Network+ Practice test Questions
Headquarters requests a new IP subnet. The solution must meet the following requirements: *IPv4 class A address type *Private IP address *At least 15 usable IP addresses within the range Which subnet would meet the requirements? 1.10.10.0/27 10.10.10.0/30 172.16.1.0/27 10.1.1.32/28 10.10.10.128/27
Answer: 10.10.10.128/27 The subnet 10.10.10.128/27 matches the requirements. The first requirement is to use a class A address type, which means the first octet will range from 0-126 The following private IP address spaces are assigned by IETF: Class A: 10.0.0.0-10.255.255.255 Class B: 172.16.0.0-172.31.255.255 Class C: 192.168.255.255 Finally, the new subnet should offer at least 15 usable IP addresses. The subnet mask of /27 means 255.255.255.244 and provides spaces for 30 hosts. The subnet 10.10.10.0/30 offers two hosts only and is mainly used for a point-to-point connection. The subnet 1.10.10.0/27 is a class A address and provides enough IP addresses, but it is not a private IP address. The subnet 10.1.1.32/28 gives 14 usable IP addresses (hosts) only and does not meet requirements. Finally, 172.16.1.0/27 is a class B address.
A technician is setting up a SOHO with devices located in different rooms. The configuration needs to support multiple simultaneous data streams to maximum throughput which two standards support this configurations? (Choose two.)
Answer: 802.11ac, 802.11n Explanation: Multiple simultaneous data steams are supported by 802.11n and 802.11ac through Multiple-In Multiple-Out (MIMO) technology. MIMO was introduced with 802.11n, which supports up to four streams. 802.11ac enhanced this technology with support for up to eight data streams. The 802.11ac standard also introduced multiple user MIMO (MU-MIMO). this differs from MIMO in that MIMO handles client connections serially, supporting one client at a time and switching rapidly between clients. MU-MIMO can manage up to four clients in parallel for clients that support the technology. MU-MIMO operates in one direction only, from the wireless router or access point to the client. MU-MIMO is limited to four data streams. The 802.11a and 802.11g standards do not support MIMO technology, so an access point using one of these standards cannot support multiple data streams.
A consultant is helping a company design a wireless LAN implementation. Network requirements include internal access points for network host connections and external wireless connections between buildings. The consultant needs to help the company choose appropriate antennas. What does the dBi rating of an antenna represent? A higher dBi antenna has the same gain and a narrower field pattern than a lower dBi antenna. A higher dBi antenna has the same gain and a wider field pattern than a lower dBi antenna. A higher dBi antenna has more gain and a wider field pattern than a lower dBi antenna. A higher dBi antenna has more gain and a narrower field pattern than a lower dBi antenna.
Answer: A higher dBi antenna has more gain and a narrower field pattern than a lower dBi antenna. Explanation: A higher dBi antenna has more gain and a narrower field pattern than a lower dBi antenna. An antenna's gain is measured in relative decibels (dB) in reference to a standard antenna used for reference. Gain refers to the relative measure of an antenna's ability to direct a signal in a specific direction. The dBi value is commonly used, which is decibels measured relative to an isotropic reference antenna. An isotropic antenna is one that radiates equally in all directions. The field pattern refers to the coverage area. For example, you would expect a 2 dBi antenna to have a 360 degree field of coverage, making it appropriate tfor use as an internal antenna for host connections. A higher dBi antenna has a narrower field and a more directional signal. This makes it well suited for applications such as connecting buildings on a corporate campus. The narrow field pattern makes it less likely that someone would be able to intercept the signal.
PC1 is unable to access the Internet in the network shown in the exhibit. What is the MOST likely cause? A rogue DHCP server Invalid static IP address Duplicate IP address Expired IP address
Answer: A rogue DHCP server There is a rogue DHCP server in the network. PC1 has been configured to receive IP information from a DHCP server. PC1 has been configured to receive IP information from a DHCP server. The exhibit shows that the DHCP server is 192.168.1.10, but PC1 has received IP information from 10.10.10.10, which is a rogue DHCP server. As a result, PC1 cannot access the Internet, because the IP address, default gateway, and DNS settings are incorrect. To fix the issue, the company should disconnect the rogue DHCP server from the network and use the ipconfig/release and ipconfig/renew commands on PC1 to renew UP settings. PC1 has not been configured using a static IP address. The exhibit shows the UP address of a DHCP server at 10.10.10.10. The IP address has not expired the exhibit suggests there is a rogue DHCP server in the network. PC1 contacts the DHCP server when half of the lease time has elapsed and tries to renew its DHCP lease. If there is no replay from the DHCP server, PC1 tries again after 87.5 perfect of the lease time. When an IP address expires, PC1 uses an IP address from the Automatic Private IP Addressing (APIPA) pool. The issue is not related to a duplicate IP address. PC1 has received incorrect IP info. from a rogue DHCP server.
A company needs to support a secure link for remote users to a web-aware application that is deployed on a server in the perimeter network. The Technical Services dept. recommends using an SSL VPN to minimize the configuration changes need in network firewalls. The solution will use certificate-based authentication. What is the minimum certificate requirement for this configuration? A client-side certificate only A server-side certificate only The same certificate on both the client and server Different certificates on the client and server.
Answer: A server-side certificate only. Explanation: The min. requirement for certificate-based authentication is a server-side certificate only. Man authentication methods do not require a certificate, but when one is required for server authentication, a server certificate is required. The server will present the public certificate to the client during the initial handshake. A client certificate is not required. If you want to require mutual authentication, in which the client authenticates the servers and the server authenticates the client, both client and server certificates are required. The client an server will have different certificates. It is important to note that even through the term SSL is commonly used to refer this type of security, SSL is an older standard and TLS is in more common use in its place. The basic functionality, authentication procedures, an supported authenticated types are effectively the same between the two.
