Network Pro Part 2 ++++++++++++++++++++

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which of the ff. is most vulnerable to a brute force attack?

Password authentication

IPv4 packet format

Header = Version, header length, type of service, Total Length, Identification, IP Flags, Fragment Offset, TTL, Protocol, Header Checksum, Source Address, Destination Address, IP Option

You have been given a laptop to use for work. You connect the laptop to your company network, use it form home, and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use? -Host based firewall -Proxy server -VPN concentrator -Network based firewall

Host based firewall

What output shows you the results of four echo request/reply contacts with destination host?

Ping

Which of the following terms describes a Windows operating system patch that corrects a specific problem and is release on a short-term, periodic basis (typically monthly)?

Hotfix

he disadvantage from using this device results from the fact that any incoming signal on any of its ports is re-created and sent out on any connected ports which has a negative impact on network performance. Router Switch Bridge Hub

Hub

An access point that conforms to the IEEE 802.11b standard acts most closely to what other networking device? Router Gateway Hub Terminal Patch bay

Hub Explanation An access point functions like a hub by connecting multiple wireless hosts to a wired Ethernet network.

Which of the following devices can monitor a network and dectect potential security attacks? -Load balancer -IDS -PROXY -DNS server -CSU/DSU

IDS

Which of the following is a security service that monitors network traffic in real time or reviews the audit logs on servers looking for security violations?

IDS

Which of the following is a security service that monitors network traffic in real time or reviews the audit logs on servers looking for security violations? -firewall -switch -IDS -Padded cell

IDS

Which of the following answers illustrates the difference between passive and active security breach response?

IDS - Intrusion Detection Systems, which is passive vs. IPS - Intrusion Prevention Systems, which is active.

Which of the following answers illustrates the difference between passive and active security breach response? HIPS vs. NIPS UTM vs. Firewall CSMA/CD vs. CSMA/CA IDS vs. IPS

IDS vs IPS

Which of the following answers illustrates the difference between passive and active security breach response?

IDS vs. IPS

Which protocol does an IP host use to inform a router that it wants to receive specific multicast frames? SNMP IP IGMP ICMP MGP

IGMP Explanation IP hosts use the IGMP or Internet Group Management Protocol to inform multicast-enabled routers that they want to receive specific multicast frames.

You need to configure a Cisco RFC 1542 compliant router to forward any recieved DHCP frames to the appropriate subnet. The address of the remote DHCP server is 172.16.30.1. Which of the following commands would be used to configure the router?

IP helper-address 172.16.30.1

Which of the following answers apply to smurf attack? (Select 3 answers) IP spoofing Privilege escalation DDoS Polymorphic malware Order of volatility Large amount of ICMP echo replies

IP spoofing DDoS (distributed denial-of-service) Large amount of ICMP echo replies

Which of the following is the best countermeasure against man-in-the-middle attacks?

IPSec

Which of the following network layer protocols provides authentication and encryption services for IP based network traffic?

IPSec

Which of the following solutions are used for implementing VPNs? (Select all that apply)

IPsec GRE SSL/TLS PPTP

Which of the following WAN technologies provides digital dial-up connections on two 64 Kbps data channels?

ISDN BRI

Which of the following Internet access technologies support simultaneous voice and data traffic over the same physical line? (Select two.)

ISDN BRI ADSL

A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the router back online. After doing some research you find that the most likely cause of the problem is a bug in the router software. A new patch is available from the manufacturer that is supposed to eliminate the problem. What should you do next?

Identify possible effects of the solution.

A user reports that he can't connect to a specific website. You go to the user's computer and reproduce the problem. What should you do next?

Identify the affected areas of the network.

Match each network enumeration technique on the left with its corresponding description on the right

Identifying phone numbers with modems: War dialing Scanning for wireless access points: Wardriving Identifying operating system type and version number: Banner grabbing Identifying services that can pass through a firewall: Firewalking

Which statement is true regarding application of GPO settings? (Flip for answer. Too much to write)

If a setting is defined in the local group policy on the computer and not defined in the GPO linked to the OU, the setting will be applied

The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for guests. The owner has asked that you implement security controls such that only paying guests are allowed to use the wireless network. She wants guests to be presesnted with a loging page when they initially connect to the WLAN. After entering a code provided at check in, guests should then be allowed full access to the Internet. If a user does not provide the correct code, they should not be allowed access to the internet. What should you do?

Implement a captive portal

You want to be able to monitor and filter VM-to-VM traffic within a virtual network. What should you do?

Implement a virtual firewall within the hypervisor.

Your organization uses a Web server to host an ecommerce site. Because this Web server handles financial transactions, you are concerned that it could become a prime target for exploits. You want to implement a network security control that will analyze the contents of each packet going to or from the Web server. The security control must be able to identify malicious payloads and block them. What should you do?

Implement an applicationaware IPS in front of the Web server.

Cross-talk

In twisted-pair cabling, wires are grouped into pairs, and wires in each pair are twisted around each other in order to reduce this.

You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation cannot communicate with any other host on the network. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix. : mydomain.local Description . . . . . . . : Broadcom network adapter Physical Address . . . . . : 00-AA-BB-CC-74-EF DHCP Enabled. . . . . . . : No Autoconfiguration Enabled . . : Yes IPv4 Address. . . . . . . : 192.168.2.102(Preferred) Subnet Mask . . . . . . . : 255.255.255.0 Default Gateway. . . . . . : 192.168.1.1 DNS Servers . . . . . . . : 192.168.2.20 What is the most likely cause of the problem?

Incorrect IP address In this example, the IP address assigned to the host is on the wrong subnet. The host address is on the 192.168.2.0/24 subnet, but the other devices are using addresses on the 192.168.1.0 subnet (the scenario states that you are connecting the workstation to this subnet).

You manage a local area network with several switches. A new employee has started today so you connect her workstation to a switch port. After connecting the workstation, you find that the workstation cannot get an IP address from the DHCP server. You check the link and status lights and the connection is working properly. A ping to the loopback address on the workstation succeeds. No other computers seem to have the problem. Which of the following is the most likely cause of the problem?

Incorrect VLAN assignment

You manage a local area network with several switches. anew employee has started today so you connect her workstation to a switch port. After connecting the workstation, you find that the workstation cannot get an IP address from the DHCP server. You check the link and status lights and the connection is working properly. A ping to the loopback address on the workstation succeeds. No other computers seem to have the problem.

Incorrect VLAN assignment

You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation can communicate with some hosts on the private network, but not with other hosts. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . . : Broadcom network adapter Physical Address. . . . . . : 00-AA-BB-CC-74-EF DHCP Enabled . . . . . . . : No Autoconfiguration Enabled. . . : Yes IPv4 Address . . . . . . . : 192.168.1.102(Preferred) Subnet Mask. . . . . . . . : 255.255.0.0 Default Gateway . . . . . . : 192.168.1.1 DNS Servers . . . . . . . : 192.168.1.20 192.168.1.27 What is the most likely cause of the problem?

Incorrect subnet mask In this example, the network is using a mask of 255.255.255.0 (24-bits), but the workstation is configured to use a mask of 255.255.0.0.

You have been hired by a startup company to install a new data center. The company is small, so they will elect to use an unused employee break room as the data center. You are concerned about truth physical security of the servers that will be installed in the data center. what should you do? select two

Install racks with locking doors Install a biometric lock on the data center door

Users are complaining that sometimes network communications are slow. You use a protocol analyzer and find that packets are being corrupted as they pass through a switch. You also notice that this only seems to happen when the elevator is running. What should you do?

Install shielded cables near the elevator

You have been called in to troubleshoot a connectivity problem on a newly installed windows Server 2003 system. The system is operating satisfactorily and is able to communicate with other systems on the local network. However it is unable to access any systems on other segments of the corporate network. You suspect that the default gateway parameter for the system has not been configured, or may be configured incorrectly. Which of the following utilitis are you most likely to use to view the default gate way information for the system

Ipconfig

Which of the following is true for a system image backup?

Is saved as a .vhd file

Which of the following answers lists an example of a protocol used for implementing control over multiple Access Points (APs)? LDAP LWAPP RTSP MGCP

LWAPP

The duration of time a DHCP client can use an IP address dynamically assigned by the DHCP server is referred to as:

Lease

Which of the following controls is an example of a physical access control method?

Locks on doors

Which of the following do switches and wireless access points use to control access through the device?

MAC filtering

Which of the following terms identifies the wiring closet in the basement or a ground floor that typically includes the demarcation point? Smart jack IDF 110 block Horizontal cross connect MDF

MDF Explanation The main distribution frame (MDF) is the main wiring point for a building. The MDF is typically located on the bottom floor or basement. The LEC typically installs the demarc to the MDF. An intermediate distribution frame (IDF) is a smaller wiring distribution point within a building. IDFs are typically located on each floor directly above the MDF, although additional IDFs can be added on each floor as necessary. A horizontal cross connect connects wiring closets on the same floor. A smart jack is a special loopback plug installed at the demarcation point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc. Use 66 and 110 blocks to connect individual wires within a wiring closet.

Which protocol doies VoIP use to interface with the PSTN?

MGCP

True

MLPPP provides a method for combining two or more physical communication links into one logical interface for the purpose of improved speed and redundancy.

which of the following authentication protocols uses a three-way handshake to authenticate users to the network? (choose 2)

MS-CHAP & CHAP

Which of the following connectors are used with fiber optic cables and include both cables in a single connector? (Select two.) SC BNC ST MTRJ LC

MTRJ LC Explanation Both the LC and MTRJ connectors have both fiber optic cables in a single connector. ST and SC connectors hold a single strand of fiber optic cable. A cable using either connector has two connectors on each end. A BNC connector is used with coaxial cable.

Which of the answers listed below refers to the new feature introduced with the IEEE 802.11ac standard? MIMO 40-Hertz mode MU-MIMO Maximum data signaling rate of up to 600 Mbps

MU-MIMO

You walk by the server room and notice a fire has started. What should you do first?

Make sure everyone has cleared the area.

Which of the answers listed below refers to a Layer 2 network switch with configuration features that can be changed through a user interface? Unmanaged switch Remote Terminal Unit (RTU) Active hub Managed switch

Managed switch

You want to implement a fault tolerant topology as you interconnect routers on your wide area network. Which of the following would meet your needs? Bus Ring Mesh Star

Mesh Explanation A mesh topology has multiple connections at each node, increasing connectivity fault tolerance. None of the other topologies have native fault tolerance built in.

You have a network that uses a logical bus topology. How do messages travel through the network? Messages are broadcast to all devices connected to the network. Messages travel from one device to the next until they reached the destination device. Messages are sent to a central device which then forwards the message to the destination device. Messages are sent directly to the correct destination device.

Messages are broadcast to all devices connected to the network. Explanation Messages sent using a physical bus topology are broadcast to all devices in the network. The device in the middle of the star (typically a hub), receives the message and forwards it on to all other devices.

A user reports that she can't access the Internet. You investigate the problem and find that she can access all hosts on the private network, but no hosts on the Internet. What is most likely the cause of the problem?

Missing default route on the router

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with a user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?

Move the router to a secure server room

Which of the following address types is shared by multiple hosts, and is used to form groups of computers that should receive the same data stream? Simplex Half-duplex Multicast Unicast Broadcast

Multicast Explanation A multicast address is an address that identifies a group of computers. Members of the group share the same multicast address. A unicast address is an address that identifies a single host. A broadcast address is an address that is sent to all hosts. Broadcast traffic is typically only forwarded within (but not between) a subnet. Simplex communication uses a single channel for both sending and receiving. Half-duplex uses a separate channel for sending and receiving, but the channels are shared by multiple devices and can only be used by a single device at a time.

Which type of address is the IP address 232.111.255.250? Multicast Unicast Private Broadcast

Multicast Explanation The address 232.111.255.250 is a multicast address. A multicast address is an address that identifies a group of computers. Members of the group share the same multicast address. Multicast addresses are in the range of 224.0.0.0 to 239.255.255.255. A unicast address is an address that identifies a single host. A broadcast address is an address that is sent to all hosts. Broadcast addresses are the last possible address on a subnet (typically ending in 255). The private IPv4 address ranges are: • 10.0.0.1 to 10.255.255.254 • 172.16.0.1 to 172.31.255.254 • 192.168.0.1 to 192.168.255.254

What key advantage does a virtual router have over a physical router?

Multiple networks can be connected to a single interface.

CWDM DWDM

Multiplexing methods used in fiber-optic communication.

Which of the following is a feature of MS-CHAP v2 that is not included in CHAP

Mutual authentication

Members of the Sales team use laptops to connect to the company network. While traveling, they connect their laptops to the Internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use? VLAN

NAC

The outside sales reps from your company use notebooks computers, tablets, and phones to connect to the internal company network. While traveling, they connect thier devices to the internet using airport and hotel networks. What should you do?

NAC

You manage a network with three dedicated storage devices, as shown in the diagram. Users on the network see only a single file server. Which network-based storage technology is being used?

NAS with Clustering.

Which of the following networking devices or services prevents the use of IPSec in most cases?

NAT

Which of the following solutions alleviates the problem of depleting number of routable IPv4 addresses?

NAT

What best describes the condition where a signal sent on one wire is received on another wire within the same connector

NEXT near end crosstalk measured on the same end as the transmitter.

You have a large TCP/IP network and want to keep hosts' real time clock synchronized. What protocol should you use? SMTP NNTP SAP NTP SNMP

NTP Explanation The network time protocol (NTP) lets you keep clocks synchronized.

What is the least secure place to locate an access point with an omni-directional antenna when creating a wireless cell?

Near a window

Which of the following locations will contribute the greatest amount of interference for a wireless access point?

Near backup generators Near cordless phones Other wireless transmitting devices (such as cordless phones or microwaves) and generators cause interference for wireless access points. In general, place access points higher up to avoid interference problems caused by going through building foundations. DHCP servers provide IP information for clients and will not cause interference.

Which of the following locations will contribute the greatest amount of interference for a wireless access point? (Select two.)

Near backup generators Near cordless phones

snmpwalk snmpget

Net-SNMP commands used for retrieving information from an SNMP-capable device

Which media types can backup files be saved to? select two

Network Attached Storage (NAS) External hard drives

Which network component connects a device with the transmission media and allows it to send and receive messages? Client Network interface card Peripheral Protocol Server

Network interface card Explanation The network interface card (NIC) allows a device to send and receive messages over the transmission media.

Star topology

Network topology most commonly used in contemporary Ethernet LANs

Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?

Network-based firewall

You work in an office that uses NetWare servers and Wind. nt 4 servers. The network uses both the TCp/Ip and IPX/SPX protocols. You are sitting at a workstation that uses Windows 95 OSR2. an application you are using is unable to contact a Windows NT server named FileSrvr2. What command can you use to determine whether your computer can still contact the server?

Ping

Which of the following is an example of a valid subnet mask? 255.255.225.0 255.255.191.0 255.255.127.0 255.255.64.0 None of the above is a valid subnet mask

None of the above is a valid subnet mask

Which of the following routing protocols divides the network into areas, with all networks required to have an area 0 (area 0 identifying the backbone area)? RIP EIGRP ISIS OSPF

OSPF Explanation OSPF divides a large network into areas. Each autonomous system requires an area 0 that identifies the network backbone. All areas are connected to area 0, either directly or indirectly through another area. Routes between areas must pass through area 0. ISIS uses areas but does not have an area 0 requirement. Neither RIP nor EIGRP use areas.

You are setting up a wireless hotspot in a local coffee shop. For best results, you want todisperse the radio signals evenly throughout the coffee shop.Which of the following types of antennas would you use on the AP to provide a 360degree dispersed wave pattern?

Omni-Directional

Consider the network diagram shown below. Click on the item in the diagram that does not follow a standardized labeling scheme

PC2

Which of the answers listed below refer(s) to example(s) of circuit-switching communication method(s)? (Select all that apply) Frame relay POTS T-carrier ATM E-carrier

POTS T-carrier E-carrier

Consider the following log message, generated on a router. *Aug 8 11:18:12.081: %LINEPPROTO-5-UPDOWN: Line protocol on interface fastethernet0/0, changed state to down. What facility generated this message?

%LINEPPROTO

You want to increase the security of your network by allowing only authenticated users to be able to access network devices through a switch. Which of the following should you implement? -IPsec -Spanning tree -802.1x -Port security

-802.1x

Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped? -IPsec -VNC -ACL -RDP -PPP

-ACL

What actions can a typical passive Intrusion Detection System(IDS) take when it detects an attack? (Select Two) -An alert is generated and delivered via e-mail, the console, or an SNMP trap. -The IDS configuration is changed dynamically and the source IP address is banned -LAN side clients are halted and removed from the domain -The IDS logs all pertinent data about the intrusion

-An alert is generated and delivered via e-mail, the console, or an SNMP trap. -The IDS logs all pertinent data about the intrusion.

You want to implement an IDS system that uses rules or statistical analysis to detect attacks. Which type of IDS should you deploy? -Anomaly -Signature -NIDS -HIDS

-Anomaly

You are the network administrator for a city library. Throughout the library are several groups of computers that provide public access to the Internet. Supervision of these computers has been difficult. You've had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the internet. The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so only the library computers are permitted connectivity to the internet. What can you do? -Create static Mac address for each computer -Configure port security on the switch. -Create a VLAN for each group of four computers. -Remove the hub and place each library computer on its own access port

-Configure port security on the switch

Which of the following prevents access based on websites rating and classification? -NIDS -DMZ -Packet-filtering firewall -Content filter

-Content filter

Which of the following application typically use 802.1x authentication? (Select two) -Controlling access through a switch -Authentication remote access clients -Controlling access through a wireless access point -Authenticating VPN users through the Internet

-Controling access through a switch -Controling access through a wireless access point

You want to ensure that all users in the Development OU have a common set of network communication security settings applied. Which should you do? -Create a GPO folder policy for the folders containing the files. -Create a GPO computer policy for the computers in the Development OU -Create a GPO user for the development OU -Create a GPO computer policy for the computers container

-Create a GPO computer policy for the computers in the Development OU

Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted internet? -Padded cell -DMZ -Extranet -Intranet

-DMZ

Which of the following is likely to be located in a DMZ? -FTP server -User workstation -Domain controller -Backup server

-FTP server

Which of the following are characteristics of a circuit-level gateway?(Select two) -Filter IP address and port -Filter based on session -Stateful -Filters based on URL -Stateless

-Filter based on sessions -Stateful

Which of the following is the best device to deploy to protect your private network from a public untrusted network? -HUB -Router -Gateway -Firewall

-Firewall

What do host based intrusion detection systems often rely upon to perform their detection activities? -Network traffic -Remote monitoring tools -External sensors -Host system auditing capabilities

-Host system auditing capabilities

You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part of your security plan, you would like to implement scanning of e-mails for all users. You want to scan the e-mails and prevent any e-mails with malicious attachments from being received by users. Your solution should minimize adminstration,allowing you to centrally manage the scan settings. Which solution should you use? -DMZ -SMTP -Network based firewall -Host based firewall

-Network based firewall

Which of the following solutions would you implement to track which websites that network users are accessing? -Tarpit -NIDS -Packet-filtering firewall -Proxy

-Proxy

Which of the following solutions would you implement to eliminate switching loops? -Inner-vlan routing -Auto-duplex -Spanning tree -CSMA/CD

-Spanning tree

Virtual LAN can be created using which of the following? -Router -Switch -Gateway -HUB

-Switch

When configuring VLANs on a switch, what is used to identify VLAN membership of a device? -Switch port -Hostname -Mac address -IP address

-Switch port

Which configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch? -Any port not assigned to a VLAN -Each port can only be a member of a single VLAN -Trunk ports -Gigabit and higer Ethernet ports -Uplink ports

-Trunk ports

Which of the following is a valid security measure to protect e-mails from viruses? -Blockers on e-mail gateways -Use PGP to sign outbound e-mail -Limit attachment to a max of 1MB -Use reverse DNS lookup

-Use blockers on e-mail gateways

You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with the computer through the switch, but you still need to access the network through the computer? What should you use for the situation? -VPN -Port security -Spanning tree -VLAN

-VLAN

Which of the following answers lists the CIDR notation of the 255.255.255.224 subnet mask? /25 /26 /27 /28

/27

A host has the address 100.55.177.99/16. Which of the following is the broadcast address for the subnet? 255.255.255.0 100.255.255.255 100.55.255.255 100.55.177.255 255.255.0.0

100.55.255.255 Explanation The broadcast address for the subnet is the last address on the subnet. In this example, the address uses 16 bits in the subnet mask (255.255.0.0), meaning that the first two octets indicate the subnet address (100.55.0.0), and the last two octets are used for host addresses. The last possible address on this subnet is 100.55.255.255.

Which three of the following IP addresses are Class B addresses? 132.12.0.0 224.15.55.2 64.2.2.64 129.0.0.0 115.33.0.0 195.155.0.0 190.65.2.0

132.12.0.0 129.0.0.0 190.65.2.0 Explanation The following are Class B addresses: 129.0.0.0, 132.12.0.0, and 190.65.2.0. The first octet of Class B addresses is in the range of 128 to 191.

OC-3

155.52 Mbps

Which of the following answers lists an example of an APIPA address? 192.168.0.3 127.0.0.1 169.254.10.20 65.55.57.27

169.254.10.20

You've decided to use a subnet mask of 255.255.192.0 on the 172.17.0.0 network to create four separate subnets. Which network IDs will be assigned to these subnets in this configuration? (Select two.)

172.17.128.0 172.17.0.0

Which of the following answers lists the broadcast address for the 192.168.50.155/20 network? 192.168.31.255 192.168.47.255 192.168.63.255 192.168.79.255

192.168.63.255

Frequency bands used by 802.11 networks include: (Select 2 answers) 5.0 GHz 5.4 GHz 2.0 GHz 2.4 GHz

2.4 GHz 5.0 GHz

Which of the following ports does FTP use to establish sessions and manage traffic?

20, 21

Your network has been assigned the Class C network address of 200.78.151.0. Which three of the following addresses can be assigned to hosts on your network? 200.78.151.0 200.78.151.111 200.78.151.257 200.78.151.12 200.78.152.14 200.78.151.252 200.78.151.255

200.78.151.111 200.78.151.12 200.78.151.252 Explanation All hosts on this network must share the first three octets of the IP address (200.78.151). Youcannot assign 200.78.151.0 to a host because this address indicates the address of the network. You cannot assign 200.78.151.255 because this address is reserved for the broadcast address.

