtual Router Redundancy Protocol- Device uses a virtua; Ip address for default gateway if routes disappear, another one takes its place data continues to flow
How can you go about gathering the information needed to assemble a thorough operations manual?
Visits to data rooms, an examination of servers and desktops, a review of receipts for software and hardware purchases, and the use of protocol analyzer or network management software package
The ability to insert code into a database field labeled "Name" is the example of a(n)
Vulnerability
WAP (Wireless Access Point)
WAP is an OSI layer 2 device Not a wireless router A wireless router is a router and a WAP in a single device. WAP is a bridge Extends the wired network onto wireless network
Temporal Key Integrity Protocol (TKIP) was the primary encryption method in which wireless security implementation?
WPA
Which scenario would best warrant the implementation of a RADIUS server? -When you have a single network access server, with multiple authentication policies -When you have multiple network access servers, with multiple authentication policies -When you have multiple network access servers, with a single authentication policy -When you have a single network access server, with a single authentication policy
When you have multiple network access servers, with a single authentication policies
Describe the access layer in three tier architecture
Where the user connect i.e. end stations printer
T-568A
White Green, Green, White Orange, Blue, White Blue, Orange, White Brown, Brown required for government standards
T-568B
White/orange, orange, white/green, blue, white/blue, green, white/brown, brown
A home user reports to a network technician that the Internet is slow when they attempt to use their smartphone or laptop with their Wi-Fi network. The network administrator logs into the admin area of the user's access point and discovers that multiple unknown devices are connected to it. What is MOST likely the cause of this issue?
Wi-Fi Protected Setup (WPS) allows users to configure a wireless network without typing in the passphrase. Instead, users can configure devices by pressing buttons or by entering a short personal identification number (PIN). Unfortunately, WPS is fairly easy to hack and unknown devices can then connect to your network without permission. This is the most likely cause of the issue described in the question.
WPA2
WiFi Protected Access 2; more permanent upgrade to WEP uses CCMP block cipher mode and AES technology
802.11n
Wireless networking standard that can operate in both the 2.4-GHz and 5-GHz bands Bandwidth: 150 Mbps/600 Mbps (MIMO) Introduced MIMO support on non-overlapping channels to increase the bandwidth available for the wireless network. This is also supported in 802.11ac (MU-MIMO), which was the next version released after it.
802.11ac
Wireless networking standard that operates in the 5-GHz band and uses multi-user MIMO (MU-MIMO) with a bandwidth of 3 Gbps.
Why do wireless networks experience a greater reduction in throughput compared with wired networks?
Wireless networks experience a high number of collisions and require greater overhead on each transmission resulting in a significant reduction in throughput compared to wired networks
WPA (Wi-Fi Protected Access)
Wireless security protocol that uses RC4 with TKIP. Initialization vector is larger and an encrypted hash Every packet gets unique 128-bit encryption key Succeeded by WPA2
Which type of antenna is the most precise in terms of directional communications? -Semi-directional -Yagi_Uda -Parabolic -Omni-directional
Yagi-uda
What is VTP?
a Cisco proprietary protocol that was created to propagate VLAN information on all switches in the domain to a VLAN database on one switch called the master stack. This is then communicated to the other switches
light meter
a device to measure light intensity
SLAAC (stateless address autoconfiguration )
a method of automatic IPv6 address configuration on a client
split horizon
a method of preventing a routing loop in a network. If it is misconfigured, the switches would be unable to communicate with each other
Virtual Private Cloud (VPC)
a subset of a public cloud that has highly restricted, secure access
What kind of tool can measure the distance to the location of damage in a cable?
cable performance tester, line tester, certifies, network tester
Wide Area Network (WAN)
connects geographically disparate internal networks and consists of leased lines or VPNa World wide coverage
Metropolitan Area Network (MAN)
connects scattered locations across a city or metro area up to about 25 miles
Any traffic that is not explicitly permitted in the ACL is _______, which is called the ______.
denied, implicit deny
When a criminal or government investigation is underway, what describes the identification, recovery, or exchange of electronic information relevant to that investigation?
eDiscovery
VPC Gateway
enables connection to your On-Prem network via the public internet.