A network administrator has been tasked with deploying a new wireless LAN controller. Which protocol is recommended for integrity checking and encryption? TLS SHA512 with AES IPsec AES-based CCMP PSK-TKIP
Answer: AES-based CCMP Explanation: The network administrator should use the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) with Advanced Encryption Standard (AES). Wi-Fi Protexted Access II (WPA2) is a recommended protocol for wireless communications, sometimes reffered to as WPA2-CCMP/AES. WPA2 is backwards compatible and supports Temporal Key Integrity Protocol (TKIP). Wireless Lan Controllers (WLC) manage and configure wireless access points. TKIP should not be used to secure a wireless network. TKIP is a legacy protocol that is vulnerable to a number of attacks. The network administrator should use CCMP/AES instead. Internet Protocol Security (IPsex) is used to protect VPN traffic, not wireless networks. IPsec is an umbrella of protocols that can be deployed to secure remote and site-to-site tunnels. Transport Layer Security (TLS) is not a recommended protocol here. TLS allows a client and a sever to establish an encrypted connection over a public network using certificates. The Secure Hash Algorithm (SHA) is not used to protect wireless networks. SHA could be implemented to verify the integrity of a file or VPN traffic.
What is the logical topology of a network wired with multi-layer switches?
Answer: Bus Explanation: A network wired with multilayered switches is physically configured as a star network with connected stars, but it is logically a bus network. Ethernet networks were originally wired using a coaxial cable, and all nodes were connected directly to the network with the same level of access. Switches, even though they are physically wired as a star, logically they emulate a bus network. This does not describe a mesh to topology. in mesh topology, all nodes are connected to each other. providing multiple communication paths between nodes. The Internet is essentially a mesh network. This does not describe an ad hoc topology. An ad hoc topology is a wireless networking topology made up of point-to-point connections between wireless nodes with no central connection points.
A company is replacing a portion of its wired LAN with a wireless LAN configured for Wifi Protected Access II (WPA2). The company needs to use the most secure encryption protocol for WPA2. Which protocol should the company implement?
Answer: CCMP-AES Explanation: The Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) with Advanced Encryption Standard (AES) is the default encryption protocol for Wi-Fi Protected Access II (WPA2). The standard requires mandatory use of CCMP-AES. Devices mist support CCMP-AES to be certified as WPA2 devices. In addition to a high level on encryption, CCMP-AES supports data integrity and authentication. Temporal Key Integrity Protocol (TKIP) with Rivest Cipher 4 (RC4) is supported by WPA2 devices and can be implemented in addiction to CCMP-AES to provide backward compatibility for legacy devices. If it is default encryption protocol for the earlier WPA standard. Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) and EAP-Flexible authentication via Secure Tunneling (EAP-FAST) are authentication protocols for initial client authentication, for when the client first connects to an access point, no encryption protocols for wireless broadcasts. Both are supported by WPA2 and provide for secure authentication.
Users connect to the network using wireless laptops and report intermittent access issues with a NAS server. The access point and the NAS server are connected to a switch using a 100 Mbps Link. The status of the access point is shown in the exhibit. What should the support team do to fix the connectivity issue?
Answer: Change the IEEE mode to 802.11n. Explanation: The support team should install more access points. The exhibit shows 125 connected clients. Access points support hundreds of concurrent associated devices, but it is not a recommended approach to have that many. In this case, 125 users will probably exceed the bandwidth that the access point can provide. This phenomenon is called overcapacity. There is no clear indication of how many clients can be connected to a single access point, but most network engineers limit this nimber to 30-50 clients. Changing the security settings is not going to fix the issue. Although the access point uses an insecure legacy protocol Wi-Fi protected Access (WPA) with Temporal Key Integrity Protocol (TKIP), changing it to WPA2-AES will not increase the available bandwidth. WPA2-AES will improve the security of the wireless network. The access point uses the IEEE 802.11ac Wave 1 standard, which supports gigabit speeds. The 802.11n standard is slower and offers a maximum data rate of 450 Mbps. Changing to 802.11n will decrease the wireless performance. SSID isolation cannot fix the problem. The team could use the SSID isolation feature to prevent wireless clients from accessing resources on the local area network or other wireless clients.
A security engineer installs an SSL certificate and an endpoint security package on a server. The deployment of a dedicated agent on a member server fails with the following error message: Error code: SSL_SEC_ERROR_EXPIRED_CERTIFICATE. License has expired! What should the engineer do first? Verify IP addresses on the servers. Check time settings. Renew the certificate. Change the SSL version.
Answer: Check time settings. Explanation: The engineer should verify the time settings first. The error message suggests that the certificate and license have expired. If the time and date settings are incorrect, the server is unable to verify these options and assumes a certificate has expired. Network Time Protocol (NTP) offers a flexible way to synchronize time and date settings in the network. NTP can be configured to authenticate the time source to ensure that only known sources are in use. The engineer should not renew the certificates as the first step. The scenario suggests that it is a new deployment and a valid certificate has been installed. The error message suggests an issue with time and date settings. The engineer should not verify IP addresses on the servers. The error message indicates that the servers have established a connection. There is no problem with IP connectivity here. The error message indicates a problem with a certificate that has expired. There is no information suggesting that a legacy or unsupported SSL version has been deployed.
A file server deployed on the company perimeter network is used to store reference materials and templates for forms. All of the fields are stored on the same disk partition. Fields are downloaded from the server using FTP. The company needs to be able to determine whether a file is changed while stored on the server. What should the company do? Require secure authentication for access. Create a hash for the disk partition. Create a hash for each file. Run a full backup daily.
Answer: Create a hash for each file Explanation: The company should create a hash for each file. A hash is a value generated from the file content. If another hash is generated at a later time, the new hash should have the same value. If not, the file has been modified. The company should not create a hash for the disk partition. Any change to the disk partition, such as adding new files, would result in a different has value even if the files already on the partition have not changed. The company should not require secure authentication for access. this would make it more difficult to access the files but not in itself do anything to prevent changes to the files. The company should not run a full backup daily as a way of detecting changes. The process of running a full backup would not do anything to identify changes. A full backup backs up all files whether or not that have changed.
What is a secure multipoint IP hub-and-spoke WAN configuration that supports direct communication between spokes? MPLS PPPoE DMVPN ATM
Answer: DMVPN Explanation: A dynamic multipoint virtual private network (DMVPN) is a secure multipoint IP hub-and-spoke WAN configuration. In this configuration, one site is designated as the hub and other locations as spokes. The network acts as a mesh configuration in that communication can be established between any two spoke sites. When one site needs to communicate with another site, it will contact the hub first to obtain connection information about the other site and then create a dynamic IPsec tunnel between the two. Point-to-Point Protocol over Ethernet (PPPoE), as the name implies, is used to establish point-to-point connections, so it is not a multipoint configuration. It was designed primarily for use with broadband modems and is a preferred connection method for digital service line (DSL) connections. Most ISPs support PPPoE. Multiprotocol Label Switching (MPLS) is a WAN communication method that routes information over predefined routes. Traffic is labeled to identify its destination as it enters the service provider's network and follows routing decisions based on the label. MPLS works with IP, Asynchronous Transport Mode (ATM), and frame relay network protocols. MPLS makes it possible for a service provider to define different service levels and support different service level agreements (SLAs). ATM is a dedicated-connection switching technology used to create point-to-point connections for communications. Logical circuits are established before communication begins. Any bandwidth not used by the connection can be used for other purposes.