Consider the following output from a dig command run on a Linux system. ; <<>> DiG 8.2 <<>> westsim111.com ;;res options:init recurs defnam dnsrch ;;got answer: ;;->>HEADER<<-opcode:QUERY, status: NOERROR, id:4 ;;flags: qr rd ra; QUERY:1, ANSWER:1, AUTHORITY:2, ADDITIONAL:0 ;;QUERY SECTION: ;; westsim111.com, type = A, class = IN ;;ANSWER SECTION: westsim111.com. 7h33m IN A 76.141.43.129 ;;AUTHORITY SECTION: westsim111.com. 7h33m IN NS dns1.deriatct111.com. westsim111.com. 7h33m IN NS dns2.deriatct222.com. ;;Total query time: 78 msec ;;FROM: localhost.localdomain to SERVER:default -- 202.64.49.150 ;;WHEN: Tue Feb 16 23:21:24 2005 ;;MSG SIZE sent: 30 rcvd:103 What is the IP address of the DNS server that performed this name resolution?

202.64.49.150

What is the decimal format of the following binary IP address? 11001110.00111010.10101010.01000011 238.90.202.99 206.58.170.67 190.42.154.51 205.57.169.66

206.58.170.67 Explanation 206.58.170.67 is the decimal form of the IP address. To convert binary to decimal, remember the following numbers: 128, 64, 32, 16, 8, 4, 2, 1 Each number represents the decimal value for a binary 1 in the corresponding position. For example, 10000000 is equal to 128, and 00010000 is equal to 16. To find the decimal form of a binary number, add up each decimal equivalent for each 1 bit in the address. For example, the number 11001110 would be: 128 + 64 + 8 + 4 + 2 = 206.

To transfer files to your company's internal network from home, you use FTP. The administrator has recently implemented a firewall at the network perimeter and disabled as many ports as possible. Now you can no longer make the FTP connection. You suspect the firewall is causing the issue. Which ports need to remain open so you can still transfer the files? (Select two.)

21 20

Which of the following is the last IP address that can be assigned to hosts on the 211.70.0.0 network using the default subnet mask? 211.70.0.255 211.70.255.255 211.70.0.254 211.71.0.0 211.70.255.254

211.70.0.254 Explanation The last address you can assign to hosts on the 211.70.0.0 network is 211.70.0.254. The network address is a Class C address and uses a default subnet mask of 255.255.255.0. The last octet is used for host addresses. 211.70.0.0 cannot be used as a host address because it isthe network address. 211.70.0.255 cannot be used as a host address because it is the broadcast address.

Which three of the following IP addresses are Class C addresses? 222.55.0.0 240.0.0.0 189.189.5.2 192.15.5.55 125.166.11.0 223.16.5.0

222.55.0.0 192.15.5.55 223.16.5.0 Explanation The following are Class C addresses: 192.15.5.55, 222.55.0.0, and 223.16.5.0. The first octet of Class C addresses is in the range of 192 to 223.

Which three of the following IP addresses are Class C addresses?

222.55.0.0 223.16.5.0 192.15.5.55

Which of the following answers refer to the IPv4 multicast address block? (Select 2 answers) 128 - 191 Class B 192 - 223 Class C 224 - 239 Class D

224 - 239 Class D

Which of the following answers lists the default (classful) subnet mask for a class A network? 255.0.0.0 255.128.0.0 224.0.0.0 255.224.0.0

255.0.0.0

You have been told to assign the IP address 21.155.67.188 to a host on the network using the default subnet mask. Which mask should you use? 21.155.0.0 255.255.0.0 21.155.67.0 255.0.0.0 255.255.255.0 21.0.0.0

255.0.0.0 Explanation The default subnet mask for this address is 255.0.0.0. The address is a class A address, which begins with a number between 1 and 126 in the first octet. 21.0.0.0 is the subnet address. 255.255.0.0 is the default subnet mask for a class B address,and 255.255.255.0 is the default subnet mask for a class C address.

Which of the following answers lists the default (classful) subnet mask for a class C network? 255.255.192.0 255.255.224.0 255.255.255.0 255.255.252.0

255.255.255.0

Which of the following cellular network types does NOT provide Internet connectivity?

2G

Drag the cellular network specification on the left to its corresponding mobile technology generation on the right

2G - GSM CDMA 3G - LTE HSPA+ 4G - WiMAX

Your network follows the 100BaseFX specifications for Fast Ethernet, and uses halfduplex cable. What is the maximum cable segment length allowed? 100 meters 412 meters 550 meters 1,000 meters 2,000 meters

412 meters Explanation For 100BaseFX, halfduplex, multimode cable has a maximum segment length of 412 meters. 1000BaseSX and 1000BaseLX support multimode cable up to 550 meters. 10BaseFL supports fiber optic cable between 1,000 and 2,000 meters.

To increase security on your company's internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions?

443

Which of the following answers lists the number of connections in a full mesh network consisting of 10 nodes? 21 28 36 45

45

OC-12

622.08 Mbps

You are designing a wireless network for a client. You client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standards will work best in this situation?

802.11a 802.11n 802.11a or 802.11n are the best choices for this client. While both 802.11a and 802.11g each operate at 54 Mbps, 802.11g operates in the 2.4 GHz to 2.4835 GHz range, which will cause interference with the client's wireless phone system. 802.11a and 802.11n, on the other hand, operate in the 5.725 GHz to 5.850 GHz frequency range, which won't interfere with the phone system. 802.11n can operate at speeds up to 300 Mbps.

Modified older wireless standards that allow complaint devices to achieve higher speeds include: (Select all that apply) 802.11x 802.11a-ht 802.11ac 802.11g-ht

802.11a-ht 802.11g-ht

Which of the following wireless networking standards uses a frequency of 5 GHz and supports transmission speeds up to 1.3 Gbps?

802.11ac The 802.11ac standard uses the 5 GHz frequency and supports data transmission speeds up to 1.3 Gbps. 802.11n supports data transmission speeds up to 600 Mbps. 802.11g and 802.11a both support data transmission speeds up to 54 Mbps. 802.11b supports data transmission speeds up to 11 Mbps.

Which IEEE standard describes wireless communication?

802.11b

After installing a new 2.4GHz cordless phone system in your office, you notice that wireless network performance is adversely affected. Which of the following wireless networking standards are you most likely to be using? (Select two.)

802.11b 802.11g

After installing a new 2.4Ghz cordless phone system in your office, you notice that wireless network performance is adversely affected. Which of the following wireless networking standards are you most likely to be using? (Select two.)

802.11b 802.11g

You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standards could the network be using? (Select two.)

802.11b Bluetooth

Which of the following specifications identify security that can be added to wireless networks? (Select two.)

802.11i 802.1x

Users on your network report that they have received an email stating that the company has just launched a new website. The email asks employees to click the website link in the email and log in using their username and password. No one in your company has sent this email. What type of attack is this?

Phishing

Which of the following IPv6 addresses is equivalent to the IPv4 loopback address of 127.0.0.1?

::1

PAT

A Network Address Translation (NAT) method that binds a combination of private IP address and port number with a corresponding public IP address and port information

Which of the following connectors usually require polishing as part of the assembly process? (Select two.) A ST B AUI C IDC D SC E BNC

A ST D SC

Software as a Service (SaaS)

A cloud computing infrastructure type where applications are hosted over a network (typically Internet) eliminating the need to install and run the software on the customer's own computers

Hybrid topology

A combination of two or more different basic network topologies.

ipconfig /all

A command-line command used to display MAC address in MS Windows

TTL

A field in an IP datagram that specifies how many more hops a packet can travel before being discarded

Static route

A manually-configured routing entry

Punch-down block

A mechanism that allows for connecting one set of wires with another set of wires in telecommunications closets or local area networks (LANs).

Multiplexing

A method that allows to combine multiple analog or digital data streams for transmission over a shared medium is known as:

Multiplexing

A method that allows to combine multiple analog or digital data streams for transmission over a shared medium.

BNC

A miniature quick connect/disconnect radio frequency connector used for coaxial cable.

Which of the following are typical components of a NAS device? select two

A minimal network OS. One or more NICs.

Honeypot

A monitored host holding no valuable data specifically designed to detect unauthorized access attempts and divert attacker's attention from the corporate network

Leased line

A more costly alternative to VPN.

LAN

A network connecting computers within a small geographical area such as a building or group of buildings

Load balancer

A network device designed for managing the optimal distribution of workloads across multiple computing resources

Ring topology

A network topology in which each node connects to exactly two other nodes

Full mesh

A network topology in which each node has a direct physical connection to every other node

Frame Relay

A packet switching protocol for connecting devices on a WAN. It supports T-1 and T-3 speeds

Wire Stripper

A pair of opposing blades much like scissors or wire cutters. The addition of a center notch makes it easier to cut the insulation without cutting the wire

Which of the ff. describes a logic bomb?

A program that performs a malicious activity at a specific time or after a triggering event.

PoE IEEE 802.3af

A solution that allows to supply electricity over standard Ethernet cables

Route aggregation

A solution used to optimize and decrease the size of a routing table

Route redistribution

A solution used to translate routing information between routers configured to use different routing protocols

ISDN

A solution which allows for simultaneous digital transmission of voice, video, data, and other network services over a PSTN.

In a variation of the brute force attack, an attacker may use a predefined list (dictionary) of commonly used usernames and passwords to gain access to existing user accounts. Which countermeasure best addresses this issue?

A strong password policy

Trunk port

A switch port configured to pass all the data, regardless of the VLAN number, between all switches on a LAN

ATM

A switching technique used by telecommunication networks that uses asynchronous time-division multiplexing to encode data into small, fixed-sized cells.

System & Network Integrated Polling Software (Snips)

A system and network monitoring software that runs on Unix systems and can monitor network and system devices.

VPN

A system that uses public network (e.g. Internet) as a means for creating private encrypted connections between remote locations is known as:

Packet shaping

A technology that allows for prioritizing certain types of network traffic in order to improve the overall network effectiveness and performance is known as:

Plenum

A type of enclosed space in a building (such as the one between a dropped ceiling and the structural ceiling) used for air handling.

Plenum

A type of enclosed space in a building used for air handling

You manage a single domain named widgets.com. Organizational units (OUs) have been created for each company department. User and computer accounts have been moved into their corresponding OUs. You define a password and account lockout policy for the domain. However, members of the Directors OU want to enforce longer passwords than are required for the rest of the users. You would like to define a granular password policy for these users. Which tool should you use?

ADSI edit

An infrastructure device designed for connecting wireless/wired client devices to a network is commonly referred to as:

AP - Access Point (AP)

Which of the following answers refer to solutions used for controlling the light signal at a termination point of a fiber-optic connection? (Select 2 answers) APC SCP UPC AUP DLP

APC UPC

In the AAA security architecture, the process of tracking accessed services as well as the amount of consumed resources is known as:

Accounting

ICS

Acronym which refers to a general term used for a system providing the capability for remote control, real-time monitoring, and gathering information related to industrial equipment

VTC

Acronym which refers to a solution that enables simultaneous two-way video and audio transmissions between multiple networked hosts

SIEM

Acronym which refers to a technology that allows for real-time analysis of security alerts generated by network hardware and applications

A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to a wireless network and then uses NMAP to probe various network hosts to see which operating system they are running. Which process did the administrator use in the penetration test in this scenario?

Active fingerprinting

Which type of configuration would you use if you wanted to deploy 802.11n technology to communicate directly between two computers using a wireless connection?

Ad hoc Configure an ad hoc connection to connect one computer directly to another using a wireless connection. An infrastructure configuration uses a Wireless Access Point (WAP) to create a network. Devices communicate with each other though the WAP. WEP is a security mechnism used for authentication.

You are the office manager of a small financial credit business. Your company handles personal, financial information for clients seeking small loans over the Internet. you are aware of your obligation to secure clients records, but budget is an issue. Which item would provide the best security for this situation? -Proxy server with access controls -All in one security appliance -Firewall on your gateway server to the Internet -Network access control system

All in one security appliance

Toner Probe

Allows you to place a tone on one end of a wire and then locate the other end of the wire by finding the wire that has the tone. It includes two components: a tone generator and a speaker. You connect the tone generator onto one end of the cable to place a tone on the cable.

Patch cable

An Ethernet straight-through cable is also commonly referred to as this.

Which of the following best describes the Ping of Death exploit?

An ICMP packet larger than 65,536 bytes

128 bits

An IPv6 address consists of this.

APIPA address

An IPv6 link-local address is the equivalent of IPv4

155.52 Mbps

An OC-3 line supports transmission rates of up to this speed.

False

An SSL VPN connection typically requires a dedicated VPN client application. True/False

Content filter

An application software used to selectively block access to certain websites is an example of:

Match the applicationaware network device on the right with the appropriate description on the left. Each description may be used once, more than once, or not at all.

Applicationaware proxy Improves application performance Applicationaware firewall Enforces security rules based on the application that is generating network traffic, instead of the traditional port and protocol Applicationaware IDS Analyzes network packets to detect malicious payloads targeted at applicationlayer services

Which of the ff. is the best recommendation for applying hotfixes to your servers?

Apply only the hotfixes that apply to software running on your systems

You are creating an Ethernet network for your company. the shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat6e cable to connect the wiring closet to the shipping building what conditions are you most likely to experience?

Attenuation Loss of signal strength from one end of the cable to another. The longer the cable, the more attentuation

Which of the following are improvements to SNMP that are included within SNMP version 3? (Select two.)

Authentication for agents and managers Encryption of SNMP messages

Which of the answers listed below refers to the process of granting or denying access to resources?

Authorization

Which of the answers listed below refers to the process of granting or denying access to resources? Authentication Authorization Accounting

Authorization

You are connecting Cat5e cables to a 110 block. In what order should you connect the wires to follow standard wiring convendons? A White/brown, brown, white/blue, blue, white/orange, orange, white/green, green B White/blue, blue, white/orange, orange, white/green, green, white/brown, brown C White/orange, orange, white/green, blue, white/blue, green, white/brown, brown D White/green, green, white/orange, blue, white/blue, orange, white/brown, brown

B White/blue, blue, white/orange, orange, white/green, green, white/brown, brown

You want to use the T568B standard for adding connectors to your Cat5 cable. Starting with pin 1, which order should you use for the wires within the connector? A White/green, green, white/orange, blue, white/blue, orange, white/brown, brown B White/orange, orange, white/green, blue, white/blue, green, white/brown, brown C White/blue, blue, white/orange, orange, white/green, green, white/brown, brown D White/orange, orange, white/green, green, white/blue, blue, white/brown, brown

B White/orange, orange, white/green, blue, white/blue, green, white/brown, brown

In which of the following situations might you use an RJ-11 connector? A You want to connect the 10BaseT network card in your computer to a switch. B You want to connect your computer to the Internet with a dial-up connection. C You want to upgrade your 10BaseT network to 10OBaseT. D You want to test a network cable to see if there is a break in the line.

B You want to connect your computer to the Internet with a dial-up connection.

Which of the following routing protocols is used by routers on the Internet for learning and sharing routes? EIGRP BGP RIP ISIS OSPF

BGP Explanation BGP is the protocol used on the Internet: ISPs use BGP to identify routes between ASs. Very large networks can use BGP internally, but typically only share routes on the Internet if the AS has two (or more) connections to the Internet through different ISPs. RIP is used on small private networks, while OSPF and EIGRP are used on larger private networks. ISIS is used on very large private networks and within the Internet Service Provider (ISP) network.

Which of the following routing protocols uses paths, rules, and policies instead of a metric for making routing decisions?

BGP. BGP is an advanced distance vector protocol (also called a path vector protocol) that uses paths, rules, and policies instead of a metric for making routing decisions.

Match each Interoperability Agreement document on the left with the appropriate description on the right. Each document may be used once, more than once, or not at all.

BPO >> Creates an agreement with a vendor to provide services on an ongoing basis BPO >> Specifies a preset discounted pricing structure SLA >> Specifies exactly which services will be performed by each party SLA >> Defines how disputes will be managed MOU >> Provides a summary of which party is responsible for performing specific tasks ISA >> Documents how the networks will be connected

Developers in your company have created a Web application that interfaces with a database server. During development, programmers created a special user account that bypasses the normal security. What is this an example of?

Backdoor

NetBus and Back Orifice are remote control tools. They allow you to connect to a remote system over a network and operate it as if you were sitting at its local keyboard. Unfortunately, these two programs are also examples of what type of security concern?

Backdoor Trojans

You provide IT support under contract for a dentists office. The office has a limited number of wireless clients, so a simple wireless router is used to profide WIFI access. On your latest visit, you check the manufactures website and discover that a update has been released by the wireless router manufacture. You decide to download and install the update. Click the option you should use in the wireless routers configuration interface to prepare the device for update.

Backup Configuration

You are in the habit of regularly monitoring performance statistics for your devices. You find that this month a specific server has averaged a higher number of active connections than last month. Which type of document should you update to reflect the change?

Baseline.

A type of management frame containing information about the wireless network that helps wireless-capable devices discover the presence of a Wireless LAN (WLAN) is known as: Beacon frame Magic packet Service Set Identifier (SSID) Jumbo frame

Beacon frame Is one of the management frames in IEEE 802.11 based WLANs. It contains all the information about the network. Beacon frames are transmitted periodically to announce the presence of a wireless LAN. Beacon frames are transmitted by the access point (AP) in an infrastructure basic service set (BSS).

You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standards could the network be using? (Select two.)

Bluetooth 802.11b

Which of the following physical topologies are used with Ethernet networks? (Select two.) Mesh Star Bus Ring

Bus & Star Explanation Ethernet networks use either a physical bus or physical star topology. Hubs can also be cascaded to form a tree topology.

When using 110 blocks for connecting Cat5 and higher data cables, which recommendation should you follow? A Use C-5 connectors. B Connect wires using the T568A standard. C Keep wire pairs twisted up to within one—half of an inch of the connector. D Connect wires using the T568B standard.

C Keep wire pairs twisted up to within one—half of an inch of the connector.

Which of the following is a valid MAC address? 73-99-12-61-15 192.168.12.15 34-9A-86-1G-B3-24 C0-34-FF-15-01-8E 255.255.255.0 83-5A-5B-0B-31-55-F1

C0-34-FF-15-01-8E Explanation A MAC or hardware address is a unique identifier hard coded on every network adapter card. A valid MAC address has a total of 12 hexadecimal numbers. Hexadecimal numbers contain the numbers 0 to 9 and the letters A to F. Valid values in a MAC address range anywhere from 00 to FF. Note that one of the answers would be a valid MAC address except it uses a G value, which is beyond the range of a hexadecimal number.

Which of the following twisted-pair copper cabling types is most commonly used in modern Ethernet networks? CAT3 CAT4 CAT5 CAT5e

CAT5e

Which of the DNS database records listed below allows multiple domain names to resolve to the same IP address?

CNAME

All of the 802.11 standards for wireless networking support which type of communication path sharing technology?

CSMA/CA

The media access control method of all Ethernet networks is __________. CSMA/CD CSMA/CA Polling Token passing

CSMA/CD Explanation Carrier sense multiple access with collision detection (CSMA/CD) is the media access control method of all Ethernet networks.

What must you install between your network and a T1 line for your network to use the T1 line?

CSU/DSU

CDMA GSM LTE

Cellular technologies used in mobile networks.

You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this?

Chain of custody

You are troubleshooting a workstation to the network. During your troubleshooting, you replace the drop cable connecting the computer to the network. Which type of document should you update?

Change documentation.

You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device?

Change management

You've just finished installing a wireless access point for a client. What should you do to prevent unauthorized users from accessing the access point (AP) configuration utility?

Change the administrative password on the AP.

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card to gain access. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with a user name of admin and a password of admin. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? (Select two.)

Change the default administrative user name and password. Use an SSH client to access the router configuration.

You just developed a new Cisco router that connects several network segments in your organization. The router is physically located in the server route that requires an ID card to gain access. You backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using Telnet client with a username admin and a password of admin. You used the MDS hashing algorithm to protect the password. What should you do to increase the security of this device? select two

Change the default administrative username and password Use an SSH client to access the router configuration

A portion of the available Radio Frequency (RF) band allocated for wireless communication is known as: Scope Channel Service set Baseline

Channel

A situation in which multiple channels share the frequency band causing interference and performance degradation for devices operating on channels that are too close to each other is called: Cross-talk Channel overlapping Collision Channel bonding

Channel overlapping

Copper cable RJ-45 connector 100 Mbps Ethernet

Characteristic features of Category 5 (CAT5) cabling.

Hard-coded into a NIC 48-bit hexadecimal number Physical address

Characteristic features of a MAC address

Signal latency Interference (weather dependent) Low connection speed

Characteristic features of satellite Internet connections.

Class A range Non-routable (private) IP address range

Characteristic features of the 10.0.0.0 - 10.255.255.255 IPv4 address space

Class B range Non-routable (private) IP address range

Characteristic features of the 172.16.0.0 - 172.31.255.255 IPv4 address space

Exterior Gateway Protocol (EGP) Hybrid routing protocol

Characteristic features of the Border Gateway Protocol (BGP)

Used with telephone cabling Copper cabling connector

Characteristic features of the RJ-11 connector.

Used with Ethernet network cabling Copper cabling connector

Characteristic features of the RJ-45 connector.

Consider the following IP addresses. 1. 124.77.8.5 2. 131.11.0.9 3. 190.66.250.10 4. 196.5.89.44 Which list represents the IP address class of each listed IP address? Class A, Class B, Class B, Class C Class B, Class B, Class C, Class D Class B, Class B, Class C, Class C Class A, Class B, Class C, Class C Class A, Class B, Class C, Class C Class B, Class C, Class C, Class D

Class A, Class B, Class B, Class C Explanation The IP addresses listed are of the following classes: Class A, Class B, Class B, Class C. You can identify the IP address class by memorizing the range of values for the first octet. • 0-126 = Class A • 128-191 = Class B • 192-223 = Class C • 223-239 = Class D • 240-255 = Class E

Which of the following answers list the characteristic features of the 172.16.0.0 - 172.31.255.255 IPv4 address space? (Select 2 answers) Class A range Public IP address range Class B range Non-routable (private) IP address range Class C range

Class B range Non-routable (private) IP address range

You have implemented a network where hosts are assigned specific roles, such as for file sharing and printing. Other hosts access those resources but do not host services of their own. What type of network do you have? Client/server Peer-to-peer Intranet Extranet

Client/server Explanation In a client/server network, hosts have specific roles. For example, some hosts are assigned server roles which allows them to provide network resources to other hosts. Other hosts are assigned client roles which allows them to consume network resources. In a peer-to-peer network, each host can provide network resources to other hosts or access resources located on other hosts, and each host is in charge of controlling access to those resources. An intranet is a private network that uses Internet technologies. Services on an intranet are only available to hosts that are connected to the private network. An extranet is a private network that uses Internet technologies, but whose resources are made available to external (but trusted) users. For example, you might create a Web site on a private network that only users from a partner company can access.