Software Defined Networking (SDN)
enables network to be intelligently and centrally, controlled, or programed, using software applications
Which 802.11 specification uses 2.4GHz transmissions and offers a speed up to 54 Mbps over a distance of approximately 150 feet? -a -ac -n -g -b
g
LLC Layer
handles communication between upper and lower layers is implemented in software
What feature of a site survey maps the Wi-Fi signals and other noise in your location?
heat map
Dion Training has just upgraded a pair of older 100BASE-SX switches to a pair of 1000BASE-SX switches within their intranet. Before the upgrade can be considered complete, the technicians must create a new network performance baseline by measuring the throughput of the the connection between the new switches which tool should be used?
iPerf is used to create TCP & UDP data streams and measure the throughput of a given network
Targets and Initiators are components of which SAN protocol?
iSCSI
As you're working to fix a problem with an application, you make multiple changes at once hoping that something will solve the issues you're having. You end up with more problems than when you started. Which step, if followed correctly, would have prevented this complication? -Document findings, actions, outcomes, and lessons learned. -Establish a plan of action to resolve the problem and -identify potential effects. -Identify the problem. -Test the theory to determine the cause.
identify the problem.
coaxial cable
insulated copper wire; used to carry high-speed data traffic and television signals
What is DiffServ?
is a simple technique that routers and switches use to address QoS by prioritizing traffic at layer 3 based on markings. It places information in the DiffServ field of an IPv4 packet
What is RJ-45?
is an ethernet cable used for computer networking has 8 wires is bigger in size to RJ11
What is RJ11 used for?
is used for telephone units has 4 wires
Multimode Fiber (MMF)
larger core size Cover shorter distance Less expensive
What is a hub? What layer on the OSI model is it found?
multiport repeater It is found on layer 1
Hub
multiport repeater OSI Layer 1 Traffic going in one port is repeated to every other port Everything is half duplex Becomes less efficient as network traffic increases 10 megabit/100 megabit Difficult to find today
VM Sprawl
occurs when an organization has many VMs that aren't managed properly
Full Mesh Topology
optimal routing always available every node connects to every other node REDUNDANCY expensive
Incident response policies are generally implemented to respond to which types of incidents?
security breaches
What tcpdump command will capture data on eth0 interface and redirect output to a text file named checkme.txt for further analysis?
tcpdump -i eth0 -w checkme.txt
COOP (Continuity of Operations Plan)
the plan for continuing to do business until the it infrastructure can be restored
What is the correct color scheme for Pin 1 to Pin 8 for a T-568B connector? blue, white/blue, orange, white/brown, brown, white/green, green, orange/white white/green, green, orange/white, blue, white/blue, orange, white/brown, brown white/orange, orange, white/green, blue, white/blue, green, white/brown, brown white/green, green, white/orange, orange, blue, white/blue, white/brown, brown
white/orange, orange, white/green, blue, white/blue, green, white/brown, brown
Which of the following wireless technologies does not use the 2.4GHz band?
z-wave
Stratum 0
• Atomic clock, GPS clock • Very accurate
Cable Broadband
• Broadband - Transmission across multiple frequencies - Different traffic types • Data on the "cable" network - DOCSIS (Data Over Cable Service Interface Specification) • High-speed networking - 50 Mbits/s through 1,000+ Mbit/s are common • Multiple services - Data, voice, video
Satellite networking
• Communication to a satellite • Non-terrestrial communication • High cost relative to terrestrial networking • 50 Mbit/s down, 3 Mbit/s up are common • Remote sites, difficult-to-network sites • High latency - 250 ms up, 250 ms down • High frequencies - 2 GHz • Line of sight, rain fade
Differentiated services (DiffServ)
• OSI Layer 3 • QoS bits are enabled in the IPv4 header • Bits are set external to the application • Routers and switches apply the QoS
Stratum 1
• Synchronized to stratum 0 servers • Primary time servers