A company opens a new call center with 35 agents. The network team is tasked with providing them with LAN and WAN access. The solution must meet the following requirements: *Provide fast and reliable connections *Limit access to some local network resources *Filter access to Internet Which three options should the network team implement?
Answer: Firewall ACL, VLAN on a switch, Proxy group Explanation: The network team should configure a virtual local area network (VLAN on a switch, a proxy group, and a firewall access control list(ACL). VLANs are used to logically segment the network. The network team could assign new agents to a dedicated VLAN and use an ACL on the firewall to filter traffic. A proxy server should be used to monitor, manage, and filter outgoing traffic to the internet. A proxy server works as a gateway between a local network and the Internet. The network team could configure special groups and permissions for new agents. The network team should not configure an Intrusion Protection System (IPS) policy. An IPS is deployed to identify external threats and respond to them. A Data Loss Prevention (DLP) system is not a good choice here. DLP detects data leaks and makes sure users cannot share sensitive information with people outside the organization. A Virtual Private Network (VPN) is not required here. The company has asked for WAN and LAN access for the agents only. A VPN is used to provide remote and site-to-site access. A service set identifier (SSID) on an access point (AP) is not a good choice, because the company has asked for a fast and reliable connection. Wireless is slower than a wired connection and prone to interference from other wireless devices. The company should use a wired connection with a VLAN on a switch.
A company has its own comms rooms and an on-premises data center containing all of its servers and network devices. A network engineer wants to add some cloud on-demand solutions to the existing infrastructure. Which cloud model should the company use? Public Private Hybrid CASB
Answer: Hybrid Explanation: The company should use the hybrid cloud solution. A hybrid model combines on-premises infrastructure or a private cloud with a public cloud service. There are three main types of cloud delivery models: private, public, and hybrid. A private cloud is fully managed and owned by an enterprise. A public cloud solution is offered by cloud service providers. Finally, a hybrid model combines the features of the first two models. For example, the company could keep all sensitive applications inside the organizations network, while using some cloud applications, and services. A hybrid model allows an organization to migrate gradually to the cloud. In many cases, there are special legal requirements that might slow down the process of migrating all the data to the cloud. the company can consider using a hybrid model. A cloud access security broker (CASB) is not a cloud delivery mode. The company could use CASBs as a cloud security solution to enforce inline controls and policies.
PC1 and PC2 are connected to a managed switch. PC1 uses port F 0/5, which is in VLAN 7, and PC2 uses port F 0/11, which is in VLAN 12.
Answer: IP address, subnet mask, and default gateway. Explanation:PC1 and PC2 should be configured with valid IP address, subnet mask, and default gateway. An IP address and subnet mask are required for communication in the same VLAN. PC1 and PC2 are in two different VLANs, which means they need a dedicated default gateway. A VLAN is considered a subnet and requires a Layer 3 deice (such as a router) to support routing. PC1 and PC2 should not be configured with a dedicated MAC address. MAC addresses are burned into a network interface card and do not have to be assigned manually. An IP address and default gateway are not enough. PC1 and PC2 need a subnet mask to identify both a network and subnetwork ranges.
PC1 fails to receive an IP address in the network shown in the exhibit. What should be configured to fix the problem? Port forwarding on Router 1 DHCP option 66 on Router 1 IP helper address on Router 2 IP helper address on Router 1 DHCP option 66 on Router 2 Port forwarding on Router 2 Conditional forwarder on Router 2 Conditional forwarder on Router 1
Answer: IP helper address on Router 1 Explanation: The company should configure an IP helper address on Router 1. An IP helper is also called DHCP relay. It forwards DHCP packets between a client and an external DHCP server. This configuration is required because PC1 and the DHCP server are not connected to the same network segment. Port forwarding will not fix the issue. DHCP messages are dropped by Router 1 and cannot be forwarded without a DHCP relay agent. Port forwarding is used to open ports on a router or firewall, for example for an internal email server. DHCP option 66 is used for specifying a Trivial File Transfer Protocol (TFTP) server. The company could use this feature for a Voice over IP (VoIP) network. A conditional forwarder cannot be used in this scenario. Conditional forwarders are configured on domain name system (DNS) servers to redirect traffic to other DNS servers.
A company contracts with a cloud provider. The cloud provider is responsible for virtualized hardware, storage, and network support. The company is responsible for installing, licensing, and maintaining the operating system and server applications. Which type of service does this describe? SaaS IaaS PaaS SECaaS
Answer: IaaS Explanation: This is an example of infrastructure as a service (IaaS). This cloud provider manages and maintains the underlying infrastructure, including hardware, storage, and network infrastructure. The subscriber is responsible for installing and maintaining everything else, including the operating system and any applications. This is a service model that gives the subscriber complete control over its applications and services but without the expense of maintaining a hardware host platform. This is not an example of platform as a service (PaaS). PaaS is most often used as a development platform with most of the infrastructure and management requirements being the responsibility of the cloud provider. The subscriber provides the development platform and its own data. Everything else is provided by the cloud provider, including hardware, operating system, storage, access to APIs, and runtime environment. This is not an example of software as a service (SaaS). SaaS refers to a subscription application service. The subscriber has access to the application, and all management is the responsibility of the cloud provider. Common examples include customer resource management (CRM) applications, productivity applications, and file storage and sharing applications. This is not an example of security as a service (SECaaS) SECaaS is an arrangement in which a security company is contracted to provide security support. Services provided can vary, but they typically included animalware and updates, authentication, intrusion detection, and security event management.
A network administrator implements a change on a switch to fix a network issue. According to the troubleshooting methodology, what should the network administrator do next? Duplicate the problem, if possible in a lab environment. Implement preventative measures. Identify potential effects of the change. Document all findings in a final report.