Which of the following is NOT true regarding cloud computing?

Cloud computing requires end-user knowledge of the physical location and configuration of the system that delivers the services.

Which of the following is not true regarding cloud computing?

Cloud computing requires enduser knowledge of the physical location and configuration of the system that delivers the services.

Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service?

Clustering

Which of the cabling types listed below provide(s) protection against an outside signal interference? (Select all that apply) UTP Coaxial Fiber-optic STP

Coaxial Fiber-optic STP

Which type of Internet service uses the DOCSIS specification?

Coaxial cable

Which of the following is a recovery site that may have electricity connected, but there are no servers installed and no high-speed data lines present?

Cold Site

You manage a single switch. On each switch port, a hub connects multiple devices to the switch. What condition are you most likely to experience on the networks?

Collisions

Consider the network shown in the exhibit. When you run the show interfaces command on switch1, you observe a significant number of runts on the Gi0/1 interface. What does this statistic indicate?

Collisions are occurring.

ifconfig

Commands used to display MAC address in Linux

At which layer of the OSI model do hubs operate? Data Link Internet Physical Layer 3

Physical Explanation Hubs operate at layer 1, or the Physical layer of the OSI model.

Which of the following best describes the Platform as a Service (PaaS) cloud computing service model?

PaaS delivers everything a developer needs to build an application onto the cloud infrastructure.

Which of the following is a firewall function? -Frame Filtering -Packet Filtering -FTF hosting -encrypting -Protocol conversion

Packet Filtering

A technology that allows for prioritizing certain types of network traffic in order to improve the overall network effectiveness and performance is known as:

Packet Shaping

You manage a website for your company. The Web site uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this?

Connect one server through a different ISP to the Internet

You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this?

Connect one server through a different ISP to the internet.

Which of the following tasks is associated with the Session layer? Connection establishment Acknowledgement coordination Transmission synchronization Host ID number assignment

Connection establishment Explanation Connection establishment is controlled through Session layer protocols.

BNC F-connector

Connector types used with coaxial cabling.

An application software used to selectively block access to certain websites is an example of:

Content filter

An application software used to selectively block access to certain websites is an example of: Captive portal Media converter Content filter Proxy server

Content filter

Which two of the following are included as part of Data Link layer specifications? Composition of electrical signals as they pass through the transmission medium. Controlling how messages are propagated through the network. Synchronizing individual bits as they are transmitted through the network. Identifying physical network devices.

Controlling how messages are propagated through the network. Identifying physical network devices. Explanation The Data Link layer controls identifying devices on a network as well as how messages travel through the network (the logical topology). The other functions listed here are performed by the Physical layer.

What is the basic purpose of the OSI Physical layer? Defines basic physical structures, such as disks. Coordinates rules for managing network servers. Coordinates rules for routing packets. Coordinates rules for transmitting bits.

Coordinates rules for transmitting bits. Explanation The OSI Physical layer coordinates rules for transmitting bits.

You want to give all managers the ability to view edit a certain file. To do so, you need to edit the discretionary access control list (DACL) associated with the file. You want to be able to easily add and remove managers as their job positions change. What is the best way to accomplish this?

Create a security group for the managers. Add all users as members of the group. Add the group to the file's DACL.

A user reports that she can't connect to the Internet. After some investigation, you find that the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point. What should you do next?

Create an action plan.

You are building network cables and attaching RJ45 connectors to each end. Which tool do you need for this task?

Crimping tool

You are building network cables and attaching RJ45 connectors to each end. Which tool do you need for this task? Vampire taps Crimping tool Punch down tool Needle nose pliers

Crimping tool Explanation You should use a crimping tool designed for RJ45 connectors to attach connectors to UTP cable.

You want to connect the LAN port on a router to the uplink port on a switch. The switch does not support auto-MDI. Which type of cable should you use? Crossover Rollover Straight-through Loopback

Crossover Explanation Use a crossover cable to connect a workstation or a router to the uplink port on a switch. Use a straight-through cable to connect the router to a regular switch port. Use a rollover cable to connect a workstation to the console port of a router. Use a loopback plug to allow a device to communicate with itself through its own network adapter.

You have two switches that you need to connect using their uplink ports. The switches do not support auto-MDI. Which type of cable should you use? Straight-through Loopback Crossover Rollover

Crossover Explanation Use a crossover cable to connect two switches through their uplink ports, or to connect the two switches through regular ports. Use a straight-through cable to connect the uplink port on one switch to a regular port on another switch. Use a rollover cable to connect a workstation to the console port of the switch. Use a loopback plug connected to a single port for troubleshooting.

In twisted-pair cabling wires are grouped into pairs and wires in each pair are twisted around each other in order to reduce: Cross-talk Cable diameter Collisions Bend radius

Crosstalk

You have decided to implement Gigabit Ethernet on your network. Each switch port is connected to a single device. Following the installation, you find one device connected to a switch that is only running at 100 Mbps. Which of the following are likely causes?

Crosstalk Crosstalk is interference that is caused by signals within the twisted pairs of wires. For example, current flow on one wire causes a current flow on a different wire. Crosstalk and other miswiring problems typically mean that a cable does not operate at the desired standard. Use a cable certifier to verify that that cable is properly configured to support the rated speed.

Which of the following forms of optical fiber would usually be used to connect two buildings across campus from each other, which are several kilometers apart? A Dual mode B Fibre Channel mode C Multimode D Single mode

D Single mode

Which of the following applications is more likely to justify the investment in Category 6 cable? A E-maiI B Instant Messaging C Printing D Streaming video

D Streaming video

You are preparing to attach wires in a 110 block. You want to connect the wires and trim off the excess at the same time. Which of the following should you do? (Select two.) A Use a butt set with a jack. B Use a butt set with clips. C Use a punchdown tool with a straight blade. D Use a punchdown tool with a notched blade. E Point the cut side of the tool towards the wire end. F Point the cut side of the tool towards the connected end of the wire.

D Use a punchdown tool with a notched blade. E Point the cut side of the tool towards the wire end.

You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a wiring closet on the two remaining floors directly above the wiring closet on the main floor. What would you use to connect the wiring closets together? A Smart jack B Demarc extension C Horizontal cross connect D Vertical cross connect

D Vertical cross connect

You want to use the T568A standard for adding connectors to your Cat5 cable. Starting with pin 1, which order should you use for the wires within the connector? A White/orange, orange, white/green, blue, white/blue, green, white/brown, brown B White/blue, blue, white/orange, orange, white/green, green, white/brown, brown C White/orange, orange, white/green, green, white/blue, blue, white/brown, brown D White/green, green, white/orange, blue, white/blue, orange, white/brown, brown

D White/green, green, white/orange, blue, white/blue, orange, white/brown, brown

Which of the following cable types often includes a solid plastic core? A cat 5 B cat 3 C Cat 5e D cat 6

D cat 6

Which of the following connector types are used for connecting devices to a RS-232 port? (Select 2 answers) RJ-11 DB-9/DE-9 ST RJ-48C DB-25 LC

DB-25 DB-9/DE-9

An IPv4 address in the range 169.254.1.0 through 169.254.254.255 indicates a problem with what type of service? SNMP DNS SMTP DHCP

DHCP

Which of the following solutions provides an alternative to manual assignment of IP addresses?

DHCP

You have a TCP/IP network with 50 hosts. There have been inconsistent communication problems between hosts. You run a protocol analyzer and discover that two hosts have the same IP address assigned. Which protocol can you implement on your network to help prevent problems such as this? IP TCP ICMP DHCP SNMP IGMP

DHCP Explanation You can use the Dynamic Host Configuration Protocol (DHCP) to set up a DHCP server that will assign IP addresses automatically to network hosts. DHCP servers will not assign the same IP address to two different hosts.

You are troubleshootin a network connectivity issue on a Unix system. You are able to connect to remote systems by using their IP address, but unable to connect using the hostname. You check the TCP/IP configuration, and note that a DNS serve IP address is configured You decide to run some manual resolution queries to ensure that the communication between the Unix system and the DNS server are working correctly. Which utilities cna you use to do this?

DIG nslookup

In order to be able to connect to a website and display its contents, a URL entered in the web browser address bar needs to be translated into an IP address. Which of the servers listed below is used to handle this type of request?

DNS server

Which of the following Internet connection technologies requires that the location be within a limited distance of the telephone company central office?

DSL

A switch is associated with which OSI model layer? Transport Network Data Link Physical

Data Link Explanation Switches are associated with the Data Link layer of the OSI model. Switches examine the device address in the packet and forward messages directly to that device.

Your company purchases a new bridge, which filters packets based on the MAC address of the destination computer. On which layer of the OSI model is this device functioning? Data Link Transport Presentation Session

Data Link Explanation The bridge is operating at the Data Link layer.

You have just connected a new computer to your network. The network uses static IP addressing. You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having a problem. What configuration values would you most likely need to change?

Default Gateway used for sending packets to other subnets

You have just connected a new computer to your network. The network uses static IP addressing. You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having a problem. Which of the configuration values would you most likely need to change?

Default gateway

Which of the following are functions of the MAC sublayer? (Select two.) Mapping hardware addresses to linklayer addresses Defining a unique hardware address for each device on the network Creating routing tables based on MAC addresses Letting devices on the network have access to the LAN

Defining a unique hardware address for each device on the network Letting devices on the network have access to the LAN Explanation The MAC sublayer defines a unique MAC or datalink address for each device on the network. This address is usually assigned by the manufacturer. The MAC sublayer also provides devices with access to the network media.

A user reports that she can't connect to a server on your network. You check the problem and find out that all users are having the same problem. What should you do next?

Determine what has changed.

Router

Device used for separating broadcast domains

Which of the following best describe the concept of a virtual LAN?

Devices on the same network logically grouped as if they were on separate networks

On your way into the back entrance of the building at work one morning, a man dressed as a plumber asks you to let him in so he can "fix the restroom." What should you do?

Direct him to the front entrance and instruct him to check in with the receptionist.

Which of the following measures will make your wireless network invisible to the casual attacker performing war driving?

Disable SSID broadcast

Which of the ff. actions should you take to reduce the attack surface of a server?

Disable unused services

Which of the following actions should you take to reduce the attack surface of a server?

Disable unused services.

You manage the website for your company. The Web1 server hosts the website. This server has the following configuration: • Dual core processor • Dual power supplies • RAID 5 volume • One RAID controller • Two 1000 Mbps network adapters Which component is a single point of failure for the website?

Disk controller Single point of failure means the failure in one component will cause the entire website to be unavailable.

Which of the following enterprise wireless deployment models uses access points with enough intelligence to allow for the creation of guest WLANs for keeping public wireless traffic separate from private traffic?

Distributed wireless mesh infrastructure

Which of the following are examples of social engineering?

Dumpster diving //Shoulder surfing

U user reports that network access from her workstation is very slow. The problem does not seem to be effecting any other users. What condition is likely the cause.

Duplex mismatch

Which of the answers listed below refers to a solution that allows for keeping a domain name linked to a changing IP address?

Dynamic DNS (DDNS)

True

Dynamic Host Configuration Protocol version 6 (DHCPv6) is the IPv6 equivalent of the Dynamic Host Configuration Protocol (DHCP) for IPv4.

Which EAP implementation is most secure?

EAPTLS

Which step is required to configured a NAP on a RD gateway server? -Configure the server to issue a valid statement of health certificate -Configure the enforcement point as a RADIUS client to the NAP server -On the 802.1x switch, define the RD gateway server as a compliant network VLAN -Edit the properties for the server and select REQUST CLIENT TO SEND A STATEMENT OF HEALTH

Edit the properties for the server and select REQUST CLIENT TO SEND A STATEMENT OF HEALTH

A new assistant network administrator was recently hired by your organization to relieve some of your workload. You assigned the assistant network administrator to replace a defective patch cable that connected port 1 on your patch panel to one of your network switches. You noticed that it took him an unusually long time to complete this task. Once done, users almost immediately began to report that the network had gone down. Upon entering the server room, you see that the assistant administrator has configured your network rack as shown in the Exhibit. What should you do? (Choose two. Each response is a complete solution.)

Enable STP on each switch. Remove the patch cable connecting the first switch to the third switch.

You have configured a remote access server to accept dial-up connections for remote access clients. Remote clients are able to connect successfully and access resources on the remote access server. However, the remote clients are not able to connect to other devices located on the same subnet where the remote access server is located. Which action would likely correct the problem?

Enable proxy arp on the LAN connection for the remote access server.

You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. Which of the following will help reduce the effects of a broadcast storm?

Enable spanning tree on the switches

You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. What will help reduce the effects of a broadcast storm?

Enable spanning tree on the switches it is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet

You need to implement a wireless network link between two buildings on a college campus. A wired network has already been implemented within each building. The buildings are 100 meters apart. What type of wireless antennae should you use on each side of the link? (Select two.)

Parabolic Highgain

You are a network administrator for your company. A frantic user calls you one morning exclaiming that "nothing is working." What should you do next in your troubleshooting strategy?

Establish the symptoms.

You manage a firewall that connects your private network to the Internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use?

Event log

Remote Terminal Unit (RTU) Programmable Logic Controller (PLC)

Examples of intelligent devices used in systems designed to control and automate industrial processes.

RIPv2 OSPF IS-IS

Examples of interior gateway routing protocols

OSPF IS-IS

Examples of link-state routing protocols

Which of the following answers lists a valid address of FE80:0000:0000:0000:02AA:0000:4C00:FE9A after compression? FE80::2AA::4C00:FE9A FE80:0:2AA:0:4C:FE9A FE80::2AA:0:4C00:FE9A FE80:0:02AA::4C:FE9A

FE80::2AA:0:4C00:FE9A

Which of the following is a valid IPv6 address?

FEC0::AB:9007

You have just connected four new computer systems to an Ethernet switch using spare patch cables. After the installation only three systems are able to access the network. You verify all client network settings and replace the network card in the failed system. The client is still unable to access the network. Which of the following might you suspect as the real cause of the problem?

Failed patch cable

You suspect that some of your computers have been hijacked and are being used to perform denial of service attacks directed against other computers on the Internet. Which log would you check to see if this is happening?

Firewall

Match the virtualization feature on the right with the appropriate description on the left.

Flexibility - Moving virtual machines between hypervisor hosts Testing - Verifying that security controls are working as designed Server consolidation - Performing a physical-to-virtual migration (P2V) Sandboxing - Isolating a virtual machine from the physical network

Which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building?

Place accès points above where most clients are

You are adding new wires in your building for some new offices. The building has a false ceiling that holds the lights. You would like to run your Ethernet cables in this area. Which type of cable must you use? Plenum PVC Fiber optic Cat 5e or Cat 6e STP

Plenum Explanation Plenum cable is fire resistant and nontoxic; it must be used when wiring above ceiling tiles. PVC cable cannot be used to wire above ceilings because it is toxic when burned. Cat 5e cables provide better EMI protection than Cat 5 cables, and Cat 6e cables are an improvement over Cat 6 specifications, but neither are a requirement for using in a ceiling area. If the area has a lot of EMI, you might consider using STP or fiber optic cables, but this would not be a requirement just because wires were in a ceiling area. Typically, you can avoid EMI sources by rerouting cables.

Which of the following features is used with digital IP phones to supply power through a switch port?

PoE

A new law was recently passed that states that all businesses must keep a history of all e-mails sent between members of the board of directors. You need to ensure that your organization complies with the law. Which document type would you update first in response to this new law?

Policy.

Which of the following WAP configuration settings allows for adjusting the boundary range of the wireless signal? Fair access policy Power level controls Quality of Service (QoS) Wi-Fi Protected Setup (WPS) Bandwidth cap

Power level controls

Drag the Web threat protection method on the left to the correct definition on the right.

Prevents visiting malicious Web sites Web threat filtering Prevents outsided attempts to access confidential information Antiphishing software Identifies and disposes of infected content Virus blockers Prevents unwanted email from reaching your network Gateway email spam blockers Prevents visiting restricted Web sites URL content filtering

An attacker has obtained the logon credentials for a regular user on your network. Which type of security threat exists if this user account is used to perform administrative functions?

Privilege escalation.

Port trunking

Process of data from multiple VLANs on a single switch being carried through a single network link between switches

You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use?

Protocol analyzer.

EGP

Protocol types used for sharing routing information between autonomous systems

VRRP HSRP

Protocols which are used for designating a backup router in the event of an active router failure

MLPPP

Provides a method for combining two or more physical communication links into one logical interface for the purpose of improved speed and redundancy.

Network Address Translation (NAT)

Provides an IP proxy between a private LAN and a public network such as the Internet.

Which of the following solutions provide(s) the AAA functionality? (Select all that apply)

RADIUS, TACACS

Which of the following solutions provide(s) the AAA functionality?

RADIUS, TACACS+

Which of the following drive configurations is fault tolerant?

RAID 5

What is the advantage of RAID 5 over RAID 1?

RAID 5 improves performance over RAID 1

A dial-up or VPN connection allowing remote users to access corporate network requires what type of service?

RAS

A dial-up or VPN connection allowing remote users to access corporate network requires what type of service? RAS PoE NAS WPS

RAS

You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer at home. Which protocol should you use?

RDP

You have a small home network connected to the Internet using an RG6 cable. You need to move the router connecting the network to the Internet, but can't find any RG6 cable. Which cable types could you use instead? RG8 or RG58 RG58 or RG59 RG8, RG58, or RG59 RG8 RG59 RG58

RG59 Explanation RG6 has an impedance rating of 75 ohms. When using coaxial cables, it is important to use cables with the same impedance rating. Only RG59 is rated for 75 ohms. RG8 and RG58 are rated for 50 ohms.

Of the following cables, which offer the best protection against EMI? Cat 5e Cat 5 Cat 6e RG6

RG6 Explanation Coaxial cable offers better protection against EMI than twisted pair cables. Coaxial cable has a mesh conductor which provides a ground and protects against EMI. In general, the higher the twisted pair cable standard, the better protection against some forms of EMI (typically crosstalk). For twisted pair, use shielded twisted pair instead of unshielded twisted pair. Use fiber optic for the best protection against EMI.

Which of the following are differences between RADIUS and TACACS+?

Radius combines authentication and authorization into a single function. TACAS+ allows these services to be split between different servers.

Which of the ff. password attacks uses preconfigured matrices of hashed dictionary words?

Rainbow table

Which form of alternate site is the cheapest but may not allow an organization to recover before reaching their maximum tolerable downtime?

Reciprocal agreement

Which phase or step of security assessment is a passive activity

Reconnaissance

What is the primary security feature that can be designed into a network's infrastructure to protect and support availability?

Redundancy

Mobile device on-boarding BYOD

Refer to a policy that allows employees to use their own mobile devices on the corporate network

224 - 239 Class D

References to IPv4 multicast address block

Even if you perform regular backups, what must be done to ensure that you are protected against data loss?

Regularly test restoration procedures

You need to find out what kind of laws might apply to the design and operation of your network. Which type of document would you consult?

Regulation

You need to find out what kind of laws might apply to the design and operation of your network. Which type of document would you consult?

Regulation.

Match the definition on the left with the SCADA technology term on the right

Remote Terminal Unit- Connects equipment to the network via a wireless signal and converts digital data from the network into signals that the equipment can process. DCS- A network of components that work together in order to remotely manage industrial equipment. Network Link- Connects the supervisory computer to the RTUs or PLCs. Supervisory Computer-Communicates with and send control commands to connected SCADA devices. Programmable logic Controller- Connects equipment to the network via a physical medium and converts digital data into signals that the equipment can process

What does a remote access server use for authorization?

Remote access policies

SCADA systems are typically implemented using which of the following components?

Remote terminal units (RTUs), and programmable Logic Controllers (PLCs)

You are creating an ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single cat 6e cable to connect the wiring closet to the shipping building. What should you include in your plan?

Repeater regenerates the signal and removes the unwanted effects caused by attenuation

You are implementing a wireless network inside a local office. You require a wireless link to connect a laptop in the administrator's office directly to a system in the sales department. In the default configuration, the wireless AP uses a 360-dispersed RF wave design. After installed, the signal between the two systems is weak as many obstacles interfere with the signal. Which of the following strategies could you try to increase signal strength?

Replace the Omni-directional antenna with a directional antenna

A user from the Sales department calls to report that he is experiencing problems connecting to the Sales file server. All users in the Sales department connect to the Sales server through a single Ethernet switch. No other users have reported problems connecting to the Sales server. Which of the following troubleshooting actions are you most likely to perform first?

Replace the network card in the user's computer

Which of the following topologies connects each device to a neighboring device? Bus Tree Ring Star

Ring Explanation In ring topologies, each device is connected to a neighboring device, until a ring is formed.

In which of the following topologies does each device on the network act as a repeater, sending the signal to the next device? Bus Tree Star Ring

Ring Explanation In ring topologies, each device on the network acts as a repeater to send the signal to the next device.

Which of the following hardware devices links multiple networks and directs traffic between networks? Repeater Router Bridge Hub

Router Explanation A router is a device that links multiple networks and directs traffic between networks. Each network linked by routers has its own unique identifier called the "network number" or"network address."

In the OSI model, what is the primary function of the Network layer? Transmits data frames Ensures that packets are delivered with no loss or duplication Routes messages between networks Allows applications to establish, use, and end a connection

Routes messages between networks Explanation The Network layer is responsible for routing messages between networks.

You have a Windows Server 2012 system that you want to use as a DHCP Relay Agent. Which Windows Server 2012 service would you sue to do this?

Routing and Remote Access

Because of an unexplained network slowdown on your network, you decide to install monitoring software on several key network hosts to locate the problem. You will then collect and analyze data from a central network host. What protocol will the software use to detect the problem?

SNMP

Which protocol uses traps to send notifications from network devices?

SNMP

Which protocol does HTTPS use to offer greater security in Web transactions?

SSL

You are purchasing a hard disk over the Internet from an online retailer. What does your browser use to ensure that others cannot see your credit card number on the Internet?

SSL

Facilitates redundant Links between segments connected with a layer 2 switch.

STP (Spanning Tree Protocol)

An 8-port switch receives a frame on port number 1. The frame is addressed to an unknown device. What will the switch do? Send the frame out the destination port. Drop the frame. Send the frame out ports 2-8. Send the frame out all 8 ports.

Send the frame out ports 2-8. Explanation Because the switch does not know the port that is used to reach the destination device, it will send the frame out all ports except for the port on which the frame was received. After the switch learns the port that is used to reach the destination device, it will send the frame out only that port.

One of the components of Simple Network Management Protocol (SNMP) is an alert. Which of the following best describes an SNMP alert?

Sends a message via email or SMS when an event occurs

One of the components of Simple Network Management Protocol (SNMP) is an alert. Which of the following best describes an SNMP alert?

Sends a message via email or SMS when an event occurs.

Which of the following connectors is typically used on one end of a rollover cable? ST BNC F-type Serial LC SC

Serial Explanation A rollover cable has a serial connector on one end and an RJ45 connector on the other end. Alternatively, it might have an RJ45 connector on both ends, and a serial converter is used to convert from the RJ45 connector to a serial connector. BNC and F-type connectors are used with coaxial cables. ST, SC, and LC connectors are used with fiber optic cables.

You use Cat5e twisted pair cable on your network. cables are routed through walls and the ceiling. a user puts a screw in the wall to hang a picture and pierces the cable such that a signal sent on pin 1 arrives on the cable connected to pin 7. What term describes this condition?

Short circuit is when electrical signals take a different path other than the intended path.

Which type of social engineering attack uses peer pressure to persuade someone to help an attacker?

Social validation

NAT

Solution which hides the internal IP addresses by modifying IP address information in IP packet headers while in transit across a traffic routing device

APC UPC

Solutions used for controlling the light signal at a termination point of a fiber-optic connection.

Partical Mesh

Some nodes are organized in a full mesh scheme but others are only connected to one or two in the network.

Which of the following features are common functions of an all-in-one security appliance?

Spam filtering Bandwidth shaping

Snips

Specialized tool used for evening out wire ends.

You are configuring the DHCP Relay Agent role service on a Windows server. Which of the following is a required step for the configuration?

Specify which server network interface the agent listens on for DHCP messages.

One method of preventing routing loops is to not send information about a route back to the router from which the information came. What is this technique called?

Split horizon Split horizon is a technique used by distance vector routing protocols that prevents routing loops by making sure that a router cannot send network information backwards. If Router1 receives routing information from Router2, it cannot send that same information back to Router2.

Traffic gets routed between switches or bridges and without reaching destination

Switch or Bridge loops

1.544 Mbps

T1 lines support data transfer rates of up to this speed.

What encryption method is used by WPA for wireless networks?

TKIP

Multiple Input / Multiple Output (MIMO) is a wireless technology that allows for significant increase in data throughput due to the use of multiple antennas and multiple data streams. True False

TRUE

SONET

Term which refers to an international standard for high-speed data communications over fiber-optic media.

What is the primary purpose of penetration testing?

Test the effectiveness of your security perimeter

You have recently experienced a security incident with one of your servers. After some research, you determine that hotfix #568994 that has recently been released would have protected the server. Which of the ff. recommendations should you follow when applying the hotfix?

Test the hotfix, then apply it to all servers.

You are a network administrator for your company. A user calls and tells you that after stepping on the network cable in her office, that she can no longer access the network. You go to the office and see that one of the user's stiletto heels has broken and exposed some of the wires in the Cat 5 network cable. You make another cable and attach it from the wall plate to the user's computer. What should you do next in your troubleshooting strategy?

Test the solution.

True

The Category 6 (CAT6) cabling supports a 10 Gbps data transfer rate at a limited range of 33-55 meters, whereas CAT6A (Augmented) cabling allows for 10 Gbps data transfer rate over a cable segment length of 100 meters.

You administer a Web server on your network. The computer has multiple IP addresses. They are 192.168.23.8 to 192.168.23.17. The name of the computer is www.westsim.com. You configured the Web site as follows: • IP address: 192.168.23.8 • HTTP Port: 1030 • SSL Port: 443 Users complain that they can't connect to the Web site when they type www.westsim.com. What is the most likely source of the problem?

The HTTP port should be changed to 80.

WiMAX

The IEEE 802.16 standards defining high-speed, long-distance wireless communication are also commonly referred to as this.

WiMAX

The IEEE 802.16 standards defining high-speed, long-distance wireless communication are also commonly referred to as:

Higher level of security Easier administration Improved performance

The advantages of the client-server model over peer-to-peer networking model

192.168.63.255

The broadcast address for the 192.168.50.155/20 network

Which of the following is true about single mode fiber optic network cabling? It's less expensive than multimode fiber optic cabling. The central core is smaller than that of multimode fiber optic cabling. The central core is composed of braided plastic or glass fibers. It doesn't support segment lengths as long as that supported by multimode fiber optic cabling. It transmits multiple rays of light concurrently.

The central core is smaller than that of multimode fiber optic cabling. Explanation Single mode fiber optic cabling transmits a single ray (or mode) of light through glass or plastic fiber. It supports longer transmission distances than multimode fiber optic cable and is also more expensive. It also has a central core that is much smaller than that of multimode fiber optic cabling.

A user on your network has been moved to another office down the hall. after the move she calls you complaining that she has only occasional network access through her wireless connection. Which of the following is most likely the cause of the problem?

The client system has moved to far away from the access point.

A user on your network has been moved to another office down the hall. After the move she calls you complaining that she has only occasional network access through her wireless connection. Which of the following is most likely the cause of the problem?

The client system has moved too far away from the access point.

255.0.0.0

The default (classful) subnet mask for a class A network

255.255.255.0

The default (classful) subnet mask for a class C network

T568A/T568B

The two color codes used for wiring eight-position RJ45 modular plugs.

Broadband cable

The use of cable modems within a standard cable television infrastructure for Internet access is commonly referred to as:

Broadband cable

The use of cable modems within a standard cable television infrastructure for Internet access.

MIMO

The use of this is the characteristic feature of the Evolved High-Speed Packet Access (HSPA+) standard.

What device sends signals from a computer onto a network? Router Transceiver Cable Gateway

Transceiver Explanation A transceiver (short for transmitter/receiver) sends signals to and receives signals from the network. It translates the parallel data stream of the computer to the serial data stream of the network and vice versa. Most transceivers are now built into network interface cards (NICs).

Which electrical devices is used to convert the voltage of an alternating current (AC) from the utilities company's transmission lines to 110 volts that can be used by devices in the data center?

Transformers

Broadcast

Transmission type which would be used to reach a networked host with unknown address

Match each Wi-Fi jamming attack on the left with its corresponding description on the right.

Transmits radio signals at random amplitudes and frequencies ===> Random noise jamming Transmits pulses of radio signals at random amplitudes and frequencies ===> Random pulse jamming Repeatedly transmits high-intensity, short-duration RF bursts at a rapid pace ===> Spark jamming

A hybrid network topology is a combination of several physical topologies. True False

True

APIPA-assigned addresses are valid only for communications within a network segment that a given host is connected to (a host with APIPA-assigned address cannot connect to the Internet). True False

True

An Ethernet crossover cable uses T568A pin/pair assignment on one end and T568B pin/pair assignment on the opposite end. True False

True

True or false A device that apart from the function of an ordinary network switch can also provide additional functions at higher levels of the OSI reference model is known as a multilayer switch.

True

True or false Materials from which the plenum-rated cable's cover is made include low-smoke polyvinyl chloride (PVC) and fluorinated ethylene polymer (FEP).

True

True or false One of the differences between the UTP and STP cabling is that STP cable takes advantage of additional protective cover reducing signal interference from outside sources.

True

Which of the following answers refers to Generic Routing Encapsulation (GRE)?

Tunneling Protocol

Which of the following answers refers to Generic Routing Encapsulation (GRE)?

Tunneling protocol

Which of the following answers refers to Generic Routing Encapsulation (GRE)? Tunneling protocol IEEE 802.1Q VLAN Trunking Protocol (VTP) Address Resolution Protocol (ARP)

Tunneling protocol

What is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment but which actively prevents re-entrance through the exit portal?

Turnstiles

CAT5e

Twisted-pair copper cabling that is most commonly used in modern Ethernet networks.

Crossover cable

Type of Ethernet cable used for establishing a direct communication link between two PCs.

Bus

Type of network topology in which the main network cable becomes a single point of failure

Which of the following are characteristics of VDSL? (Select Two)

Unequal download and upload speeds Supports both data and voice at the same time

You've been asked by upper management if there is a way to integrate phone calls, emails, and instant messaging into a single platform. Which of the following systems should you recommend to them?

Unified communication

An IP PBX system is an example of:

Unified voice services

An IP PBX system is an example of: UTM appliance Peer-to-Peer (P2P) architecture Unified voice services Reverse proxy

Unified voice services

While configuring a new 802.11g wireless network, you discover another wireless network within range that uses the same channel ID that you intend to use. Which of the following strategies are you most likely to adopt in order to avoid a conflict between the networks?

Use a different Channel ID.

Switch ports MAC-address-to-VLAN mapping

VLAN membership can be configured through these

You have just received a generic-looking email that is addressed as coming from the administrator of your company. The email says that as part of a system upgrade, you are to go to a website and enter your username and password at a new website so you can manage your email and spam using the new service. What should you do?

Verify that the email was sent by the administrator and that this new service is legitimate

Which of the following statements about virtual NICs are true?

Virtual NICs need the appropriate driver installed to function. Multiple virtual NICs can be added to a virtual machine.

You have configured a virtual network that includes the following virtual components: *Four virtual machines (Virtual OS 1, Virtual OS 2, etc.) *One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Give the port configuration for the virtual switch and the physical switch in the table below, click on on all of the virtual and physical machines Virtual OS 1 can communicate with. Virtual Switch - P1 - Virtual OS 1- Virtual Network1 P2 - Virtual OS 2 - Virtual Network2 P3 - Virtual OS 3 - Virtual Network1 P4 - Virtual OS 4 - Virtual Network2 P5 - Virtual Switch - Virtual Network1, Physical Network Physical Switch P1 - Physical Switch - Physical Network P2 - Physica OS1 - Physical Network P3 - Physica OS2 - Physical Network P4 - Physica OS3 - Physical Network P5 - Physica OS4 - Physical Network

Virtual OS 3 Physical OS 1 Physical OS 2 Physical OS 3 Physical OS 4

You need to provide DHCP and file sharing services to a physical network. These services should be deployed using virtualization. Which type of virtualization should you implement?

Virtual servers.

Which of the following answers lists an example method for passive test of security controls? Tabletop exercises Pentest Vulnerability scan War chalking

Vulnerability scan

What is the main difference between vulnerability scanning and penetration testing?

Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.

A type of network covering large geographic areas is commonly referred to as:

WAN

Daily backups are done at the ABD company location and only a weekly backup is maintained at another network location. Which of the following disaster recovery strategies is ABD using?

Warm Site

Authorization

Which of the answers listed below refers to the process of granting or denying access to resources?

Analog modem

Which of the devices listed below allows for establishing a communication channel over a PSTN?

Dial-up

Which of the following Internet access types takes advantage of the traditional PSTN lines?

IDS vs. IPS

Which of the following answers illustrates the difference between passive and active security breach response?

2.048 Mbps

Which of the following answers less the maximum data transfer rate of an E1 connection?

CWDM DWDM

Which of the following answers refer(S) to the multiplexing method(s) used I. Fiber-optic communication?

CDMA, GSM, LTE

Which of the following answers referred to cellular technology is used in mobile networks? (Select 3 answers)

Tunneling protocol

Which of the following answers refers to Generic Routing Encapsulation (GRE)?

Switch

Which of the following answers refers to a data link layer device designed to forward data packets between LAN segments?

VPN concentrator

Which of the following answers refers to a dedicated device for managing encrypted connections established over an untrusted network, such as the Internet?

PPP

Which of the following answers refers to a method for establishing a dedicated point-to-point link between two network devices?

Firewall

Which of the following answers refers to a software or hardware that monitors network traffic and depending on the configuration settings applied to each data packet either blocks it or allows it to pass through?

SONET

Which of the following answers refers to an international standard for high-speed data communications over fiber-optic media?

ISDN

Which of the following solutions allows for simultaneous digital transmission of voice, video, Data, and other network services over a PSTN?

IPsec, GRE, SSL/TLS, PPTP

Which of the following solutions are used for implementing VPNs? (Select all that apply)

RADIUS, TACACS+

Which of the following solutions provide(s) the AAA functionality? (Select all that apply)

Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.

White box test The tester has detailed information about the target system prior to starting the test. Grey Box test The tester has the same about of information that would be available to a typical insider in the organization. Black box test The tester has no prior knowledge of the target system. Single blind test Either the attacker has prior knowledge about the target system, or the administrator knows that the test is being performed. Double blind test The tester does not have prior information about the system and the administrator has no knowledge that the test is being performed

Penetration test performed by an authorized professional with the full prior knowledge on how the system that is to be tested works is called: Black hat White box testing Fuzz testing Black box testing

White box testing Is a method of testing software that tests internal structures or workings of an application, as opposed to its functionality

You want to use the T568B standard for adding connectors to your Cat5 cable. Starting with pin 1, which order should you use for the wires within the connector? White/blue, blue, white/orange, orange, white/green, green, white/brown, brown White/orange, orange, white/green, blue, white/blue, green, white/brown, brown White/orange, orange, white/green, green, white/blue, blue, white/brown, brown White/green, green, white/orange, blue, white/blue, orange, white/brown, brown

White/orange, orange, white/green, blue, white/blue, green, white/brown, brown Explanation The T568B standard uses the following order of wires in the connector: White/orange, orange, white/green, blue, white/blue, green, white/brown, brown. The T568A standard switches the green and orange wires (along with their corresponding white wires). Use the order Blue-Orange-Green-Brown (BLOG), with the white wire first, for connecting wires on a 110 punchdown block.

In which of the following situations might you use an RJ11 connector? You want to connect the 10BaseT network card in your computer to a switch. You want to connect your computer to the Internet with a dialup connection. You want to upgrade your 10BaseT network to 100BaseT. You want to test a network cable to see if there is a break in the line.

You want to connect your computer to the Internet with a dialup connection. Explanation RJ11 connectors are typically used for telephones and modems.

Your computer is sharing information with remote computer using the TCP/IP protocol. Suddenly, the connection stops working and appears to hang. Which command can you use to check the connection?

netstat checks the status of a TCP connection

What shows you the computer's route table?

netstat-r

A network connected using a physical bus topology. One of the cables connecting a workstation to the bus breaks. what happens to communications?

no devices will be able to communicate

Examine the following output. Reply from 64.78.193.84: bytes=32 time=86ms TTL=115 Reply from 64.78.193.84: bytes=32 time=43ms TTL=115 Reply from 64.78.193.84: bytes=32 time=44ms TTL=115 Reply from 64.78.193.84: bytes=32 time=47ms TTL=115 Reply from 64.78.193.84: bytes=32 time=44ms TTL=115 Reply from 64.78.193.84: bytes=32 time=44ms TTL=115 Reply from 64.78.193.84: bytes=32 time=73ms TTL=115 Reply from 64.78.193.84: bytes=32 time=46ms TTL=115 Which of the following utilities produced this output?

ping The output shown was produced by the ping utility. Specifically, the information output was created using theping -t command. The -t switch causes packets to be sent to the remote host continuously until stopped manually. ping is a useful tool for testing connectivity between devices on a network. Using the -t switch with ping can be useful in determining whether the network is congested, as such a condition will cause sporadic failures in the ping stream. tracert is similar to ping in that it tests connectivity between two hosts on the network. The difference is that tracert reports information on all intermediate devices between the host system and the target system. ping, on the other hand, does not report information on intermediate devices.

Which of the following commands would display the output shown here? Route Table ========================================== Interface List 0x1 . . . . . . . . . . . . . . MS TCP Loopback interface 0x2 . . .00 10 4b . . . 3 Com 3C90x Ethernet Adapter ========================================== ========================================== Active Routes:

route print Use the route print or netstat -r commands to display the contents of the routing table.

you are troubleshooting access to a server in a remote network. You use the tracert command and see the following: Tracing route to 192.168.2.250 over a maximum of 30 hops 1 2 ms 2 ms 2 ms 192.168.12.11 2 2 ms 2 ms 2 ms 192.168.11.1 3 5 ms 5 ms 3 ms 192.168.10.15 4 2 ms 2 ms 2 ms 192.168.9.1 5 2 ms 2 ms 2 ms 192.168.11.1 6 2ms 2 ms 2 ms 192.168.10.15 7 5ms 5 ms 3 ms 192.168.9.1

routing loop

While working on a Linux server, you are unable to connect to Windows Server 2003 system across the Internet. You are able to ping the default gateway on your own network, so you suspect that the problem lies outside of the local network. Which utility would you use to track the route a packet takes as it crosses the network?

traceroute traceroute is a Linux utility that allows you to track the route of a packet as it traverses the network. The traceroute utility is used on Linux systems, while tracert is used on Windows systems.

Which TCP/IP utility gives you the following output? 2 14 ms <10 ms 14 ms Loopback0.GW1.ALTER.NET [137.39.2.123] 3 14 ms <10 ms 13 ms 122.at.-6-0.SLT4.ALTER.NET [152.63.91.86] 4 <10 ms 14 ms 10 ms 0.so.-0-1-0.ALTER.NET [152.63.1.210]

tracert The exhibit shows a few lines from the tracert command, which shows you each host a packet must pass through to reach its destination.

Examine the following output: 4 22 ms 21 ms 22 ms sttlwa01gr02.bb.ispxy.com [154.11.10.62] 5 39 ms 39 ms 65 ms plalca01gr00.bb.ispxy.com [154.11.12.11] 6 39 ms 39 ms 39 ms Rwest.plalca01gr00.bb.ispxy.com [154.11.3.14] 7 40 ms 39 ms 46 ms svl-core-03.inet.ispxy.net [205.171.205.29] 8 75 ms 117 ms 63 ms dia-core-01.inet.ispxy.net [205.171.142.1] Which of these commands produced this output?

tracert The output is from a tracert command run on a Windows Server 2003 system. The tracert command provides information on each step in the route a packet takes to reach a remote host. Responses from each hop on the route are measured three times to provide an accurate representation of how long the packet takes to reach, and be returned by that host. This information can be useful in locating congestion points on a network, or when verifying that network routing is operating as expected.

You are the network administrator of a branch office of your company. The branch office network is part of a WAN that covers most of the United States. The office has two Windows 2000 servers, two UNIX servers, one Windows NT server, 90 Windows 98 clients, 40 Windows 2000 Professional clients, and five Macintosh clients. Users have been complaining that they are unable to access resources over the WAN at the main headquarters. You suspect that one of the routers between your office and the main headquarters is not working properly. What TCP/IP utility can you use to see if a router is not working properly?

tracert tracert shows you the series of routers that are used between the source and destination computers. If a router is not functioning, tracert can help you find which router is not working by showing you the last router it was successfully able to contact.

Static Network Address Translation (SNAT) provides a mapping between private IP address and any of the IP addresses belonging to the available public IP address pool.

False

during a network infrastructure upgrade, you have replaced two 10 Mbps hubs with switches and upgraded from Category 3 UTP cable to CAT5e during the process, you accidentally cut the Cat 5e patch cable that stretches from the network printer to the upgraded switch. What is the impact

all network nodes, with the exception of the printer, will be available

OC-1

51.84 Mbps

You want to protect the authentication credentials you use to connect to the LAB server in your network by copying them to a USB drive. What option would you hit?

back up credentials

KWalletManger is a Linux based credential management system that stores encrypted account credentials for network resources. Which encryption methods can KWalletManager use to secure account credentials?(Two)

blowfish & GPG

Consider the 850 nm multimode fiber optic cable shown below. How much loss can you expect between the transmitter and the receiver?

-1.2 dB

At what percent is packet loss noticeable in voice traffic?

1%

You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use? -Circuit-level -Packet filtering -Application level -VPN concentrator

-Circuit-level

What does an IDS that uses signature recognition use for identifying attacks? -Statistical analysis to find unusual deviations -Comparison of current statistics to past statistics -Comparison to a database of known attacks -Exceeding threshold values

-Comparison to database of know attacks

Which of the following is included in an operations penetration test? (select three)

1. Looking through discarded papers or media for sensitive information 2.Eavesdropping or obtaining sensitive information from items that are not properly stored 3.Acting as an imposter with the intent to gain access or information

OC-24

1.244 Gbps

OC-192

10 Gbps

What is the first valid host address for a node residing in the 10.119.136.143/20 network? 10.119.96.1 10.119.128.1 10.119.132.1 10.119.136.1

10.119.128.1

What is the typical cable segment length for a copper twisted-pair Ethernet cable? 33 meters 55 meters 100 meters 250 meters

100 meters

OC-48

2.488 Gbps

OC-768

40 Gbps

Port-based network access control

802.1X is an IEEE standard for implementing this

Which of the DNS database records listed below returns a 32-bit IPv4 address?

A

Category 3 (CAT3) cable

A 10 Mbps twisted-pair copper cable used in telephone wiring.

Medianet

A Cisco network architecture designed to improve the performance of video and rich-media applications

what is a broadcast storm?

A broadcast storm occurs when there are so many broadcast messages on the network that they approach or exceed the network bandwidth.

Which of the ff. are requirements to deploy Kerberos on a network? (Select two.)

A centralized database of users and password, Time synchronization between devices

MAN

A computer network connecting multiple LANs over an area of a city or campus

WAN

A computer network connecting multiple smaller networks over very large geographical areas

device driver

A computer program/code that provides software interface to hardware devices enabling operating systems and other computer programs to interact with the device

RJ-45

A connector commonly seen withEthernet cables and networks

DB-9/DE-9

A connector with ether 9 pins or 9 holes. Used for peripheral devices, PCs and Servers.

"Metro-Ethernet"

A general term for a computer network larger than a Local Area Network (LAN) and based on Ethernet standards.

Autonomous System Number (ASN)

A globally unique number allocated for a collection of networked systems that operate common routing protocols and are under control of a single administrative authority.