Answer: Implement preventative measures. Explanation: The network administrator should implement preventative measures (step 6 of the Structured Troubleshooting Methodology). The solution has been implemented successfully (Step 5), and the issue should now be fixed. Step 6 specifies verifying the network functionality and recommends implementing preventative measures. The technician should document all findings as the last step 9step 7). At this stage, the network administrator should focus on verifying that the issue is gone and implement proactive solutions. The issue has been fixed, so there is no need to duplicate the problem. Duplicating and troubleshooting an issue would be done in one of the previous steps. The potential effects are evaluated in step 4. The network administrator should have a back-out plan in case the solution causes any disruptions to users or network devices. There are seven steps in the Structured Troubleshooting Methodology: 1 - Identify the problem 2- Establish a theory of probable cause 3 - Test the theory to determine cause 4 - Establish a plan of action to resolve the problem and identify potential effects 5- Implement the solution or escalate as necessary 6 - Verify the full system functionality and if applicable implement preventative measures 7 - Document findings, actions, and outcomes
Which layer of the OSI model are web browsers and email clients implemented at?
Answer: Layer7 Explanation: Web browsers and email clients are implemented at layer 7, the Application layer, of the OSI model. This includes the protocols supporting these functions, including HTTP, HTTPS, POP3, and SMTP. High level functions are implemented at this layer, such as remote file and printer access, resource sharing, and virtual terminals. Layer 6 is the Presentation layer. The Presentation layer handles character code translation, such as EBCDIC to ASCII, data compression, and data encryption. Layer 5 is the Session layer. The Session layer establishes, manages, and terminates communication sessions. It manages the dialog between two hosts. Layer 4 is the Transport layer. The Transport layer is responsible for error-free message delivery and message sequencing. The Transport layer divides messages into segments for delivery and re-assembles messages on receipt.
A company subscribes to connect all of its offices to the local MAN. The MAN uses a single-mode fiber backbone. The company needs to connect its offices to the backbone. Each office has a wired router with a firewall, a 10/100/100 switch, and is wired with UTP cable. Each office also has a wireless access point connected to the switch. Which device should the company use to connect to the MAN? Media converter VPN concentraot Multilayer switch CSU/DSU
Answer: Media converter Explanation: The company should use a media converter to connect to the metropolitan area network (MAN). MAN is a network that spans a city and provides high-speed communication. A MAN is typically wired with fiber optic cable. A media converter makes the connection between the office and the MAN. The media converter converts between fiber optic and copper cable and performs additional necessary functions such as matching transmission speeds. A VPN concentrator would not be used to connect to the MAN fiber optic cable. A VPN concentrator is used to create multiple VPN connections and uis typically used when configuring secure site-to-site connections. A Channel Service Unit/Data Service Unit (CSU/DSU) is not used to make connections to fiber optic lines. It is used to connect digital signals from a LAN to an analog carrier, such as T1 line. A multilayer switch would not be used to make the connection to the MAN. A multilayer switch is part of the internal network infrastructure.
The project team has received a list of requirements for a new solution that would allow the company to store files in a local area network. The proposal has to meet the following requirements: *Be cost effective and easy to deploy *Provide redundancy to file storage *Offer at least 3 TB of space What should the project team implement to meet these requirements? Cloud-based backup SAN Microsoft Windows file server NAS
Answer: NAS Explanation: The project team should use a Network Attach Storage (NAS) device. NAS offers a cost effective and easy-to-deploy solution for local backups and file storage. To meet the redundancy requirements, the device should be configured using the Redundant Array of Independent Disks (RAID) option with at least two 3 TB hard disks. RAID level 1 is called disk mirroring and is designed for redundancy. RAID level 5 requires at least three hard disks and offers redundancy as well as high data throughput. The team should not use a Storage Area Network (SAN) in this scenario. A SAN is deployed as a separate network that uses a network fabric, such as Fibre Channel or iSCSI. NAS works over the existing TCP/IP network. SAN is expensive to deploy and requires expert knowledge in this area. Microsoft Windows file server is not an optimum choice here because it would require a dedicated server and a license for the operating system. A NAS device offers an embedded Linux-based operating system for free. Windows Server requires more time to deploy and knowledge to maintain. Finally, a cloud-based backup cannot be used because the company asked for files to be stored locally. A cloud-based solution keeps files in a secure datacenter.
A network engineer prepares a network diagram for a small company. the design should support routing in hardware, wireless access, and edge protection with advanced stateful packet inspection (SPI). What should the engineer install?
Answer: NGFW(next generation fire wall) for edge protection, L3 switch for inter-VLAN routing, WAP for connecting wireless desktops. Layer3 (the Network Layer) is responsible for the routing of packets. Installing an L3 switch will enable packets switching in hardware thanks to ASIC (application-specific integrated circuit). ASIC allows a switch to forward all packets in hardware. NGFW combines features of a traditional firewall with more sophisticated options, like advanced stateful packet inspection (SPI), deep packet inspection (DPI), and application awareness. WAP transforms a wired network into a wireless network. WAP should be connected to a switch to provide data exchange with wired devices. The engineer should not use a Layer3 switch for this topology. L2 switches do not support inter-VLAN routing, which is the objective here. A router is not an optimal choice for an edge device. The company has asked for advanced SPI features, which are offered by NGFW and unified threat management(UTM) devices.
A network engineer has to order network cables to connect two floors in a new building. The project team has specified the following requirements: *Protect the cables from external interference *Offer up to 1000 Mbps *Be compatible with existing UTP pass-through patch panels *Keep the cost to a minimum Which cable should the network engineer order? DB-25 cable RJ45 Cat 5 UTP cable RJ45 Cat 6 UTP cable LC Multi-mode cable ST Single-mode cable RJ45 Cat 6 STP cable Cat 3 cable
Answer: RJ45 Cat 6 STP cable Explanation: The engineer should order RJ45 category 6 Shielded Twister Pair (STP) cables. Cateogry 6 copper cables support gigabit speeds. STP means that the cable is protected from external interference by metal shielding. Copper cables are cheaper and easier to deploy than fiber optic cables. DB-25 cannot be used in this scenario. The network engineer could use a DB-25 cable for serial and parallel connections, for example legacy printers or terminal servers. A Cat 3 cable cannot be used here. Category 3 cables were popular in the early 90sa nd support data speeds of up to 10 Mbps. The company has asked for 1000 Mbps links. LS and ST are connectors for fiber optic cables. As explained, fiber cables are more expensive to deploy and require a dedicated patch panel and additional equipment (for example transceiver modules). There are two kinds of fiber: single-mode and multi-mode fiber. Single-mode fiber is designed for long distance runs, while multi-mode fiber is designed for short distance applications. Fiber optic cables are not compatible with UTP patch panels. The network engineer should use a shielded, copper category 6 cable to minimize the cost and meet all the requirements. An unshielded twisted pair (UTP) cable cannot be used there. One of the requirements is to protect the cables from external interference. The company should use a shielded cable. A category 5 cable does not support 1000 Mbps. The company could use a category 5 cable for 100 Mbps links.