Fibre Channel (FC)

A high-speed network technology primarily used to connect computer data storage

In virtualization, what is the role of a hypervisor?

A hypervisor allows virtual machines to interact with the hardware without going through the host operating system.

what is mutual authentication?

A process by which each party in an online communication verifies the identity of the other party

Jumbo frame

A single non-standard Ethernet frame that allows for larger maximum payload size

While viewing the status of the interfaces on a Cisco switch, you see an abnormally large number of CRC errors on one interface. This interface is connected to a user's workstation located in a cubicle on the 2nd floor. What could be causing this to happen?

A strong EMI emitter near the cable run connected to that interface.

FE80::2AA:0:4C00:FE9A

A valid address of FE80:0000:0000:0000:02AA:0000:4C00:FE9A after compression

What is the main difference between a worm and a virus?

A worm can replicate itself and does not need a host for distribution.

You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the following components will be part of your design? (Select two.)

AES encryption 802.1x

IPSec is implemented through two separate protocols. What are these protocols called?

AH and ESP

While browsing the Internet, you notice that the browser displays ads that are targeted towards recent keyword searches you have performed. What is this an example of?

Adware

True

An Ethernet crossover cable uses T568A pin/pair assignment on one end and T568B pin/pair assignment on the opposite end.

Which of the following best describes the Ping of Death exploit?

An ICMP packet larger than 65,536 bytes.

Unified voice services

An IP PBX system is an example of:

BGP

An example of a hybrid routing protocol

Access Point

An infrastructure device designed for connecting wireless/wired client devices to a network is commonly referred to as:

Which of the ff. measures are you most likely to implement to protect against a worm or Trojan horse?

Anti-virus software

Which of the ff. statements about the use of anti-virus software is correct?

Anti-virus software be configured to download update virus definition files as soon as they become available.

You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem?

Application log.

What is another name for a logic bomb?

Asynchronous attack

What is the primary countermeasure to social engineering?

Awareness

What tool should you use to extend network services beyond the demarc? A Tone generator B Punchdown tool C Crimper D Media certifier

B Punchdown tool

A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computers represent?

Botnet

In which type of network topology the main network cable becomes a single point of failure? Star Full mesh Bus Partial mesh

Bus

The phone line to one office is not working. You have identified the location of the phone line in a 66 block in the wiring closet. what tool do you use to connect to the phone line at the punchdown block to see if yuo can make and receive calls?

Butt set

Penetration testing: (Select all that apply) Bypasses security controls Only identifies lack of security controls Actively tests security controls Exploits vulnerabilities Passively tests security controls

Bypasses security controls Actively tests security controls Exploits vulnerabilities

Which of the following uses metal clips placed over plastic slots for connecting individual copper wires? A 25 pair B 100 pair C 110 block D 66 block

C 110 block

What is the minimum cabling requirement for a 10GBASE-T network? CAT5 CAT5e CAT6 CAT6A

CAT6

Which remote access authentication protocol periodically and transparently re-authenticates during logon session by default

CHAP

Which of the following services are available regardless of whether the telephone company network is available?

Cable modem

Which of the following cable types often includes a solid plastic core? Cat 3 Cat 6 Cat 5e Cat 5

Cat 6 Explanation Cat 6 cables include a solid plastic core that keeps the twisted pairs separated and prevents the cable from being bent too tightly.

When designing a firewall, what is the recommended approach for opening and closing ports?

Close all ports; open only ports required by applications inside the DMZ.

Which of the following is not a reason to use subnets on a network?

Combine different media type on to the same subnet.

Match each wireless term or concept on the left with its associated description on the right. Each term may be used more than once; not all descriptions have a matching term.

Compares the level of the WiFi signal to the level of background radio signals. ==> Signal to Noise Ratio Checks channel utilization and identifies sources of RF inference. ==> Spectrum analysis Identifies how strong a radio signal is at the receiver. ==> Received Signal Level Identifies the number of useful bits delivered from the sender to the receiver. ==> Leave Blank Causes multiple copies of the same radio signal to be received by the receiving antenna. ==> Bounce Degrades wireless network performance. ==> Device saturation

What type of Ethernet cable would be used for establishing a direct communication link between two PCs? Patch cable Crossover cable Rollover cable Straight-through cable

Crossover cable

Of the following cables, which offer the best protection against EMI? A Cat 5e B Cat 6e C cat 5 D RG-6

D RG-6

Upon running a security audit in your organization, you discover that several sales employees are using the same domain user account to log in and update the company's customer database. Which action should you take? (2)

Delete the account that the sales employees are currently using. Train some employees to use their own accounts to update the customer database

Which of the following information are you likely to find in a procedure document?

Details on how to test and deploy patches.

When securing a newly deployed server, which of the ff. rules of thumb should be followed?

Determine the unneeded services and their dependencies before altering the system.

Which of the following routing protocols is classified as a balanced hybrid routing protocol? EIGRP OSPF ISIS RIP

EIGRP Explanation EIGRP is a hybrid routing protocol developed by Cisco for routing within an AS. RIP is a distance vector protocol, while OSPF and ISIS are link state protocols.

You are troubleshooting a client connectivity problem on an Ethernet network. The client system has intermittent connectivity to the network. You discover that the UTP patch cable is run 75 feet from the wall outlet, passes though the ceiling and over several florescent light fixtures before reaching the client system. Which of the following may be a cause of the connectivity problem?

EMI interference

You have a cable Internet connection at home. The installer had connected the router near the outside wall of your house with RG-6 cable. You move the cable router a distance of 50 meters using RG-8 cables and special connector adapters. Which condition are you most likely to experience?

Echo

Which of the following describes an IPv6 address? (Select two.)

Eight hexadecimal quartets 128bit address

Which of the following terms is used as a synonym for a rogue Access Point (AP)? Trojan horse Evil twin Backdoor Computer worm

Evil twin Is a fraudulent Wi-Fi access point that appears to be legitimate, set up to eavesdrop on wireless communications. The evil twin is the wireless LAN equivalent of the phishing scam.

IPv6 auto-configuration

Example application of EUI-64

The Internet

Example of a large public WAN

Leased line

Example of point-to-point network topology

Which of the following is a privately controlled portion of a network that is accessible to some specific external entities?

Extranet

The advantages of multimode fiber-optic cabling over single-mode cabling include data transfer rates over longer distances, higher speed, and lower cost. True False

False

What type of virtualization completely simulates a real physical host?

Full Virtualization

For users who are member of the Sales Team, you want to force their computers to use a specific desktop background and remove access to administrative tools from the Start menu. Which solution should you use?

Group Policy

Which of the following protocols uses port 443?

HTTPS

Which of the following is a common form of social engineering attack?

Hoax virus information e-mails

The disadvantage from using this device results from the fact that any incoming signal on any of its ports is re-created and sent out on any connected ports which has a negative impact on network performance.

Hub

A workstation is connected to a switch on the Gi 0/2 interface using a straight-through cable. The Ethernet interface in the workstation has been manually configured to use a 100 Mbps link speed in full-duplex mode. Which of the following are true in this scenario? (Select three.)

If the link speed is 10 Mbps or 100 Mbps, half-duplex is used. The switch attempts to sense the link speed. If it can't, the slowest link speed. supported on the interface is selected. If the link speed is 1000 Mbps or faster, full-duplex is used.

T568A on both ends T568B on both ends

Termination used to create a straight-through Ethernet cable.

What do you use to look up the IP address for a linux server?

Ifconfig

you are troubleshooting a connectivity problem on a linux server. You are able to connect to another system on the local network, but are not able to connect to a server on the remote network. You suspect that the default gateway information for the system may be configured incorrectly. Which of the following commands would you use to view the default gateway information on the Linux server?

Ifconfig

Which of the following are advantages of using fiber optic cabling for a network, as opposed to other types of cabling? (Select two.) Immunity to electromagnetic interference Lower installation cost Greater cable distances without a repeater Faster installation

Immunity to electromagnetic interference Greater cable distances without a repeater Explanation Compared to other types of cabling, fiber optic cabling allows greater cable distances without a repeater and is immune to electromagnetic interference. However, installation costs more and takes longer.

Which of the following is not a form of social engineering?

Impersonating a user by logging on with stolen credentials

Your organization has recently purchases 20 tablets devices for the Human Resources department to use for training sessions. You are concerned that these devices could represent a security risk to your network and want to strengthen their security profile as much as possible. Which actions should you take? (select 2)

Implement storage implementation. Enable device encryption.

You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?

Implement version 3 of SNMP

You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration.

Implement version 3 of SNMP.

Class A address space

In IPv4 addressing, the leading octet of an IP address with a value of 1 through 126 denotes that the IP address within that range belongs to this.

Class C address space

In IPv4 addressing, the leading octet of an IP address with a value of 192 through 223 denotes that the IP address within that range belongs to this

True

In dynamic VLAN configuration, a device connecting to a certain switch port does not automatically become a member of the VLAN assigned to that port.

Which of the following answers lists an example of a protocol used for implementing control over multiple Access Points (APs)?

LWAPP

Hop count

In routing, a rough measure of distance between two networked hosts

True

In terms of size and reach, a Metropolitan Area Network (MAN) can be placed between a LAN (smaller type of network) and a WAN (larger type of network).

True

In terms of size and reach, a metropolitan area network (Man) can be placed between a LAN (smaller type of network) and a WAN (larger type of network).

Accounting

In the AAA security architecture, the process of tracking accessed services as well as the amount of consumed resources is called:

Which of the following are true concerning the Virtual Desktop Infrastructure (VDI)? (Select two.)

In the event of a widespread malware infection, the administrator can quickly reimage all user desktops on a few central servers. User desktop environments are centrally hosted on servers instead of on individual desktop systems.

You need to place a wireless access point in your two story building. While trying to avoid interference, which of the following is the best location for the access point?

In the top floor

You need to place a wireless access point in your twostory building. While trying avoid interference, which of the following is the best location for the access point?

In the top floor

You have decided to perform a double blind penetration test. Which of the following actions would you perform first?

Inform senior management

Which of the following CCTV types would you use in areas with little or no lights?

Infrared

IEEE

Institute of Electrical and Electronics Engineers

Hybrid Cloud

Integrates one cloud service with other cloud services

Exchange routing information with autonomous networks

Interior Gateway Protocol (IGP)

An infrastructure device designed for connecting wireless/wired client devices to a network is commonly referred to as:

Intermediate Distribution Frame (IDF)

Dial-up

Internet access type which takes advantage of the traditional PSTN lines.

You want to be able to view the DNS server address that a computer is using. Which of the following utilities would you use

Ipconfig windows ifconfig linux

Which of the ff. best describes spyware?

It monitors the actions you take on your machine and sends the information back to its originating source.

Your company uses VoIP for phone calls. Recently, employees have been complaining about phone calls with unusual sound effects. Which type of problem is occurring on the VoIP system?

Jitter

When should a hardware device be replaced in order to minimize downtime?

Just before it's MTBF is reached

IP to MAC

Kind of resolution provided by Address Resolution Protocol (ARP)

Which of the ff. authentication mechanisms is designed to protect a 9-character password from attacks by hashing the first seven characters into a single hash and then hashing the remaining two characters into another separate hash?

LANMAN

Which of the following cellular types use MIMO to increase 3G data throughput? (Select two.)

LTE HSPA+

At which of the following OSI layers does a router operate?

Layer 3

You are troubleshooting an IP addressing issue, and so issue a command to view the TCP/IP configuration of the system. The command you use produces the following output: fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet6 fe80::2a0:83ff:fe30:57a%fxp0 prefixlen 64 scopeid 0x1 inet 192.168.1.235 netmask 0xfffffc00 broadcast 255.255.255.255 ether 00:a0:83:30:05:7a media: Ethernet autoselect (100baseTX ) status: active lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7 inet 127.0.0.1 netmask 0xff000000 Which of the following operating systems are you working on?

Linux The output shown is from the ifconfig command run on a Linux system. The equivalent command on Windows 98, Windows 2000, and Windows Server 2003 is ipconfig.

A network device designed for managing the optimal distribution of workloads across multiple computing resources is called:

Load balancer

You have a Web server on your network that hosts the public Web site for your company. You want to make sure that the Web site will continue to be available if a NIC, hard drive, or other problem prevents the server from responding. Which solution should you implement?

Load balancing

The UDP transport protocol provides which of the following features? (Select all that apply.) Guaranteed delivery Low overhead Sequence numbers and acknowledgements Connectionless datagram services

Low overhead Connectionless datagram services Explanation UDP is a connectionless protocol used by applications that need low overhead and do not require guaranteed delivery.

Which of the following do switches and wireless access points use to control access through the device?

MAC Filtering

Disabling SSID broadcast: Is one of the measures used in securing wireless networks Makes a WLAN harder to discover Blocks access to a WAP Prevents wireless clients from accessing the network

Makes a WLAN harder to discover

What is war chalking? Manipulating a user into disclosing confidential information Finding unsecured wireless networks Gaining unauthorized access to restricted areas by following another person Marking unsecured wireless networks

Marking unsecured wireless networks

True

Materials from which the plenum-rated cable's cover is made include low-smoke polyvinyl chloride (PVC) and fluorinated ethylene polymer (FEP).

PPP

Method for establishing a dedicated point-to-point link between two networked devices.

MTU

Metric which describes the largest allowable data unit that can be transmitted across the network

You connect a packet sniffer to a switch to monitor frames on your local area network. However, the packet sniffer is only able to see broadcast frames and frames addressed specifically to the host device. Which feature should you enable on the switch so you can see frames from all devices connected to the switch?

Mirroring.

Most, mobile device management (MDM) systems can be configured to track the physical location of enrolled mobile devices. Arrange the location technology on the left in order of accuracy on the right, from most accurate to least accurate

Most accurate GPS More accurate Wi-Fi triangulation Less accurate Cell phone tower triangulation least accurate IP address resolution

IEEE 802.11

Most modern WLANs are based on this.

Which of the following functions are performed at the Physical layer of the OSI model? Data translation Movement of data across network cables Conversation identification Enablement of network services Provision of an environment in which to run network applications

Movement of data across network cables Explanation The Physical layer is concerned with how to transmit data and how to connect network hosts.

Device that can prioritize traffic based on QoS

Multilayered Switch

You want to measure the voltage, amps, and ohms of various devices. Which tool should you use?

Multimeter

You want to measure the voltage, amps, and ohms of various devices. what do you use?

Multimeter is a device for testing various electrical properties.

Which of the following answers list the characteristic features of the 192.168.0.0 - 192.168.255.255 IP address space? (Select 2 answers) Class A range Public IP address range Class B range Non-routable (private) IP address range Class C range

Non-routable (private) IP address range Class C range

You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?

On a RADIUS server

Your 24U rack currently houses two 4U server systems. To prevent overheating, yo've installed a rock-mounted environment monitoring device within the rack. Currently, the device shows the temp within the rack to be 79 degrees. what should you do?

Nothing, the temperature within the rack is within acceptable limits

You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?

On a RADIUS server

You are working with an existing fiber optic installation in your building. You want to know how long each length of cable is that runs through walls. Which tool do you use?

OTDR Optical Time domain reflector

What is the primary difference between impersonation and masquerading?

One is more active, the other is more passive

Vulnerability scanning: (Select all that apply) Only identifies lack of security controls Actively tests security controls Exploits vulnerabilities Passively tests security controls

Only identifies lack of security controls Passively tests security controls

In half-duplex communication, transmission takes place

Only in one direction at a time

Multimode Fiber

Optical fiber that is designed to carry multiple light rays or modes concurrently, over short distances

You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which type of camera should you choose?

PTZ

You have implemented a network where each device provides shared files with all other devices on the network. What type of network do you have?

Peer-to-peer

Which of the following uses hacking techniques to proactively discover internal vulnerabilities?

Penetration testing

Network signaling is a function of which layer of the OSI model?

Physical layer

Which of the following features is used with digital IP phones to supply power through a switch port? VPN Spanning tree PoE 802.1x Trunking

PoE Explanation Power over Ethernet (PoE) supplies power to end devices through the RJ45 Ethernet switch port. Power to the phone is carried on unused wires within the drop cables. Spanning tree is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet. The spanning tree protocol runs on each switch and is used to select a single path between any two switches. Trunking allows a switch to forward VLAN traffic between switches. 802.1x is an authentication protocol used with port security (or port authentication).

Your computer has an IP address of 161.13.5.15. Your computer is on a: Public network Class C network Private network Multicast network

Public network Explanation Most IP addresses are public IP addresses. However certain ranges have been reserved for private networks. These are: • 10.0.0.0 10.255.255.255 • 172.16.0.0 172.31.255.255 • 192.168.0.0 192.168.255.255 Because your computer's IP address does not fall into these ranges, it is a public IP address.

How can an organization help prevent social engineering attacks?

Publish and enforce clearly written security policies //Educate employees on the risks and countermeasures

A smart phone was lost at the airport. There is no way to recover the device. Which of the following will ensure data confidentiality on the device?

Remote Wipe

You often travel away from the office. While traveling, you would like to use a modem on your laptop computer to connect directly to a server in your office and access files on that server that you need.

Remote access

Which of the following are solutions that address physical security?(Select two)

Require identification and name badges for all employees //Escort visitors at all times

Which of the following does NOT accurately describe an iSCSI SAN?

Requires special hardware and knowledge to implement.

Which of the following terms refers to permanent IP address assignment from a DHCP server?

Reservation

The process of moving from one Wireless Access Point (WAP) coverage area to another without re-authentication or loss in connectivity is commonly referred to as: Roaming Switching Routing DHCP relay

Roaming

Which of the cable types listed below is often used to connect a computer terminal to a router's console port? Crossover cable Straight-through cable Patch cable Rollover cable

Rollover cable

You have heard about a new malware program that presents itself to user as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to various system components. The program then tracks system activity and allows an attacker to remotely gain administrator access to the computer. Which of the ff. terms best describes this software?

Rootkit

A healthcare organization provides mobile clinics throughout the world. Which network technology should you select to transfer patient statistical data to a central database via the Internet to ensure network connectivity for any clinic located anywhere in the world, even remote areas?

Satellite

Which of the following is the most susceptible to interference related to atmospheric conditions?

Satellite

Which security protocols use RSA encryption to secure communications over an untrusted network? (Select two.)

Secure Sockets Layer Transport Layer Security

You want to use CCTV as a preventative security measure. Which of the following is a requirement for your plan?

Security guards

Which of the following protocols is used during the call control process of multimedia communications?

Session Initiation Protocol

Mobile devices in your organization us the access point shown in the figure below to connect to your wireless network. what should you do. select two

Set the channel used by access pint B to 8 Set the access point B to sue 802.11n wireless network

You're responsible for implementing network cabling in a new network installation. The cabling will be installed in a manufacturing environment where there is a great deal of electromagnetic interference. What cabling would operate best in this environment?

Shielded twist pair fiber optic

POTS

Short for plain old telephone service, which refers to the standard telephone service that most homes use

Your organizations security policy specifies that any mobile device (regardless of ownership) that connects to your internal network must have remote with enabled. If the device is lost or stolen, then it must be wiped to remove any sensitive data from it. Your organization recently purchased several Windows RT tablets. Which should you do?

Sign up for a Microsoft Intune account to manage the tablets

Users report that the Internet is nolonger accessible. You suspect that the line connecting your building to the internet is not working properly. What allows the service provider to remotely test the local loop?

Smart Jack is a special loopback plug installed at the demarc point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc

CSMA/CD

Solution which allows for verifying the absence of other traffic on a shared medium before transmitting in order to prevent collisions and loss of data in 802.3 networks

4G

Standard LTE.

You have a small network that uses a hub to connect multiple devices. What physical topology is used? Mesh Ring Star Bus

Star Explanation A hub creates a network with a physical star topology. The physical star topology uses a logical bus topology, where messages are sent to all devices connected to the hub. A mesh topology is a series of point-to-point links between devices. A ring topology uses a central device called an MSAU.

Which of the following topologies connects each network device to a central hub? Star Mesh Bus Ring

Star Explanation Star topologies connect each device on the network to a central hub.

A network topology in which each node connects to a central device is called: Bus topology Ring topology Star topology Mesh topology

Star topology

Which of the following best describes the purpose of using subnets?

Subnets divide an IP network address into multiple network addresses.

Which of the following is the least effective power loss protection for computer systems?

Surge protector

Which of the following answers refers to a data link layer (Layer 2) device designed to forward data packets between Local Area Network (LAN) segments?

Switch

Which of the following answers refers to a data link layer (Layer 2) device designed to forward data packets between Local Area Network (LAN) segments? Switch Firewall Router Hub

Switch

Bluetooth Near Field Communication (NFC) Infrared (IR)

Technologies that can be used by devices communicating in a WPAN

MPLS

Technology which enables the use of different types of network protocols on the same network.

Miredo

Teredo IPv6 tunneling software

What does the term "Miredo" refer to? IPv4 to IPv6 migration mechanism Load balancing solution Teredo IPv6 tunneling software Content filtering solution

Teredo IPv6 tunneling software

/27

The CIDR notation of the 255.255.255.224 subnet mask

False: Multimode cables are less expensive to operate, install and maintain than single-mode cables. However, they are much more limited in both speed and distance.

The advantages of multimode fiber-optic cabling over single-mode cabling include data transfer rates over longer distances, higher speed, and lower cost.

MIMO

The characteristic features of the evolved high-speed packet access (HSPA+) standard is the use of:

172

The decimal notation of the binary number 10101100

Finding breaks in copper network cables

The function of a Time-Domain Reflectometer (TDR)

Consider the following output generated by the show interface fa0/0 command generated on a router: Which of the following statements are true about fa0/0 interface. select three

The interface has been dropping incoming packets Several collisions have occurred One cyclic redundancy check error has occurred

128 - 191

The leading octet value range for an IPv4 address belonging to a class B network

154.24.64.0

The network address for a 154.24.67.147/22 host

45

The number of connections in a full mesh network consisting of 10 nodes

You have been struggling to keep the temperature in your server room under control. To address this issue, you have decided to reconfigure the room to create hot and cold aisles. Which of the following are true concerning this configurations? select two

The rear of your servers should fave the hot aisle The from of your servers should face the cold aisle

Collisions

The result of two devices on the same Ethernet network attempting to transmit data at exactly the same time.

53 bytes

The size of an ATM cell.

Why do attackers prefer static environment devices to conduct distributed network attacks? select two

These devices tend to employ much weaker security than traditional network devices These devices are typically more difficult to monitor than traditional network devices.

You have a WAN link that connects two sites. The WAN link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link. Which tool should you use?

Throughput tester

True

To allow for multiple VLANs on a single link, frames from individual VLANs must be identified. The most common and preferred method, IEEE 802.1Q, adds a tag to the Ethernet frame header labeling it as belonging to a certain VLAN.

What purpose does a wireless site survey serve? (Choose two)

To identify existing or potential sources of interference. To identify the coverage area and preferred placement of access points.

Why should backup media be stored offsite?

To preven the same disaster from affecting both the network and the backup media

You are the network administrator of a branch office of your company. The branch office network is part of a WAN that covers most of the US. The office has two Windows 2000 servers, tow UNIX servers, on Windows NT server, 90 Windows 98 clients, 40 Windows 2000 Professional clients, and five Macintosh clients. Users ahve been complaining that they are unable to access resources over the VAN at the main headquarters. You suspect that one of the routers between your office and the main headquarters is not working proplerly What TCP/IP utility can you use to see if a router is not working properly?

Tracert

A smurf attack is an example of reflective Distributed Denial of Service (DDoS) attack. True False

True The Smurf attack is a distributed denial-of-service attack in which large numbers of Internet Control Message Protocol (ICMP) packets with the intended victim's spoofed source IP are broadcast to a computer network using an IP broadcast address.

You are the network administrator for a growing business. When you were initially hired, the organization was small and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device's console. However, the organization has grown considerably in recent months. You now must manage 8 individual switches and three routers. It's becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner. What should you do?

Use syslog to implement centralized logging.

You have just configured the password policy and set the minimum password age to 10. What will be the effect of this configuration?

User cannot change the password for 10 days

What is the best countermeasure against social engineering? User authentication Strong passwords Changing default user names User education

User education

On a wireless network that is employing WEP, which type of users are allowed to authenticate through the access points?

Users with the correct WEP key

Which switch features are typically used with VoIP?

VLAN PoE

You manage a server at work that has just been configured with a new application. Consequently, the server has crashed several times during the last week. you think you have the problem resolved, but you would like to be able to manage the server remotely in case there is a problem Which of the following protocols would you use for remote management? select two

VNC ICA

Which of the following answers refers to a dedicated device for managing encrypted connections established over an untrusted network, such as the Internet?

VPN concentrator

Which of the following answers refers to a dedicated device for managing encrypted connections established over an untrusted network, such as the Internet? VPN concentrator Load balancer Managed switch Multilayer switch

VPN concentrator

Which of the following CCTV camera types lets you adjust the distance that the camera can see?

Varifocal

You manage the information systems for a large manufacturing firm. Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manage your organization's automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)

Verify that your network's existing security infrastructure is working properly. Install the latest firmware updates from the device manufacturer.

Used to centrally Store Data and is accessed using Remote Desktop

Virtual Desktop

You need to add security for your wireless network. you would like to use the most secure method. What method should you implement? -WPA -WPA2 -WEP KEBEROS

WPA2

ADSL

What is the most common type of DSL Internet access?

53 bytes

What is the size of an ATM cell?

When would you typically use an RJ11 connector? When using single mode fiber optic cables. When connecting a phone to a phone line. When using multimode fiber optic cables. When using RG6 cables. When using Cat 3 cables. When using Cat 5 or higher cables.

When connecting a phone to a phone line. Explanation An RJ11 connector is used for connecting analog telephones to the telephone jacks. Cat 3, Cat 5, and higher twisted pair cables use RJ45 connectors. Coaxial cables use Ftype or BNC connectors. Fiber optic cables use a variety of connectors (RC, RT, LC, MTRJ).

What can a TDR Test

Wire length Identify fault location

Which of the following benefits apply only to creating VLANs with switches and not to segmenting the network with regular switches?

You can create multiple broadcast domains.

In which of the following situations would you most likely implement a demilitarized zone (DMZ)?

You want to protect a public Web server from attack.

Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack?

Zero knowledge team

Ring

a network configuration in which node connections create a circular data path. Each node is connected to two others, like points on a circle.

Bus

a network setup in which each node are connected to a single cable or backbone.

You want to implement 802.1x authentication on your wireless network. What will be required?

a RADIUS server

MTRJ

a fiber-optic Cable Connector that is very popular for small form factor devices due to its small size

VLAN

a logical grouping of computers that allow computer hosts to act as if they were attached to the same broadcast domain regardless of their physical location

Quality of Service (QoS)

a mechanism that allows for controlling network resources and assigning priority to different types of traffic

SNMP

a protocol used in network management systems for the monitoring of network-attached devices

UC server Unified communications

a system/infrastructure that integrates various types of voice, video, and data services in a single user interface

Rollover / Yost

a type of null-modem cable that is often used to connect a computer terminal to a router's console port.

transport layer OSI model

acts as a dividing line between the upper and lower layers; TCP/UDP; ICMP

Port mirroring

allows an administrator to inspect the traffic passing through a network switch

Which of the following are characteristics of TACACS +?

allows for a possible of three different servers, one for each authentication, authorization, and account; uses TCP

CSMA/CA

allows for controlling the shared medium in order to minimize collisions in 802.11 networks

169.254.10.20

an example of an APIPA address

What shows the current entries in the computer's ARP cache?

arp-a

11000000

binary notation of the decimal number 192

Which of the following topologies connects all devices to a trunk cable?

bus

network layer OSI model

concerned with forwarding data based on logical addresses

TCP

connection-oriented protocol

UDP

connectionless protocol, unreliable

ring topology

data flows in a loop, devices are connected to a single ring, each device includes a receiver and a transmitter, each device repeats the signal it receives; benefits: fault tolerant, troubleshooting simplified; drawbacks: more cable is needed, scalability limitations, a break could result in a network outage for single rings

RIPv2

distance-vector routing protocol

current state modulation

electrically or optically represents a binary 0 or 1; 1 = presence of voltage or light; 0 = absence of voltage or light

state transition modulation

electrically or optically represents a binary 0 or 1; 1 = the transition to having voltage or light; 0 = having no transition in a voltage or light level from one time period to the next

Which of the ff. is not important aspect of password management?

enable account lockout

Which TCP/IP utility gives you the following output? Ethernet Adapter Local Area Connection: Connection-specific DNS Suffix . : testout.com IP Address. . . . . . . . . . . . . . . . . . . : 192.168.1.111 Subnet Mask . . . . . . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . . . . . : 192.168.1.1

ipconfig The ipconfig command shows the computer's TCP/IP configuration information. winipcfg also shows the TCP/IP configuration, but in a Windows graphical format.

Which of the ff. is a characteristic of TACACS+?

it encrypts the entire packet, not just authentication packets

Which of the following is not a primary characteristic of a worm?

it infects the MBR of a hard drive

What protocol uses port 88?

kerberos

All routers have finished updating their routing tables

known as a convergence state in routing

Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which security concern?

man-in-the-middle attack

MAN

metropolitan area network; interconnects locations scattered throughout a metropolitan area; ex) Metro Ethernet

star topology

most popular topology; devices have independent connects back to a central device like a hub or switch; benefits: cable break only impacts the one connected device, simple troubleshooting; drawbacks: more cable is required, longer installation time

What shows you the resolved NetBIOS name cache for a computer or NetBIOS name-to-Ip address mappings for known remote computers.

nbstat-c

bus topology

one cable is used per network segment which all the data flows on, requires a terminator at each end of the cable, uses T connectors; benefits: less cable required, can be less expensive, easy installation; drawbacks: potential single point of failure, difficult to troubleshoot problems, adding devices could cause an outage, does not scale well, high collision rate

CHAP performs which of the following security functions?

periodically verifies the identity of a peer using a three-way handshake

SPB

provides a replacement for the Spanning Tree Protocol (STP)

Trap

provides a replacement term for SNMP notification

application layer OSI model

provides application services to a network and advertises available services; file sharing, email, networked printers advertising that they are online

A loopback interface on a router

provides the means for basic testing whether the router is on and operational

presentation layer OSI model

responsible for the formatting of data being exchanged and securing that data with encryption

A device designed to filter and transfer data packets between dissimilar types of computer networks is called:

router

NAC

security measure that's in place when a client is denied access to the network due to an outdated antivirus software

server

serves up resources to a network

In an identity Management System, what is the function of the Authoritative Source?

specify the owner of a data item

IEEE 802.3at

standards which implements PoE+

1500 bytes

the MTU for a standard Ethernet frame

physical topology

the way the components are physically interconnected

protocol data unit

the name given to data at different layers of the OSI model; segment, packet, frame, bit

Dynamic routing

the process of the automated update of a routing table

When using Kerberos authentication, which of the following terms is used to describe the token that verifies the identity of the user to the target system?

ticket

Which of the following are used when implementing Kerberos for authentication and authorization? (Select Two)

ticket granting server; time synchronization

A user has just authenticated using Kerberos. What object is issued to the user immediately following logon?

ticket granting ticket

BIOS Firmware

types of software embedded into a hardware device

A device designed to provide emergency power during an unexpected main power source outage is called: UPS ( Your answer) PoE SVC PSU

uninterruptible power supply (UPS)

Which of the ff. is the best example of remote access authentication?

user establishes a dialup connection to a server to gain access to shared resources

Which of the following statements describe the function of a forward proxy? (Select 2 answers)

• Acts on behalf of a client • Hides the identity of a client

Match the Network Access Protection (NAP) component on the left with its description on the right.

• The NAP Client generates a Statement of Health (SoH) that reports the client configuration for health requirements. • A NAP Server runs the System Health Validator (SHV) • The Enforcement Server (ES) is the connection point for clients to the network. • The remediation server contain resources accessible to non-compliant computers on the limited-access network.

At which of the following OSI layers does a router operate?

3

True

"Metro-ethernet" is a general term for a computer network larger than a local area network (LAN) and based on ethernet standards.

Which of the following are advantages of using fiber optic cabling for a network, as opposed to other types of cabling? (Select two.) A Greater cable distances without a repeater B Immunity to electromagnetic interference C Lower installation cost D Faster installation

A Greater cable distances without a repeater B Immunity to electromagnetic interference

You have a network that occupies both floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the second floor directly above the wiring closet that holds the demarc. Which of the following terms describes the closet on the second floor? A IDF B Demarc extension C MDF D Horizontal cross connect E Vertical cross connect

A IDF Intermediate distribution frame (IDF)

Which of the following are characteristics of coaxial network cable? (Choose three.) A It uses two concentric metallic conductors. B It uses two concentric conductors made from plastic or glass which conduct light signals. C It uses RJ-45 connectors D It has a conductor made from copper in the center of the cable. E The ends of the cable must be terminated. F It is composed of four pairs of 22—gauge copper wire. G The conductors within the cable are twisted around each other to eliminate cross—talk.

A It uses two concentric metallic conductors. D It has a conductor made from copper in the center of the cable. E The ends of the cable must be terminated.

Which of the following connectors are used with fiber optic cables and include both cables in a single connector? (Select two.) A LC B ST C sc D MT-RJ E Bixlc

A LC D MT-RJ

Packet sniffer Protocol analyzer

A dedicated software tool used to monitor and examine contents of network traffic

You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the main floor. You need to connect the two wiring closets. Which of the following are typically used to connect the two wiring closets? (Select two.) A 25 pair BVertical cross connect C Horizontal cross connect D Demarc extension E Smart jack

A 25 pair C Horizontal cross connect

Router

A device designed to filter and transfer data packets between dissimilar types of computer networks is called:

Cable Tray

A device for organizing cable runs in a drop ceiling.

True

A device that apart from the function of an ordinary network switch can also provide additional functions at higher levels of the OSI reference model is known as a multilayer switch. True/False

RAS

A dial-up or VPN connection allowing remote users to access corporate network requires what type of service?

VTP

A Cisco-proprietary protocol for distributing VLAN information across the network

You are building network cables and attaching RJ-45 connectors to each end. Which tool do you need for this task? A Crimping tool B Punch down tool C Vampire taps D Needle nose pliers

A Crimping tool

Which two of the following statements about the Dynamic Host Configuration Protocol (DHCP) are true? It can deliver other configuration information in addition to IP addresses. It cannot be configured to assign the same IP address to the same host each time it boots. A DHCP server assigns addresses to requesting hosts. It is used only to deliver IP addresses to hosts.

A DHCP server assigns addresses to requesting hosts. It can deliver other configuration information in addition to IP addresses. Explanation DHCP servers deliver IP addresses as well as other host configuration information to network hosts. DHCP can be configured to assign any available address to a host, or it can assign a specific address to a specific host.

logical network diagram

A document which describes the way information flows through a network

Review the output from the show interfaces fa0/1 command on the switch2 switch in the exhibit. What is wrong with the fa0/1 interface in this example?

A duplex mismatch exists with the device on the other end of the connection. In this example, the following statistics indicate that a duplex mismatch error has occurred: • Duplexing is set to half. • There are a significant number of runts. • There are a significant number of collisions. • There are a significant number of late collisions.

What describes a man-in-the-middle attack?

A false server intercepts communications from a client by impersonating the intended server.

Software as a Service (SaaS)

A cloud computing infrastructure offering a remote access to applications and pricing based on monthly or annual subscription fee

Autonomous system

A collection of IP networks and routers under the control of one administrative entity

iSCSI

A data transfer protocol for linking data storage components over a network

You have a network that occupies the top floor of a three story building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. What would you use to relocate the WAN line into a wiring closet on your floor? A Demarc extension B Horizontal cross connect C 66 block D 110 block E Smart jack

A Demarc extension

Media converter

A network link consisting of two dissimilar media types requires an intermediary device known as this.

You have just signed up for a broadband home Internet service that uses coaxial cable. Which connector type will you most likely use? A RJ-45 B RJ-11 C sc D F-type E ST F smc

D F-type

Which of the following is used to terminate individual wires from a 25 pair or 100 pair cable using female RJ-45 ports? A 66 block B 110 block C Horizontal cross connect D Patch panel

D Patch panel

You are adding new wires in your building for some new offices. The building has a false ceiling that holds the lights. You would like to run your Ethernet cables in this area. Which type of cable must you use? A Fiber optic B pvc C srp D Plenum E Cat 5e or Cat 6e

D Plenum

Which of the following connectors is used with fiber optic cables and connects using a twisting motion? A F-type B LC C sc D ST E Bixlc

D ST

Which of the following answers refers to a common antenna type used as a standard equipment on most Access Points (APs) for indoor Wireless Local Area Network (WLAN) deployments? Dipole antenna Dish antenna Unidirectional antenna Yagi antenna

Dipole antenna

Star topology

A network topology in which each node connects to a central device

Which organization is responsible for allocating public IP addresses? IANA CompTIA IEEE IETF

IANA Explanation The Internet Assigned Numbers Authority (IANA) is responsible for allocating IP addresses used on the Internet. When you want to obtain a public IP address, you would typically get the address from your ISP, which has received it from a Regional Internet Registry (RIR), which has been assigned a block of addresses from IANA. IANA is operated by the Internet Corporation for Assigned Names and Numbers (ICANN), so you might also see that ICANN is responsible for assigning public IP addresses. The IETF is an organization that is responsible for settings standards used on the Internet. For example, the IETF has defined the standards for NAT as well as other protocols. The IEEE is an organization that sets networking standards such as for Ethernet or wireless networking. CompTIA is a professional organization that represents computing technology companies and individuals.

Which of the following protocols allows hosts to exchange messages to indicate problems with packet delivery?

ICMP

Which of the following protocols allows hosts to exchange messages to indicate problems with packet delivery? IP TCP ARP DHCP IGMP ICMP

ICMP Explanation The Internet Control Message Protocol (ICMP) allows hosts to exchange messages to indicate the status of a packet as it travels through the network.

You were hired by a small start-up company. the company is in a small office and has several remote employees. You ave been asked to find a business service that would accommodate the curren size of the company but would also be able to scale as the company grows. The service needs to provide adequate storage, as well as additional computing power. Which cloud serve model should you use?

IaaS

Which of the following information are you likely to find in a policy document?

A requirement for using encrypted communication for Web transactions.

You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into the server components and affecting the ability of the network. Which of the following should you implement?

Positive pressure system

Plenum-rated cabling

A special type of cabling with a fire-retardant jacket placed inside the space between structural floor and dropped ceiling or inside walls.

Optical Time-Domain Reflectometer (OTDR)

A type of specialized cable tester that allows for locating faults and breaks in fiber-optic cabling.

Full duplex

A type of transmission that takes place in two directions simultaneously

Management Information Base (MIB)

A virtual database included in an SNMP-compliant device, containing information about configuration and state of the device that can be queried by the SNMP management station.

What is the main difference between a worm and a virus?

A worm can replicate itself, while a virus requires a host for distribution.

Which of the following protocols or services would you associate with Windows Remote Desktop Services network traffic?

RDP

Which of the following terms describes the actual time required to successfully recover operations in the event of an incident?

Recovery Time Objective (RTO)

32 bits

An IPv4 address consists of this

DHCP

An IPv4 address in the range 169.254.1.0 through 169.254.254.255 indicates a problem with this type of service

6to4

An IPv4 to IPv6 transition mechanism that allows IPv6 packets to be transmitted over an IPv4 network

double colon in an IPv6 address indicates that part of the address containing only zeroes has been compressed to make the address shorter. True False

True

As opposed to the simple Denial of Service (DoS) attacks that usually are performed from a single system, a Distributed Denial of Service (DDoS) attack uses multiple compromised computer systems to perform attack against its target. True False

True A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.

What type of device would be the most convenient for interconnecting two or more physically separated network segments? Wireless bridge Layer 3 switch Wireless Access Point (WAP) Cable modem

Wireless bridge Connects two wired networks together over Wi-Fi. The wireless bridge acts as a client, logging in to the primary router and getting an Internet connection, which it passes on to the devices connected to its LAN Jacks

Which of the following documents would likely identify that drop cables on your network use the T568A standard?

Wiring schematic.

Which type of documentation would you consult to find the location of RJ-45 wall jacks and their endpoints in the intermediate distribution closet?

Wiring schematic.

You are troubleshooting a workstation connection to the network. During your troubleshooting, you move the cable in the wiring closet to a different port on the patch panel. Which type of document should you update?

Wiring schematic.

TCP Segment Format

Source Port, Destination Port, Sequence Number, Acknowledgement Number, Offset, Reserved, TCP Flags, Window, Checksum, Urgent Pointer, TCP Options Option

UDP Segment Format

Source Port, Destination Port, UDP Length, UDP Checksum

Which of the following could easily result in a denial of service attack if the victimized system had too little free storage capacity?

Spam

Which of the following features are common functions of an all-in-one security appliance?

Spam filtering Bandwidth shaping

CAT6

The minimum cabling requirement for a 10GBASE-T network.

Bend Radius

The minimum radius one can bend a pipe, tube, sheet, cable or hose without kinking it, damaging it, or shortening its life. The smaller, the better

ADSL

The most common type of a DSL Internet access.

"Default route"

The network path used by a router for forwarding all packets with destination addresses not listed in its routing table

You are troubleshooting the connection of a computer in an office to punchdown block in the distribution closet. Which document would you consult to identify the termination of the cable on the punchdown block based on the wall jack location in the office?

Wiring schematic.

A workstation is connected to a switch on the Gi 0/2 interface using a straight-through cable. The Ethernet interface in the workstation has been manually configured to use a 100 Mbps link speed in full-duplex mode. Which of the following are true in this scenario? (Select three.)

The switch attempts to sense the link speed. If it can't, the slowest link speed supported on the interface is selected. If the link speed is 10 Mbps or 100 Mbps, half-duplex is used. If the link speed is 1000 Mbps or faster, full-duplex is used.

Virtualization

a solution that allows multiple operating systems to work simultaneously on the same hardware

True or false A mechanism that allows for connecting one set of wires with another set of wires in telecommunications closets or local area networks (LANs) is commonly referred to as a punch-down block

True

True or false The Category 6 (CAT6) cabling supports a 10 Gbps data transfer rate at a limited range of 33-55 meters, whereas CAT6A (Augmented) cabling allows for 10 Gbps data transfer rate over a cable segment length of 100 meters.

True

straight-through cable AKA Patch Cable

a type of twisted pair cable that is used in local area networks to connect a computer to a network hub such as a router.

Which of the following answers refers to a data link layer (Layer 2) device designed to forward data packets between Local Area Network (LAN) segments?

switch

Each of the following tools used to check the health of a network. Which of these is typically used to managing and sending messages from one computer system to another?

syslog

You have implemented lockout with a clipping level of 4. What will be the effect of this setting?

the account will be locked for 4 incorrect attempts

logical topology

the actual traffic flow of the data

Which type of documentation would you consult to find the location of RJ-45 wall jacks and their endpoints in the intermediate distribution closet?

wiring schematic

Which of the following tools would you use to view the MAC addresses associated with IP addresses that the local workstation has contacted recently?

arp

CAN

campus area network; interconnects building-to-building; ex) a university campus, an industrial/business park

Network Access Control (NAC)

defines a set of rules enforced in a network that the clients attempting to access the network must comply with. With NAC, policies can be enforced before or after end-stations gain access to the network. NAC can be implemented as Pre-admission NAC where a host must, for example, be virus free or have patches applied before it is allowed to connect to the network, and/or Post-admission NAC, where a host is being granted/denied permissions based on its actions after it has been provided with the access to the network.

You administer a NetBIOS-based network that uses the TCP/IP protocol. You are trying to troubleshoot a computer that is unable to contact a server by its NetBIOS name. Which command can you use to check the connection?

nbtstat Use nbtstat to troubleshoot NetBIOS name resolution problems. The command shows which NetBIOS names the server uses, and which NetBIOS names the client knows about.