Threat of flooding causes a company to move large vertical filing cabinets from the basement to the main office area. Users start complaining of problems connecting to the WLAN and delayed response from the network. Network analysis shows a high level of corrupted packets. What is the most likely cause? Interference Reflection Absorption Attenuation
Answer: Reflection Explanation: The most likely problem is reflection, also referred to as signal bounce. Introduction of the vertical filing cabinets means that signals can bounce off of the filing cabinets, and multiple paths of propagation are created. This causes bits and partial packets to be received at delayed intervals. This can cause corruption of the transmitted data and result in latency issues. The problem is not absorption, which is when signals are absorbed by materials through which they pass near or through and lost. Highly absorbent materials include water, concrete, ceramic, and brick. The problem is not interference. There is nothing in the scenarios to indicate that a new signal source was introduced. Interference occurs when the WiFi must compete with another signal source operating in the same bandwidth. The problem is not attenuation, which is loss of strength over distance. Wireless LAN (WLAN) components have not moved, so attenuation has not changed.
A company opens new warehouse space on its company campus. Network wiring for the warehouse is routed through a 110 punch block and patch panel. Wiring out to devices uses Cat 5e UTP cable. Several devices in the warehouse experience communication problems. After extensive testing, the problem is determined to be crosstalk. The company needs to correct the problem. Infrastructure changes should be kept to a minimum. What should the company do ? Replace the failing cables with Cat 6 cables. Replace the failing cables with Cat 5e STP cables. Replace all cabling with fiber optic cable. Replace the 110 punchdown block with a 66 punchdown block.
Answer: Replace the failing cables with Cat 6 cables. Explanation: The company should replace the failing cables with Cat 6 cables. Crosstalk occurs when a signal on a cable pair creates transmission errors with another pair through inductive or capacitive coupling. Crosstalk is minimized in copper wires through the twists place in the pairs. Cat 6 cable is produced with much more stringent specifications for preventing crosstalk than Cat 5 or Cat 5e cable. The company should not replace the failing cables with cat 5e STP cables. STP cable adds a shielding not present in UTP cable to prevent electromagnetic interference (EMI). STP cable is no less susceptible to crosstalk than UTP cable. The company should not replace the 110 punchdown block with a 66 punchdown block. A 66 punchdown block is not rated for network cabling above Cat 3. A 110 block can be used with Cat 5 and Cat 6 cable types. The company should not replace all cabling with fiber optic cable. This would solve the problem but would require significant infrastructure changes to add support for fiber optic. In addition, a media converter would likely be needed to transfer signals from copper cable to fiber optic.
A consultant is helping set up an office in a remote rural area. The office needs a high bandwidth WAN link with the main office, which is located several hundred miles away. Which type of transmission medium should the consultant recommend? Wireless (cellular) Satellite Copper Fiber optic
Answer: Satellite Explanation: The consultantt should recommend using a stellite link to create a satellite-based WAN connection. This is likely the only high bandwidth option available in a rural area. This solution would require the installation of a dish for sending and receiving data at the remote office. One potential concern with satellite Internet is latency, which is signal delays because of the distances traveled. Copper and fiber option are not realistic options in this scenario, even though they are higher bandwidth solutions than satellite WAN. The options that a remote office is likely to use, either cable modem or telephone company DSL, would not be available in a remote rural area. Cellular-based wireless WAN is not a good option in this scenario. Cellular coverage has expanded but is still available in all areas. Even if it is available, this option provides limited bandwidth.
An ISP has installed a DWDM device at a new location. What would be the MOST likely reason for that?
Answer: Solve the fiber exhaust problem. Explanation: A Dense Wavelength Division Multiplexing (DWDM) device would be installed to solve the fiber exhaust problem. A DWDM device allows an ISP to increase bandwidth and transport different data streams simultaneously over a single fiber network. Fiber exhaust means that the demand for fiber exceeds the fiber capacity. DWDM is not used to convert copper to fiber. The ISP would use a media converter for that. A DWDM is used to combine optical signals into a single stream and send it over a fiber-optic cable. DWDM is not used to secure the network, the ISP would use a firewall for that. DWDM would not be deployed to isolate the network. An ISP could use a number of solutions, for example, VLANs, firewall zones, or physical connections.
A network administrator has captured the following messages on the firewall: 10.10.10.10:64391 > 188.12.1.1:80 188.12.1.1:80 > 10.10.10.10:64391 10.10.10.10:64392 > 83.122.1.1:80 Which application has most likely generated that traffic? DNS agent FTP client VoIP softphone Web browser
Answer: Web browser Explanation: The output has been generated by a web browser. The destination port number is port80, which identifies HTTP. The source port number is dynamically created by a local device (from the range of ports 49152-65535). Instead of a firewall capture, a network administrator could use the netstat command on a local computer to display protocol statistics and current TCP/IP connections. DNS would use port 53, not 80. DNS converts website names into numerical IP addresses. FTP uses TCP ports 20 and 21 for file transfers. FTP is considered insecure because it does not encrypt the network traffic. FTP can be protected by implementing SSH or SSL (SFTP and FTPS). Voice over IP (VoIP) systems do not use TCP port 80. Depending on the protocol, the capture would have a set of UDP protocols, for example ports 16376-32767 for RTP traffic.
A network technician wants to deploy a new virtual firewall. The firewall has to support three interfaces: G0/0, G0/1, and G0/2. What should the technician configure at the VM level for these interfaces?
Answer: vNIC Explanation: The technician should configure a virtual Network Interface Card(vNIC). Each interface requires a separate virtual NIC to operate. The Technician should add three vNICs during the creation of a virtual machine (VW). Internet SCSI (ISCSI) cannot be used here. ISCSI is a storage network standard and does not offer virtual interfaces. The technician should not configure a trunk. A trunk is used to pass VLAN information between two switches. Finally, VLAN is not enough here. The technician should create vNIC first, which could be associated with a VLAN, if necessary.