Examine the following output: Server: helicuplar.xct.takro.net Address: 209.53.4.130 Name: westsim.com Address: 64.78.193.84 Which of the following utilities produced this output?

nslookup The output is from the nslookup command on a Windows Server 2003 system. nslookup is a tool that allows you to send manual DNS resolution requests to a DNS server. The output displays the IP address and hostname of the DNS server that performed the resolution, and the IP address and hostname of the target specified for resolution. nslookup can be a useful tool when troubleshooting DNS name resolution problems.

session layer OSI model

responsible for setting up (username/password), maintaining (data transfers), and tearing down sessions; H.323, NetBIOS

Which of the following solutions would you implement to eliminate switching loops?

spanning tree used to select single path between two switches

STP 802.1d RSTP 802.1w

solutions which provide protection against switching loops

Which of the following is the most common detection method used by an IDS? -Signature -Behavior -Anomaly -Heuristic

-Signature

You have just installed a new network-based IDS system that uses signature recognition. What should you do on your regular basis? -Modify clipping levels -Check for backdoors -Generate a new baseline -Update the signature files

-Update the signature files

TCP/IP Model

1. Network Interface; aligns with Physical and Data Link 2. Internet; aligns with Network 3. Transport; aligns with Transport 4. Application; aligns with Session, Presentation, and Application

OSI model

1. Physical - bits 2. Data Link - frames 3. Network - packets 4. Transport - segments 5. Session 6. Presentation 7. Application

Your network follows the 100BaseTx specifications for Fast Ethernet. What is the maximum cable segment length allowed? 500 meters 1,000 meters 412 meters 2,000 meters 100 meters

100 meters Explanation Fast Ethernet using twisted pair cables (either 100BaseT4 or 100BaseTx) has a maximum cable segment length of 100 meters. Tip: All Ethernet networks that use twisted pair cable (Ethernet, Fast Ethernet, Gigabit Ethernet) have a distance limitation of 100 meters.

With an Ethernet 10BaseT network, the maximum cable length between a computer and the hub is: 100 meters 100 feet 500 feet 185 meters

100 meters Explanation With an Ethernet 10BaseT network, the maximum cable length between a computer and the hub is 100 meters.

Ephemeral ports

1023 and above

Well-known ports

1023 and below

Which of the following standards is used by SONET? 10GBaseER 1000BaseSX 1000BaseLX 1000BaseCX 10GBaseLW

10GBaseLW Explanation 10GBase standards ending in W are used for SONET implementations. These include 10GBaseSW (short), 10GBaseLW (long), and 10GBaseEW (extended). 10GBaseER is for extended fiber optic but not used with SONET. 1000Base standards are not used for SONET. 1000BaseCX is a copper cable specification.

Match each decimal value on the left with the corresponding hexadecimal value on the right. Not all decimal values have a corresponding hexadecimal value.

11 >> 17 B >> 11 D >> 13 F >> 15 C >> 12 10 >> 16 Hexadecimal is a Base 16 numbering system, which means there are 16 different characters possible for each number place. These characters go from 0 to 9, as decimal does; however, hexadecimal uses the letter A to represent the decimal number 10, B represents 11, and so on up to F, which represents 15.

Which data transmission rate is defined by the IEEE 802.11b wireless standard?

11 Mbps

Which of the following uses metal clips placed over plastic slots for connecting individual copper wires? 25 pair 66 block 100 pair 110 block

110 block Explanation A 110 block is a punchdown block that uses metal clips fitted over plastic pins. When connecting wires using a 110 block, place the wires in the plastic slots, attach the metal clip, then punch down the connecting cable on the top of the clip. A 66 block uses metal pins for connecting wires. Wires are placed in the pins, and pins within a row are electrically connected. 25 pair and 100 pair are cable bundles that include multiple pairs of copper wires (either 25 pairs of wires or 100 pairs of wires).

Which of the following answers lists the binary notation of the decimal number 192? 10101100 11000000 01111111 10101000

11000000

Which three of the following IP addresses belong to the Class A network 114.0.0.0? (Assume the network is indicated by the default portion of the IP address.) 114.58.12.0 114.122.66.12 114.0.0.15 115.77.89.4 115.88.0.55 115.0.0.66

114.58.12.0 114.122.66.12 114.0.0.15 Explanation With a Class A network, the first octet indicates the network address. All hosts on the network must have the same value in the first octet (114).

What is the leading octet value range for an IPv4 address belonging to a class B network? 128 - 191 1 - 126 192 - 223 224 - 239

128 - 191

A host on the network has an IP address of 129.11.99.78 using the default subnet mask. How would you identify the address and mask using CIDR notation? 129.11.99.78/24 129.11.99.78/16 129.11.99.78/8 129.11.99.78:8 129.11.99.78:24 129.11.99.78:16

129.11.99.78/16 Explanation Use 129.11.99.78/16 for the address and the mask. With CIDR notation, follow the IP address with a slash (/) and the number of bits in the mask. The default subnet mask for this address is 255.255.0.0 which uses 16 bits in the mask.A mask value of 255.0.0.0 uses 8 bits, and a mask value of 255.255.255.0 uses 24 bits.

OC-256

13.271 Gbps

Your network has been assigned the Class B address of 130.15.0.0. Which of the following is not an address you can assign to a node on your network? 130.15.60.0 130.16.61.3 130.15.60.220 130.15.0.1

130.16.61.3 Explanation If you plan to use the Class B address for all nodes on the network, the nodes must all have the same network address. In this case, all IP addresses must begin with 130.15.

In an IP addressing scheme using default subnet masks, which of the following IP addresses can you assign to a host? 127.0.0.1 199.45.207.0 127.35.88.92 132.70.254.15

132.70.254.15 Explanation Addresses starting with 127 are reserved and cannot be assigned to hosts. The address 199.45.207.0 is a network ID, and is therefore not assigned to a host.

You want to close all ports associated with NetBIOS on your network firewalls to prevent attacks directed against NetBIOS. Which ports should you close?

135, 137139

Which of the following IP addresses is a valid IP address for a host on a public network? 192.168.16.45 10.3.125.2 142.15.6.1 172.16.254.12

142.15.6.1 Explanation A public network is a network that does not limit traffic to members of a corporation or other group. The Internet is an example of a public network. Certain sets of IP addresses are reserved for private networks only and cannot be used on public networks. They are: • 10.0.0.0 to 10.255.255.255 • 172.16.0.0 to 172.31.255.255 • 192.168.0.0 to 192.168.255.255

Which three of the following are not valid IP addresses? 45.22.156.256 116.0.0.116 1.55.254.3 132.64.32.8 145.8.260.7 257.0.122.55 122.0.0.0

145.8.260.7 257.0.122.55 Explanation IP addresses have a value between 0 and 255 within each octet. In this list, 45.22.156.256, 145.8.260.7, and 257.0.122.55 are not valid IP addresses.

What is the network address for a 154.24.67.147/22 host? 154.24.48.0 154.24.60.0 154.24.62.0 154.24.64.0

154.24.64.0

An OC-3 line supports transmission rates of up to: 1.544 Mbps 51.84 Mbps 44.736 Mbps 155.52 Mbps

155.52 Mbps

Which port number is used by SNMP?

161

Which of the following is the first IP address that can be assigned to hosts on the 166.70.0.0 network using the default subnet mask? 166.71.0.0 166.70.1.0 166.70.0.0 166.70.1.1 166.70.0.1

166.70.0.1 Explanation The first address you can assign to hosts on the 166.70.0.0 network is 166.70.0.1. The network address is a Class B address and uses a default subnet mask of 255.255.0.0. The last two octets are used for host addresses. The host address range is 166.70.0.1 to 166.70.255.254. 166.70.0.0 cannot be used as a host address because it is the network address. 166.70.255.255 cannot be used as a host address because it is the broadcast address.

Which of the following is the last IP address that can be assigned to hosts on the 166.70.0.0 network using the default subnet mask? 166.70.0.255 166.70.0.254 166.71.0.0 166.70.255.255 166.70.255.254

166.70.255.254 Explanation The last address you can assign to hosts on the 166.70.0.0 network is 166.70.255.254. The network address is a Class B address and uses a default subnet mask of 255.255.0.0. The last two octets are used for host addresses. 166.70.0.0 cannot be used as a host address because it is the network address. 166.70.255.255 cannot be used as a host address because it is the broadcast address.

Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server?

169.254.0.0 - 169.254.255.255

Which of the following IP address ranges is reserved for Automatic Private IP Addressing? 192.168.0.1 192.168.254.255 169.254.0.1 169.254.255.254 169.192.0.0 169.192.254.255 192.168.0.0 192.168.255.254 169.168.0.1 169.168.255.255

169.254.0.1 169.254.255.254 Explanation The Internet Assigned Numbers Authority (IANA) has reserved 169.254.0.1 through 169.254.255.254 for Automatic Private IP Addressing (APIPA). APIPA also sets the subnet mask on the network to 255.255.0.0.

Which of the following answers lists the decimal notation of the binary number 10101100? 168 172 192 255

172

Which of the following is a valid IP (version 4) address? (Select two.) 172.16.1.26 192.168.1.512 1.254.1.1024 254.7.1.417 10.384.0.3 256.0.0.1 2.2.2.2

172.16.1.26 2.2.2.2 Explanation A valid IPv4 address consists of 4 8bit (1 byte) numbers separated by periods. For example, 10.0.0.65. Because they are 8 bits long, these numbers are frequently called octets. Even though we typically express these numbers using decimal notation, it's important to remember that these numbers are binary numbers. The lowest value one of these numbers can have is 00000000. The decimal equivalent for this number is simply 0. The highest value one these numbers can take is 11111111. The decimal equivalent of this number is 255. Therefore, in decimal notation, each octet must contain a number between 0 and 255inclusively.

To access your company's internal network from home, you have used Telnet. Security policy now prohibits the use of unsecure protocols such as Telnet. The administrator has recently implemented a firewall at the network perimeter and disabled many ports. Which port needs to be closed to prevent Telnet access from home?

23

You are configuring a network firewall to allow SMTP outbound email traffic, and POP3 inbound email traffic. Which of the following TCP/IP ports should you open on the firewall? (Select two.)

25 110

Which of the following answers lists the default (classful) subnet mask for a class B network? 255.252.0.0 255.255.0.0 255.248.0.0 255.224.0.0

255.255.0.0

You are configuring the IP address for a host and have been asked to use the address 192.160.99.110/16. What subnet mask value would you use? 255.0.0.0 255.255.0.0 255.255.252.0 255.255.255.0

255.255.0.0 Explanation With CIDR notation, the number of bits in the subnet mask is indicated by the /16 following the IP address. A mask that uses 16 bits is written 255.255.0.0 in decimal format. Each octet in the mask uses 8 bits, so a mask with 16 bits uses two full octets. Use /8 for the mask 255.0.0.0 and /24 for the mask 255.255.255.0. In this example, a /24 mask would be the default subnet mask, but the address is using a nondefault mask of 255.255.0.0.

What is the network address and subnet mask used by APIPA? (Select two.) 255.0.0.0 255.255.255.0 169.0.250.0 255.255.0.0 169.254.0.0 169.255.0.0

255.255.0.0 169.254.0.0 Explanation Automatic Private IP Addressing (APIPA) uses a network address of 169.254.0.0 with the default Class B subnet mask of 255.255.0.0. Host addresses will be within the range of169.254.0.1 and 169.254.255.254.

What is the default subnet mask for the IP address 203.111.3.3? 255.0.0.0 255.255.255.255 255.255.0.0 255.255.255.0

255.255.255.0 Explanation IP addresses are divided into classes. The most common of these are classes A, B, and C. Each address class has a different default subnet mask. To identify the class of an IP address, look at its first octet. • Class A networks use a default subnet mask of 255.0.0.0 and have 0-126 as their first octet. • Class B networks use a default subnet mask of 255.255.0.0 and have 128-191 as their first octet. • Class C networks use a default subnet mask of 255.255.255.0 and have 192-223 as their first octet. In this question, the IP address falls in the Class C range and therefore has a default subnet mask of 255.255.255.0.

You've just installed a new 16U wall-mounted rack in your data center. You need to install the following equipment in this rack: A 4U redundant power supply A 4U server A 4U switch A 2U router Which of the following equipment will also fit in this rack along with the above equipment?

2U UPS

You have been asked to implement a RAID 5 solution for your network. What is the minimum number of hard disks that can be used to configure RAID 5?

3

An IPv4 address consists of: 32 bits 48 bits 64 bits 128 bits

32 bits

Which of the following correctly describe the most common format for expressing IPv6 addresses? (Select two.)

32 numbers, grouped using colons Hexadecimal numbers

Which ports does LDAP use by default? (Select two.)

389 & 636

You are configuring PuTTY to be used to access the CLI of a Cisco switch. Which of the following configuration values would prevent PuTTY from connecting? (Select two.)

4600 baud Flow control = RTS/CTS

Which of the ff. ports are used with TACACS?

49

You want to use CCTV to increase the physical security of your building. Which of the following camera types would offer the sharpest image at the greatest distance under the lowest lighting conditions?

500 resolution, 50mm, .05 LUX

You manage a network with two locations: Portland and Seattle. Both locations are connected to the Internet. All computers in both locations are configured to use IPv6. You would like to implement an IPv6 solution to meet the following requirements: • Hosts in each location should be able to use IPv6 to communicate with hosts in the other location through the IPv4 Internet. • You want to use a site-to-site tunneling method instead of a host-to-host tunneling method. Which IPv6 solution should you use?

6 to 4

Which of the answers listed below refers to the maximum data transfer rate of an OC-12 connection? 622.08 Mbps 1244.16 Mbps 2488.32 Mbps 9953.28 Mbps

622.08 Mbps

You want to deploy SSL to protect authentication traffic with you LDAP-based directory service. Which port would this use?

636

An IPv4 to IPv6 transition mechanism that allows IPv6 packets to be transmitted over an IPv4 network is known as: 6to4 802.3af eDiscovery Miredo

6to4

RS-232

A EIA standard for connecting serial devices. It supports DB-25 and DB- 9 connectors

Coupler

A small device for connecting two cables to make a longer cable

route print netstat -r

Command-line commands in MS Windows which are used to display the contents of a routing table

RJ-48C

Connector type used for terminating a T-1 line.

DB-9/DE-9 DB-25

Connector types that are used for connecting devices to a RS-232 port.

You have a network configured to use the OSPF routing protocol. Which of the following describes the state when all OSPF routers have learned about all other routes in the network?

Convergence

Which implementation is most secure?

EAP-TLS

DCS SCADA

Examples of Industrial Control System (ICS) solutions

You are moving a client to a new location within an Ethernet network. Previous to the move, the client system did not have difficulty accessing the network. during the relocation, you attach a patch cable from the client system to the wall jack and from the patch panel to the switch. Once connected you do not get a link light on the network card or the switch. You swap out the cable running between the patch panel and the switch with a known working one but you can still not connect. what might you suspect as the problem?

Failed patch cable between the client system and the wall jack

Which TCP/IP protocol is a secure form of HTTP that uses SSL as a sublayer for security?

HTTPS

FE80::/64

IPv6 link-local address

You are designing a wireless network implementation for a small business. the business deals with sensitive customer information, so data emanation must be reduces as much as possible. The floor plan of the office is shown below. Match each type of access point antenna with the appropriate location on the floorplan.

Location = type A= Directional B= Directional C=Omnidirectional D= Directional E= Directional F= Directional G= Directional

You have a server that has a 100BaseFX network interface card that you need to connect to a switch. The switch only has 100BaseTX switch ports. Which device should you use? Gateway Bridge Media converter Hub Repeater

Media converter Explanation Use a media converter to convert from one media type to another media type within the same architecture. Use a bridge to connect two devices that use different network architectures, for example to connect a wired network to wireless clients. A hub or a repeater connect devices using the same media type.

You have decided to conduct a business meeting at a local coffee shop. The coffee shop you chose has a wireless hotspot for its customers who want Internet access. You decide to check your e-mail before the meeting begins, but when you open the browser you cannot gain Internet access. Other customers are on the Internet and because you use a wireless connection at work, you are sure your laptops wireless adapter works. What is the likely cause of the problem?

Mismatched SSID

You manage a network with multiple subnets connected to the Internet. A user reports that she can't access the Internet. You investigate the problem and find that she can access all hosts on the private network, but no hosts on the Internets. What is likely the cause of the problem.

Missing default route on the router

Members of the Sales team use laptops to connect to the company network. While traveling, they connect their laptops to the Internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless antivirus software and the latest operating system patches have been installed. Which solution should you use?

NAC

What is the least secure place to locate an access point with an omnidirectional antenna when creating a wireless cell?

Near a window

Which of the following locations will contribute the greatest amount of interference for a wireless access point? (Select two.)

Near backup generators Near cordless phones

At what OSI layer does a router operate to forward network messages? Network Session Physical Data Link Transport

Network Explanation A router uses the logical network address specified at the Network layer to forward messages to the appropriate LAN segment. A bridge, on the other hand, uses the MAC address and works at the Data Link layer.

Smurf attack

Network attack type which exploits broadcast traffic

In troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet addresses of each connected subnet. Which type of document would most likely have this information?

Network diagram.

You have placed an FTP server in your DMZ behind your firewall. The FTP server will be used to distribute software updates and demonstration versions of your products. Users report that they are unable to access the FTP server. What should you do to enable access?

Open ports 20 and 21 for inbound and outbound connections.

True

Optical Carrier (OC) transmission rate specifications adhere to a pattern whereby OC prefix is followed by a number designating a multiple of the base unit of 51.84 Mbps.

True

Optical carrier (OC) transmission rate specifications adhere to a pattern whereby OC prefix is followed by a number designating a multiple of the base unit of 51.84 Mbps

Single Mode Fiber

Optical fiber that is designed for the transmission of a single ray or mode of light as a carrier and is used for long-distance signal transmission.

DHCP allows for passing additional configuration settings to DHCP clients on a network. The additional settings might include (among other types of configuration info) the default gateway IP address, or DNS server IP address. Which of the answers listed below refers to the part of a DHCP message containing those settings?

Options

The process of managing a network device via a connection other than the regular network link used by the device to send and receive network traffic is known as: Session hijacking Out-of-band management Backdoor access In-band management

Out-of-band management

You have been hired to troubleshoot a wireless connectivity issue for two separate networks located within a close proximity. Both networks use a WAP from the same manufacturer and all settings, with the exception of SSIDs, remain configured to the default. Which of the following might you suspect as the cause of the connectivity problems?

Overlapping channels

You have been hired to troubleshoot a wireless connectivity issue for two separate networks located within a close proximity. Both networks use a WAP from the same manufacturer and all settings, with the exception of SSIDs, remain configured to the default. Which of the following might you suspect as the cause of the connectivity problems?

Overlapping channels

Which of the following authentication protocols transmits passwords in clear text, and is therefore considered too insecure for modern networks

PAP

Which of the following answers refers to a Network Address Translation (NAT) method that binds a combination of private IP address and port number with a corresponding public IP address and port information?

PAT

Which of the following associates a port number with a host on a private network? NAT CIDR PAT VLSM

PAT Explanation Port address translation (PAT) associates a port number with the translated address. Use PAT to allow multiple private hosts to share a single public address. Each private host is associated with a unique port number.Technically speaking, NAT translates one address to another. With only NAT, you would have to have a public address for each private host. NAT would associate a single public address with a single private address. Because virtually all NAT routers perform port address translation, most routers that are configured with NAT are really performing PAT. When you use a NAT router, you are normally using PAT and not just NAT. (NAT is typically used synonymously with PAT.) Classless InterDomain Routing (CIDR) allows for non-default subnet masks (variable length subnet mask or VLSM).

You are moving to an area where DSL will be available in the next six months. Which method of Internet connectivity should you implement until DSL is available, if your existing connectivity needs are minimal?

PSTN

You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose?

PTZ

Which of the following best describes the Platform as a Service (PaaS) cloud computing service model?

PaaS delivers everything a developer needs to build an application onto the cloud infrastructure

A technology that allows for prioritizing certain types of network traffic in order to improve the overall network effectiveness and performance is known as:

Packet shaping

A technology that allows for prioritizing certain types of network traffic in order to improve the overall network effectiveness and performance is known as: (Select best answer)

Packet shaping

A technology that allows for prioritizing certain types of network traffic in order to improve the overall network effectiveness and performance is known as: AAA framework Packet shaping Content filtering Port forwarding

Packet shaping AKA Traffic Shaping

You are concerned about attacks directed against the firewall on your network. You would like to examine the content of individual frames sent to the network. Which tool should you use?

Packet sniffer.

A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts. Which process did the administrator use in the penetration test in this scenario?

Passive fingerprinting

An Ethernet straight-through cable is also commonly referred to as: Rollover cable Crossover cable Patch cable Yost cable

Patch cable

Which of the following is used to terminate individual wires from a 25 pair or 100 pair cable using female RJ45 ports? 66 block 110 block Patch panel Horizontal cross connect

Patch panel Explanation A patch panel is a device that typically connects individual stranded wires into female RJ45 connectors. For example, you might connect 4 pairs of wires from a punchdown block to a port on the patch panel. On the patch panel, you then connect drop cables (cables with RJ45 connectors) to the patch panel on one end and a computer on the other end. Use 66 and 110 blocks to connect individual wires within a wiring closet. These punchdown blocks connect the individual wires together, but do not terminate in RJ45 connectors. A horizontal cross connect connects IDFs on the same floor.

Private cloud

Provides cloud services to a single organization

Which of the following solutions provides the AAA functionality? (Select all that apply)

RADIUS TACACS+

Which of the following connector types would be used for terminating a T-1 line? RJ-45 RJ-48C UTP RJ-11

RJ-48C

Which of the following connectors is used with Ethernet 10BaseT networks? RJ11 RJ45 15-pin D-shell BNC

RJ45 Explanation RJ45 connectors are used with Ethernet 10-BaseT networks.

Which of the following are requirements of the 1000BaseT Ethernet standards? (Select three.) SC or ST connectors RJ45 connectors Fiber optic cable CAT 5 cabling The cable length must be less than or equal to 100m The cable length must be less than or equal to 1000m

RJ45 connectors CAT 5 cabling The cable length must be less than or equal to 100m Explanation Gigabit Ethernet (1000BaseT) has similar requirements to 100BaseT with connectors, cabling, and distances. The network cards are simply designed to transfer data ten times as fast.

Which of the following standards is typically used in a rollover cable? RS-232 RG-58 RG-6 R-J11

RS-232 Explanation A rollover cable has a serial connector on one end and an RJ-45 connector on the other end. RS-232 is the standard for serial communications. RJ-11 connectors are used for analog telephone lines. RG-6 and RG-58 are coaxial cable standards.

You recently discovered several key files of your antivirus program have been deleted. You suspect that a virus has deleted the files. Which type of virus deletes key antivirus program files?