A company deploys a new computer. When the cable to the computer is plugged in at the switch, the network link LED does not light. When the cable is plugged into a different open port, the LED lights up. When plugged back into the original port, the LED does not light. Badport, Bad computer network adapter, Duplicate IP address, Incorrect cable type, VLAN mismatch.
Answer:Bad port Explanation: The most likely problem is a bad port. Because the LED lit when the cable was plugged in to a different port, you have eliminated the cable type and computer network adapter as possible problems. The LED lights indicate that a signal is detected on the cable. Because you have eliminated the cable and client network adapter by testing with different port, the options left is a problem with the switch, specifically with the one switch port. It was necessary to eliminate other possibilities because a unlit link LED could also indicate a damaged cable or connector, a plug not fully plugged in, or that the port is disabled.
A company is replacing a portion of its wired LAN with a wireless LAN configuration for Wi-Fi Protected Access II(WPA2). The company needs to use the most secure encryption protocol for WPA2. Which protocol should the company use?
Answer:CCMP-AES Explanation: The Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) with Advanced Encryption Standards (AES) is the default encryption protocol for Wi-Fi Protected Access II (WPA2). The standard requires a mandatory use of CCMP-AES. Devices must support CCMP-AES to be certified as WPA2 devices. In addition to a high level of encryption, CCMP-AES supports data integrity and authentication.
PC1 is unable to access any resources in network B. What should the company do to fix the issue? PC1 Router Network B IP: 10.10.10.199 10.10.10.10/25 Subnet mask: 255.255.255.255.128 Default gateway:10.10.10.10
Answer:Change the IP address on PC1 Explanation: The company should change the IP address on PC1. PC1 and the router are not the same subnet and cannot communicate. The subnet mask has been configured as 255.255.255.128. which means /25 using CIDR notation. The router has the IP address of 10.10.10/25. The usable IP range in this subnet is 10.10.10.1 - 10.10.10.126. PC1 uses the IP address of 192.168.1.199, which is not the same subnet.
A company is designing a wireless LAN deployment. To help secure the network, the company wants to use an authentication protocol option that requires a client certificate on each wireless client. Which authentication protocol option should the company use?
Answer:EAP-TLS Explanation: The company should use Extensible Authentication Protocol- Transport Layer Security (EAP-TLS). This helps to support secure authentication and can prevent unauthorized access, even if a user password is compromised. EAP-Flexible Authentication via Secure Tunneling (EAP-FAST) sends authentication citeria via a secure tunnel. This option requires a server certificate for establishing the tunnel, but it does not require a client certificate. Protected Extensible Authetication Protocol (PEAP) encapsulates authentication traffic within a secure tunnel. PEAP itself does not require a client certificate except when used to encapsulate EAP-TLS. EAP-Preshared Key (EAP-PSK) uses a preshared key value to implement secure mutual authentication between a client and server. EAP-PSK does not require a client or a server certificate. This protocol is supported in several implementation but is not supported by WPA2.
A network consultant determines that company can improve its performance by implementing jumbo frames. The network is configured with 10/100/100 switches, and all hosts are configured with Gigabit Ethernet network adapters. The network is wired with Cat 5e UTP cable.
Answer:Increase the MTU to 9000. Explanation: The company should increase the maximum transmission unit (MTU) to 9000 on all network devices. The default MTU, and therefore the default maximum frame size, on an Ethernet network is 1500 bytes. Jumbo frames can have a maximum size of up to 9000 bytes. The MTU needs to be increased on all network devices. Mixed MTU values can degrade network performance. The company should not replace the cable with Cat 6 UTP cable. Jumbo frame support requires, at minumum, gigabit network adapters (1000BaseT), which is supported by the existing Cat 5e cable. If the cable did not support the traffic, you would expect to already have communication errors and performance problems. There is no reason to enable spanning tree protocol (STP) to support jumbo frames. STP is not related to frame size. STP is designed to prevent transmission loops from being created when a network had multiple switches. The company should not configure each switchport in dynamic auto mode, Dynaminc auto mode means that a port cab be used to create a trunk connection with another port. Trunk connections are used to make connections between switches. Enabling dynamic auto mode on each switch port puts the network a greater risk of attack. A rouge switch could be used to create a trunk connection, giving the attacker access to all VLANs.
A company wants to connect devices so that there are many redundant interconnections. Which topology should the company use?
Answer:Mesh Explanation: The company should use a mesh topology. In a mesh topology each node in the network is connected to all the other nodes with a dedicated link. This kind of network offers full redundancy and is commonly used for high-availability sites and services. A full mesh topology us expensive to deploy, because all nodes have to be directly interconnected with each other. Instead of a full mesh, the company could consider a partial mesh, which connects most of the nodes and is cheaper to maintain.
Which protocol provides time synchronization service over the global Internet?
Answer:NTP Explanation: Network Time Protocol (NTP) is a clock synchronization protocol that provides synchronization services over the internet. Time synchronization is based on Coordinated Universal Time (UTC) and is designed to allow no more than a few milliseconds variance between computers subscribed to the service.
A company deploys a server on its perimeter network. The server will be used for transferring files. Specific requirements include: *Users authenticate with a user ID and password. *All communication between server and client is encrypted. *Open ports on the perimeter firewall are kept to a minimum. *No certificate is required at the server client. What should the company select as a solution? SFTP, FTP, TFTP, or FTPS
Answer:SFTP The company should select FTP over SSH(SFTP) as its file transfer method. SFTP uses the secure shell (SSH) protocol for authentication and data security. SFTP supports simple authentication based on user ID and password but can optionally be implemented using certificate-based authentication if greater security is required. All communication between the server and client is encrypted, including the user ID and password used for authentication. SFTP uses a single port, port 22, on both the client and server.
What should a company use to create a point-to-point bridge between two APs?
Answer:Unidirectional antennas Explanation: The company should use unidirectional antennas to create a point-to-point bridge between two wireless access points(WAPs). A unidirectional antenna focuses on a narrower field and reaches farther than an omnidirectional antenna. The company could use unidirectional antennas on the roof to connect two buildings. A Small Form-factor Pluggable (SFP) transcevier cannot be used to bridge two APs. Transceivers are media connectors installed in network devices for fiber communications. The company could install a transceiver in a switch and connect a fiver optic cable to it. There are many standards in place, for example SFP and Gigabit Interface Converter (GBIC). The multiple-input and multiple-output (MIMO) method cannot be used in this scenario. MIMO is a wireless solution that increases the efficiency of a wireless connection for multiple users. MIMO uses multiple transmit and receive antennas. MIMO can be deployed as Single User MIMO (SU-MIMO) and Multiple User MIMO (MU-MIMO). SU-MIMO means that a pair of devices can simultaneously send and receive data streams. MU-MIMO adds support for streams between multiple devices. The company cannot use time-division multiple access (TDMA). TDMA describes a communication system for celluar telephones. TDMA could be used by a service provider to allow multiple communication sessions in a single channel. GSM (Global System for Mobiles) does not support creating a point-to-point bridge between two APs. GSM is a global cellular standard used in mobile phones. GSM networks use the TDMA system. Code Division Multiple Access (CDMA) is another global standard for cell communications. CDMA network do not use a SIM card.
A company needs to have a reliable record of everyone who enters or leaves a locked secure area of the building. What should the company use?
Answer:Video surveillance Explanation: The company should use video surveillance. The is an automatic method of recording the images of anyone entering or leaving the area. Even if one person unlocks the door to the area and lets someone else through, both will be recorded.
Which device uses the LWAPP and CAPWAP protocols for communication?
Answer:WLC Explanation: A Wireless Lan Controller (WLC) unitizes Lightweight Access Point Protocol (LWAPP) and Wireless Access Points (CAPWAP) Protocols. A WLC is a centralized point that allows a network administrator to manage a number of access points (APs). LWAPP and CAPWAP are protocols that carry information between a WLC and APs. Next-generation firewalls (NGFWs) do not use the LWAPP and CAPWAP protocols. The company could use an NGFW to secure the network using application-awareness policies. A load balancer does not use the LWAPP and CAPWAP protocols. Load balancers allow a company to distribute incoming requests across multiple devices. Microsoft offers a solution called Network Load Balancing (NLB) for Windows-based servers. A Voice over IP (VoIP) gateway does not use the LWAPP and CAPWAP protocols. VoIP gateways transmit and receive voice packets using, for example, Session Initiation Protocol (SIP) and Real-time Transport Protocol (RTP).
A company wants to deploy a new WLAN topology without running new electrical wiring. The solution has to support the 5Ghz band, MU-MIMO, and offer speed of at least 2100 Mbps. The company wants to use a PoE solution providing at least 25W of power for a connected device. Which two components should be used? (Choose two) A switch supporting the 802.3af standard An access point supporting the 802.11ac Wave 1 standard A switch supporting the 801.x standard An access point supporting the 802.11ac Wave 2 Standard An access point supporting the 802.11n standard A switch supporting the 802.3at standard
Answers: - An access point supporting the 802.11 ac Wave 2 standard - A switch supporting the 802.3at standard Explanation: The company should use a switch supporting the 802.3at standard and an 802.11ac Wave 2 access point. There are multiple Power over Ethernet (PoE) standards. The most common one is PoE+ described as 802.3at, which offers the maximum power of 25.5W and 600mA to a connected device. The 802.11ac Wave 2 standard uses the 5Ghz frequency and offers downstream communications to many wireless devices using the multiuser multiple input, multiple output (MU-MIMO) technology. The 802.11ac standard supports a throughout of 2 Gbps and more (The physical later (PHY) rate is up to 3.47 Gbps.). The 802.11ac Wave 1 Standard does not meet the company requirements. It offers single-user multiple input, multiple output (SU-MIMO) technology only and throughput of around 850 Mbps (PHY of 1.3 Gbps). The 802.11n standard cannot be used for this scenario. The 802.11n offers single-user multiple input, multiple output (SU-MIMO) technology and throughput of around 390 Mbps (PHY of 600 Mbps) only. The 802.3af standard (PoE) does not meet the company's requirements because it offers no more than 12.95W of power to a connected device. The 802.1x is an authentication protocol for wired and wireless connections. There is nothing in the requirements that requires this standard to be implemented.
The network team is tasked with hardening the L2 infrastructure. Which two actions should the team perform? (Choose two.) Implement SPI Disable all trunking Change RSTP to STP Shut down unused ports Change the native VLAN
Answers: - Shut down unused ports. - Change the native VLAN. Explanation: The team should change the native VLAN and shut down unused ports. VLAN 1 is the native VLAN and can be used to perform a network attack called VLAN hopping. VLAN hopping allows an attacker to gain unauthorized access to a different VLAN by exploiting the native VLAN settings. All ports belong to VLAN 1 by default. The network team should change the native VLAN to a value other than VLAN 1. Another recommended action is shutting down unused ports. If a port is active, someone can connect a device to it and gain access to the network. The team should not disable all trunk ports. Trunking is a mechanism that allows a switch to send frames for multiple VLANS. Disabling that feature might have a huge impact on the whole infrastructure. Changing Rapid Spanning Tree Protocol (RSTP) to STP is not a valid choice here. RSTP is an enhanced version of STP and is designed to prevent Layer 2 loops. Stateful Packet Inspection (SPI) is not related to switches. SPI is implemented on firewalls to secure and track data flows.
Compare characteristics of NAS and SAN storage technologies. To answer, choose the appropriate storage from the drop-down menus. Descriptions: Emulates directly attached storage for servers accessing storage. Maintains its own file system, and data access us through remote file systems I/O Structured as a dedicated network consisting of multiple storage devices. Preferred solution when extreme high-speed data transfer is required.
Answers: SAN -Emulates directly attached storage for servers accessing storage. NAS -Maintains its own file system, and data access us through remote file systems I/O SAN -Structured as a dedicated network consisting of multiple storage devices. SAN -Preferred solution when extreme high-speed data transfer is required. Explanation: Network-attached storage (NAS) refers to a single storage device connected directly to the network. It is recognized and accessed through its IP address. The device maintains its own file system, and data access is through remote file system I\O, like any other shared network file server. NAS is necessary to support applications that require file-level access. A storage area network (SAN) is a dedicated network of storage devices. A SAN can support an assortment of storage devices, including disk arrays and tape libraries. Because storage is structured as block storage, it emulates directly attached storage for servers accessing storage. The accessing server is responsible for the file system. This is the preferred storage solution when extreme high-speed data transfer is required.
Which two items would be specified as part of an SLA? (Choose two.) Minimum server software configurations Availability and uptime Minimum server hardware configurations Password change requirements Help desk response time
Answers: - Availability and uptime - Help desk response time Explanation: A service level agreement (SLA) is an agreement between a service provider and its customers that defines performance standards that the provider is required to meet. Typical items in an SLA include. *Availability and update *Help desk response time *Performance benchmarks *Application response time It will also identify what usage statistics will be provided to the customer. The SLA does not include specifications about how the provider will meet these performance standards, so any decisions about hardware and software platforms are at the discretion of the provider. The SLA would not provide information about configuration minimums. The SLA would not define security policies, such as password change requirements, although these may be defined through other agreements.
A company has two access points, as shown in the exhibit. Users report intermittent access issues. What could the company do to fix the problem? (choose 2.)
Answers: Changes to 5 Ghz, Assign AP1 to channel 11. Explanation: The company could change the channel on the access points (APs) or move to the 5Ghs band. The exhibit shows two access points using the 2.4Ghz band. This frequency offers only three non-overlapping channels: 1, 6, and 11. The company should either change the channels to use. The company should not assign a different service set identifier (SSID) to AP1. Both access points should use the same SSID to allow users to roam between two access points in the same network. An SSID is the name for a Wi-Fi network. SSIDs are created on the wireless router or an access point. Both access points have been configured using a very secure protocol, Wi-Fi Protected Access II (WPA2) with Advanced Encryption Standard (AES). This is an optimal choice and should not be changed to a legacy solution, for example, WPA or WEP. The overlapping area is within an accepted range of between 10% to 15%. Reducing the overlapping area to 5% might cause connectivity issues. to decrease the signal strength, the engineer could change the AP's transmit power settings.
The network team has been tasked with a new project. They need to identify the best set of devices to be purchased. Match the network device with the BEST use case. Descriptions 1. An-Inline solution to block a network attack immediately. 2. An edge device that can classify traffic and apply security policies. 3. A dedicated device that can authenticate and authorize VPN users.
Answers: IPS, NGFW, RADIUS Server Explanation: An intrusive Prevention system(IPS) is an in-line system designed to block a network attack immediately. The team could deploy an IPS device, which can examine network traffic flows to detect and block malicious activities. A Next-Generation Firewall (NGFW) is a device that combines the features of a traditional firewall with application and identity awareness. An NGFW can be used to enforce security policies and perform Deep Packet Inspection (DPI), and it can integrate with external intelligence sources. RADIUS is a client- server protocol that can be used to authenticate and authorize VPN users. RADIUS can be installed as a server role or can be deployed as a dedicated device. The team could integrate RADIUS with an external database, for example Active Directory, to authenticate remote users using a centralized solution. None of these use cases describes an Intrusion Detection System (IDS). An IDS is designed to monitor a network for malicious activity and alert a systems administrator. An IDS cannot take any actions to stop a threat, and it relies on other devices, for example a firewall or a router. None of these use cases describes a multi layer switch. Multi layer switches operate on more than one OSI layer and offer switching and advanced routing capabilities.
At what point in troubleshooting methodology is it appropriate to escalate a problem? (Choose two.) If no appropriate solution is available. If the technician is unable to confirm and theory and unable to establish a new theory. If the problem results in downtime. If it is determined that preventive measures are appropriate. If the information gathered indicates multiple possible theories.
Answers: If no appropriate solution is available; If the technician is unable to confirm and theory and unable to establish a new theory Explanation: It is appropriate to escalate a problem if the technician unable to confirm and theory an unable to establish a new theory or if no appropriate solution is available. Either of these situations indicates that the person troubleshooting the problem is unable to make an further progress. A problem should be escalated when this situation occurs. A systematic troubleshooting methodology typically includes the following steps: *Identify the problem (gather information, duplicate the problem if possible, question users, identify systems, determine if anything has changed, approach multiple problems individually) *Establish a theory of probablr cause (question the obvious, consider multiple approaches) *Test the theory to determine cause (once theory is confirmed determine next steps to resolve problem. if theory is not confirmed, establish new theory or escalate) *Establish a plan of action to resolve the problem and identify potential effects *Implement the solution or escalate as necessary *Verify the full system functionality and if applicable implement preventative measures *Document findings, actions, and outcomes It is common to find that preventive measures are appropriate after resolving a problem, so there is no reason to escalate a problem because preventive measures are applicable If the information gathered indicates multiple possible theories, it is the service technician's responsibility to test the theories and determine which is the correct, or at least best, theory. This does not justify escalation. Many types of problems can result in downtime, including problems that can be fixed relatively quickly and easily. Downtime, in itself, does not justify escalation.
A device shows no NIC activity when the NIC is connected using a new patch cord. An on-site engineer suspects an incorrect type of cable and uses a cable analyzer to test the network cable. The report is shown in the exhibit. Which devices could the engineer connect using that cable? Router to a hub Router to a router Router to a switch Router to a terminal server
Answers: Router to a terminal server. Explanation: The exhibit shows a rollover cable. The engineer could use a rollover cable to connect a router to a terminal server. The pins at one end of the cable are in the reverse order at the other end of the cable. The engineer should use a straight-through cable to connect a router to a switch and a router to a hub. A straight-through cable has the same pinout at each end. A patch cord is a straight-through cable that can be used to connect an end device to a network socket or a switch to a patch panel. If an incorrect cable has been connected, the network interface card (NIC) or a port might show no activity lights. The engineer should use a cross-over cable to connect a router to a router. A cross-over cable has the receive pins connected to the transmit pins on the other end. There are two main wiring standards: T-568A and T-568B. A straight-through cable uses T-568A or T-568B on both ends. A cross-over cable uses T-568A on one end and T568B on the other end. Finally, on a rollover cable, pins at one end of the cable are in the reverse order at the other end of the cable. A terminal (console) server allows an engineer to have remote access to network devices using a serial-over-IP connection.
Match the WAN Technology with its characteristics.
MPLS - A virtual network that can route traffic around link failures and uses PE and CE routes VDSL - A fast connection via copper phone lines and fiber optic cables offering speeds of 100Mbps SIP Trunk - A connection between a PBX system and the Internet of voice traffic OC3 - A SONET fiber optic technology that offers data rates of up to 155.52 Mbit/s PRI - An ISDN standard that consists of 24 digital channels.