Retro

A device designed to filter and transfer data packets between dissimilar types of computer networks is called:

Router

A device designed to filter and transfer data packets between dissimilar types of computer networks is called: Hub Load balancer Router Switch

Router

Which of the following activities are typically associated with a penetration test? (Select two.)

Running a port scanner Attempting social engineering

Which of the following Internet services provides equal upload and download bandwidth?

SDSL

What protocol sends email to a mail server? SNMP POP3 SMTP FTP TFTP

SMTP Explanation SMTP sends email to a mail server.

Drag each IP port number on the left to its associated service on the right. Be aware that some port numbers may be used more than once.

SNMP 161 TCP and UDP SSH 22 TCP and UDP TFTP 69 UDP SCP 22 TCP and UDP Telnet 23 TCP HTTPS 443 TCP and UDP HTTP 80 TCP FTP 20 TCP SMTP 25 TCP POP3 110 TCP

Which of the following answers refers to an international standard for high-speed data communications over fiber-optic media?

SONET

Which of the following protocols can be used to securely manage a network device from a remote connection?

SSH.

You have physically added a wireless access point to your network and installed a wireless networking card in two laptops running Windows. Neither laptop can find the network and you have come to the conclusion that you must manually configure the wireless access point (AP). Which of the following values uniquely identifies the network AP?

SSID

you have physically added a wireless access point to your network and installed a wireless network card in two laptops running windows. Neither laptop can find the network and you have come to the conclusion that you must manually configure the wireless access points (AP). Which of the following values uniquely identifies the network AP?

SSID

Which of the following is used on a wireless network to identify the network name?

SSID Wireless devices use the SSID (Service Set Identification) to identify the network name. All devices on a wireless network use the same SSID. The MAC address is a unique physical device address. The WPA2 Personal passphrase and the WEP key are both mechanisms used to secure wireless communications.

Which of the following serves as a unique identifier for a WLAN (a wireless network name)? EUI SSID OUI CNAME

SSID (Service Set Identifier)

Which of the following wireless network protection methods prevents the broadcasting of the wireless network name?

SSID broadcast

FTPS uses which mechanism to provide security for authentication and data transfer?

SSL

You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations.

SSL

You can use a variety of methods to manage the configuration of a network router. Match the management option on the right with its corresponding description on the left. (Each option can be used more than once.)

SSL Uses publickey cryptography HTTP Transfers data in clear text SSH Uses publickey cryptography Telnet Transfers data in clear text Console port Cannot be sniffed

Which of the following answers list(s) example(s) of fiber-optic connectors (Select all that apply) ST DB-25 SC LC MT-RJ FC RG-6

ST SC LC MT-RJ FC

Which of the following cloud computing solutions will deliver software applications to a client either over the Internet or on a local area network?

SaaS

The term "War driving" refers to: Penetration test Scanning for unsecured wireless networks while driving in a car Vulnerability scan Marking unsecured wireless networks

Scanning for unsecured wireless networks while driving in a car

Of the following cables, which offer the best protection against EMI? Cat 5e Cat 5 RG6 Single mode fiber optic

Single mode fiber optic Explanation Fiber optic cables offer the best protection against electromagnetic interference (EMI).

Which of the following answers refers to a specialized tool used for evening out wire ends? Cable crimper Needle-nose pliers Wire stripper Snips

Snips

Which of the following features are common functions of an all-in-one security appliance? (Select two.)

Spam filtering Bandwidth shaping

Match each Interoperability Agreement document on the left with the appropriate description on the right. Each document may be used once, more than once, or not at all.

Specifies exactly which services will be performed by each party SLA Creates an agreement with a vendor to provide services on an ongoing basis BPO Provides a summary of which party is responsible for performing specific tasks MOU Documents how the networks will be connected ISA Defines how disputes will be managed SLA Specifies a preset discounted pricing structure BPO

You are configuring the DHCP Relay Agent role service on a Windows server. Which of the following is a required step for the configuration?

Specify which server network interface the agent listens on for DHCP messages.

An email sent from unknown source disguised as a source known to the message receiver is an example of: (Select all that apply) Spoofing Bluesnarfing Shoulder surfing Bluejacking Social engineering

Spoofing Social engineering

You are the network administrator for a small company that implements NAT to access the Internet. However, you recently acquired 5 servers that must be accessible from outside your network. Your ISP has provided you with 5 additional registered IP addresses to support these new servers but you don't want the public to access these servers directly. You want to place these servers behind your firewall on the inside network yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these 5 servers?

Static

You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal Web site. What should you use to allow access?

Static NAT

Which type of virus intercepts system requests and alters service outputs to conceal its presence?

Stealth

1.544 Mbps

T1 lines support data transfer rates of up to:

Cable Diameter

The measurement of a cable end

Your LDAP directory service solution uses simple authentication. What should you always do when using simple authentication?

Use SSL

Which of the following answers refer to the RJ-45 connector? Used with telephone cabling Coaxial cabling connector Used with Ethernet network cabling Copper cabling connector Fiber-optic cabling connector

Used with Ethernet network cabling Copper cabling connector

What are the characteristic features of the RJ-11 connector? (Select 2 answers) Used with telephone cabling Copper cabling connector Used with Ethernet network cabling Fiber-optic cabling connector Coaxial cabling connector

Used with telephone cabling Copper cabling connector

Signal latency Interference (weather dependent) Low connection speed

What are the characteristic features of satellite Internet connections? (Select all that apply)

Which of the following are not reasons to remote wipe a mobile device?

When the devices is inactive for a period of time

ATM

Which of the answers listed below refer to examples of packet-switching communication methods?

34.368 Mbps

Which of the answers listed below refers to the maximum data transfer rate of an E3 connection?

F-Connector

a coaxial RF connector commonly used for Satellite

You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?

circuit level

For users on your network, you want to automatically lock their user accounts if four incorrect passwords are used within 10 minutes. What should you do?

configure account lockout policies in group policy

After configuring the server to distribute ip addresses and DHCP server, what do you need to do next

configure client s to obtain IP addressing from the DHCP server

You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the following would be a required part of your configuration?

configure the remote access servers as RADIUS clients

RJ-48C

connector type used for terminating a T-1 line

DB-25

connector types would be used for terminating a T-1 line

crossover cable

connects two devices of the same type. Uses T568A/T568B. One on each side.

A user reports that she can't connect to a server on your network. You check the problem and find out that all users are having the same problem. what should you do next?

determine what has changed.

LAN

local area network; interconnects within a building

Maximum hop count Time to live (TTL)

mechanisms which can be used to prevent routing loops

You are configuring the local security policy of a Windows 7 system. You want to require users to create passwords that are at least 10 characters long. You also want to prevent logon after three unsuccessful logon attemps. Which policies should you configure? (Select two.)

minimum password length; account lockout threshold

You administer a NetBIOS-based network that uses the TCP/IP protocol. You are trying to troubleshoot a computer that is unable to contact a server by its NetBIOS name. Which command can you use to check the connection?

nbtstat

Examine the following output: Active Connections Proto Local Address Foreign Address State TCP SERVER1:1036 localhost:4832 TIME_WAIT TCP SERVER1:4798 localhost:1032 TIME_WAIT TCP SERVER1:1258 pool-141-150-16-231.mad.east.ttr:24076 CLOSE_WAIT TCP SERVER1:2150 cpe-66-67-225-118.roc.res.rr.com:14100 ESTABLISHED TCP SERVER1:268 C872c-032.cpe.net.cale.rers.com:46360 ESTABLISHED TCP SERVER1:2995 ip68-97-96-186.ok.ok.cox.net:23135 ESTABLISHED Which of the following utilities produced this output?

netstat The output shown is produced by the netstat command. netstat reports the TCP/IP ports open on the local system, as well as identifying the protocol and remote host connected to that port. This information can be very useful when looking for security weaknesses, as a TCP/IP port that is open to traffic unnecessarily represents a security risk.

Your computer is sharing information with a remote computer using the TCP/IP protocol. Suddenly, the connection stops working and appears to hang. Which command can you use to check the connection?

netstat Use the netstat command to check the status of a TCP connection.

Active connections Proto Local Address Foreign Address State TCP SERVER1:1036 localhost: 4832 TIME WAIT TCP SERVER1:4798 localhost:1032 TIME WAIT

netstat reports the TCP/IP ports open on the local system, as well identifying the protocol and remote host connected to that port. This information can be very useful when looking for security weaknesses, as TCP/IP port that is open to traffic unnecessarily represents a security risk.

Which TCP/IP utility gives you the following output? Active Connections Proto Local Address Foreign Address State TCP me:epmap me:0 LISTENING TCP me:1025 me:0 LISTENING UDP me:emap *:* UDP me:netbios-ns *:*

netstat -a netstat -a shows you the status of all connections and listening ports.

Which TCP/IP utility gives you the following output?

netstat -r

Which TCP/IP utility gives you the following output? Route Table ========================================== Interface List 0x1 . . . . . . . . . . . . . . MS TCP Loopback interface 0x2 . . .00 10 4b . . . 3 Com 3C90x Ethernet Adapter ========================================== ========================================== Active Routes:

netstat -r netstat -r shows you the computer's route table.

Which command displays network activity statistics for TCP, UDP, and IP?

netstat -s Netstat -s displays network activity statistics for TCP, UDP, and IP.

what shows you the status of all connections and listening ports.

netstat-a

Which command displays network activity statistics for TCP, USP, and IP?

netstat-s

VRRP HSRP

networking protocols which provide redundancy

what tcp/ip utility gives you the following output?

ping

Which of the following utilities would you use to view the routing table?

route Use the route command to display the contents of the routing table or to add or remove static routes. traceroute or tracert uses ICMP packets to test connectivity between devices, and shows the path between the two devices. Responses from each hop on the route are measured three times to provide an accurate representation of how long the packet takes to reach, and be returned by that host. The mtr command on Linux is a combination of the ping and traceroute commands.

partial mesh topology

selected sites are interconnected via direct links while sites with less frequent communication can communicate via another site; benefits: provides optimal routes for sites with higher intersite traffic volumes, more redundant than a hub-and-spoke topology; drawbacks: less fault tolerant than a full mesh topology, more expensive than a hub-and-spoke topology

WAN

wide area network; interconnects 2 geographically dispersed locations; ex) a corporate headquarters and a remote office site

Which 802.11 standard will work best in this situation?

802.11n

You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 150 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standard will work best in this situation?

802.11n

Which wireless standard has the highest data transfer rates?

802.11n 802.11n has the highest data transfer rates, up to (theoretically) 600 Mbps. 802.11a and g have speeds up to 54 Mbps or 108 Mbps when using channel bonding. 802.11b has speeds up to 11 Mbps.

You are designing a wireless network for a client. You client needs the network to support a data rate of at least 150 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 Ghz. Which 802.11 standard will work best in the situation?

802.11n 802.11n is the best choice for this client. 802.11b and 802.11g both operate in the 2.4 Ghx to 2.4835 Ghz range, which will cause interference with the client's wireless phone system. 802.11a operates in the 5.725 Ghz to 5.850 Ghz frequency range, which won't interfere with the phone system. However, the maximum speed is limited to 54 Mbps.

An attempt to flood the bandwidth or resources of a targeted system so that it becomes overwhelmed with false requests and in result doesn't have time or resources to handle legitimate requests is called: Bluejacking MITM attack Session hijacking Bluesnarfing DoS attack

DoS attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.

Which of the following authentication protocols are you most likely to recommend to the client?

EAP

Which remote access authentication protocol allows for the use of smart cards for authentication?

EAP

Which remote access authentication protocol allows for the use of smart cards for authentication?

EAP

POTS T-carrier E-carrier

Examples of circuit-switching communication methods.

RG-59 RG-6

Examples of coaxial cabling types.

ST SC LC MT-RJ FC

Examples of fiber-optic connectors

Frame relay ATM

Examples of packet-switching communication methods.

The 66 block (older type/used in telephony) The 110 block (newer type/used in networking)

Examples of punch-down blocks.

IP/SIP ISDN

Examples of technologies used for implementing VTC solutions

The Data Link Layer of the OSI model is comprised of two sublayers. What are they? (Select two.) LLC DLC LAT MAC SAN

Explanation The Data Link layer is split into the following sublayers: • Logical Link Control (LLC) Sublayer Provides the operating system link to the device driver. • Media Access Control (MAC) Sublayer Translates generic network requests into device specific terms.

A Wireless Local Area Network (WLAN) operating in an infrastructure mode with the use of more than one Access Point (AP) is referred to as: Service Set Identifier (SSID) Extended Service Set (ESS) ( Your answer) Basic Service Set (BSS) Independent Basic Service Set (IBSS)

Extended Service Set (ESS)

An SSL VPN connection typically requires a dedicated VPN client application. t/f

False

Dynamic Network Address Translation (DNAT) provides a permanent mapping between a private IP address and a public IP address on a one-to-one basis.

False

Logical bus over physical star is an example of hybrid network topology. True False

False

True or False The RS-232 standard defines an interface for parallel data transmission method.

False

True or False An SSL VPN connection typically requires a dedicated VPN client application.

False

Consider the 850 nm multimode fiber optic cable shown below. How much loss can you expect between the transmitter and the receiver? ----------------------- Connectors ----------------------- Transmiter <------ 200 meters ------> Receiver

-1.2 dB When calculating a loss budget for a segment of fiber optic cable, use the following guidelines: • Connectors = 0.3 dB loss each • Splices = 0.3 dB loss each • Multimode cabling = 3 dB loss per 1000 meters (850 nm) or 1 dB loss per 1000 meters (1300 nm) • Single mode cabling = 0.5 dB loss per 1000 meters (1310 nm) or 0.4 dB loss per 1000 meters (1550 nm) In this scenario, there are two connectors (0.3 dB loss each) and 200 meters of 850 nm multimode cable (.2 * 3 dB) for a total expected loss of 1.2 dB. Note that dirty or poorly polished connectors can dramatically increase the amount of loss in the cable.

You provide Internet access for a local school. You want to control Internet access based on users, and prevent access to specific URLs. Which type of firewall should be install? -Circuit-level -Application level -IPS -Packet filtering

-Application level

You have been getting a lot of phishing e-mails from the domain kenyan.msn.pl. Links within these e-mails open new browser windows at youneedit.com.pl. You want to make sure that these e-mails never reach your inbox, but that e-mail from other senders are not affected. What should you do? -Add kenyan.msn.pl to the email blacklist -add pl to the email blacklist. -add youneedit.com.pl to the email blacklist. -add msn.pl to the e-mail blacklist.

-Add kenyan.msn.pl to the e-mail blacklist

Which of the following describes how access lists can be used to improve network security? -An access list filters based on the frame header such as source or destination MAC -AN access list identifies traffic that must use authentication or encryption -An access list looks for patterns of traffic between multiple packets and take action to stop detected attacks. -An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.

-An access list filters traffic based on the IP header or destination IP address, protocol, or socket numbers

You are concerned about protection your network from a network-based attack from the Internet. Specifically, you are concerned about attacks that have not yet been identified or do not have prescribed protections. What type of device should you use? -Anti-virus scanner -Signature based IDS -Network based firewall -Anomaly based IDS -Host based firewall

-Anomaly based IDS

What is the most common form of hosted based IDS that employs signature or pattern matching detection methods? -Anti-virus software -Motion detectors -Honey pots -Firewalls

-Anti-virus software

Network based intrusion dectection is most suited to detect and prevent which types of attacks? -Buffer overflow exploitation of software -Application implementation flaw -Bandwidth-based denial of service -Brute force password attack

-Bandwidth-based denial of service

Which of the following function are performed by proxies?(Select two) -Give users tthe ability to participate in real-based Internet discussions -Cache web pages -Block unwanted packets from entering your private network -Store client files -Filter unwanted e-mail -Block employees from accessing certain web sites

-Cache web pages -Block employees from accessing certain web sites

You have just installed a packet filtering firewall on your network. What options will you be able to set on your firewall? Select all that apply. -Digital signature -Destination address of a packet -Checksum -Sequence number -Port number -Acknowledgement number -Source address of a packet

-Destination address of a packet -Port number -Source address of a packet

As a security precaution, you have implement IPsec is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement? -Protocol analyzer -VPN concentrator -Network-based IDS -Host-based IDS -Port scanner

-Host-based IDS

What security mechanism can be used to detect attacks originating on the Internet or from within an internal trusted subnet? -Security alarm -IDS -Biometric system -Firewall

-IDS

Which of the following are security devices that perform statful inspection of packet data, looking for patterns that indicate malicious code?(choose two) -VPN -Firewall -ACL -IDS -IPS

-IDS -IPS

You have a router that is configured as a firewall. The router is a layer 3 devices only. Which of the following does the router use for identify allowed or denied packets? -Session ID -MAC address -Username and password -IP address

-IP address

Computer policies include a special category called user rights. Whcih action do they allow an administrator to perform? -Identify users who can perform maintenance task on computers in an OU -Specify the registry for users on specified computers in an OU -Designate a basic set of rights for all users in an OU

-Identify users who can perform maintenance tasks on computer in an OU

Would like to control Internet access based on users, time of day, and web sites visited. How can you do this? -Configure the local security policy of each system to add internet restrictions. -Configure Internet zones using the Internet Options -Install a proxy server. Allow Internet access only through the proxy server. -Configure a packet-filtering firewall. Add rules to allow or deny Internet access. -Enable Windows Firewall on each system. Add or remove exception to control access.

-Install a proxy server. Allow Internet access only through the proxy server.

An active IDS system often performs which of the following actions? (Select two) -Request a second logon test for users performing abnormal activities. -Perform revers lookups to identify an intruder. -Trap and delay the intruder until the authorities arrive. -Update filters to block suspect traffic

-Perform reverse lookup to identify an intruder -Update filters to block suspect traffic

Which of the following is most important thing to do to prevent console access to the router? -Implement an access list to prevent console connections. -Keep the router in a locked room -Set console and enable secret passwords. -Disconnect the console cable when not in use

-Keep the router in a locked room

Which of the following attacks, if successful, causes a switch to function like a hub? -Replay -ARP poisoning -MAC spoofing -Mac flooding

-Mac flooding

Which of the following are true of a circuit proxy filter firewall?(Choose two) -Operates at the session layer -Operates at ring 0 at the operating system -Verifies sequencing of session packets. -Examines the entire message contents.. -Operates at the network and transport layers -Operates at the application layer

-Operates at the session layer -Verifies sequencing of session packets

You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that vistors cannot plug in their computers to the free network jacks and connect to the network. However, employees who plug into those same jacks should be able to coneect to the network. What feature should you configure? -Bonding -Spanning tree -Port authentication -Mirroring -VLANs

-Port authentication

You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device Which tool should you use? -Protocol analyzer -TDR -Multimeter -Toner probe -Certifier

-Protocol analyzer

You connect your computer to a wireless network available at the local library. You find that you can access all web sites you want on the internet except for two. What could be the reason? -Router has not been configured to perform port forwarding -A firewall is blocking ports 80 and 443 -A proxy server is blocing access to the web sites -Port triggering is redirecting traffic to the wrong IP address

-Proxy server is blocking access to the web sites

You have used firewalls to create a demilitarized zone. You have a web server that needs to be accessible to Internet users. The Web server must communicate with database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the severs?(SELECT TWO)

-Put the web server inside the DMZ -Put the database server on the private network

You are implementing security at a local high school that is concerned with students accessing inappropriate material on the Internet form the library's computers. The students will use the computes to search the Internet for research paper content. The school budget is limited. Which content filtering option would you choose? -Restrict content based on content categories -Block specific DNS domain names -Block all content except for contect you have identified as permitted -Allow all content except for the content you have identified as restricted.

-Restrict content based on content categories

Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities listed in a database? -Signature based -Heuristic based -Anomaly analysis based -Stateful inspection based

-Signature based

You manage a network that uses multiple switches. You want to provide mulitple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support? -PoE -Mirroring -OSPF -Spanning tree -Trunking

-Spanning tree

You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches? -PoE -Trunking -802.1x -Spanning tree

-Spanning tree

Which of the following are characteristics of a packet filtering firewall?(Select two) -Stateful -Filters based on sessions -Stateless -Filters based on URL -Filters IP address and port

-Stateless -Filters IP address and port

Which of the following describes how a router can be used to implement security on your network? -Use a lookup table to deny access to traffic from specific MAC address -Use an access control list to deny traffic from specific IP addresses. -Examine the packet payload to deny packets with malformed data. -Use an access control list to deny traffic sent from specific users

-Use an access control list to deny traffic from specific IP addresses

You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users. Which solution should you use? -Use single firewall. Put the Web server in front of the firewall, and the private network behind the firewall. -Use firewall to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ -Use firewall to create a DMZ. Place the Web server and the private network inside the DMZ -Use a single firewall. Put the Web server and the private network behind the firewall

-Use firewall to create a DMZ. Place the web server inside the DMZ, and the private network behind the DMZ.

You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow vistors to plug into these ports to gain Internet access, but they should not have access to any other devices on your private network. Employees, connected throughout the rest of your building should have private and Internet access. Which feature should you implement? -NAT -port authentication -VLANs -DMZ

-VLANs

You have a group of salesman who would like to access your private network through the Internet while they are traveling. you want to control access private network through a single server. Which solution should you implement? -IDN -VPN concentrator -RADIUS -IPS -DMZ

-VPN concentrator

Which of the following activities are considered passive in regards to the functioning of an intrusion detection system?(choose two) -Disconnecting a port being used by a zombie -Listening to network traffic -Transmitting FIN or RES packets to an external host -Monitoring the audit trails on a server

-listening to network traffic -Monitoring the audit trails on a server

What is the binary format for the following decimal IP address? 131.9.202.111 10000001.00001010.11000011.01010111 10000110.00001011.11000101.10101110 10000111.00001101.11001110.01011101 10000011.00001001.11001010.01101111

10000011.00001001.11001010.01101111 Explanation 10000011.00001001.11001010.01101111 is the binary format of the address. To convert binary to decimal, remember the following numbers: 128, 64, 32, 16, 8, 4, 2, 1 Each number represents the decimal value for a binary 1 in the corresponding position. For example, 10000000 is equal to 128, and 00010000 is equal to 16.To find the binary form of a decimal number, try to subtract each decimal value from the value in the octet. For example, for 131, you can subtract 128 leaving a remainder of 3. You can then subtract 2 and then 1. For each number you can subtract, write a 1 in the binary position of the address.

You have been tasked with designing a highspeed Ethernet network. Your client's building already has 150ohm shielded twisted pair (STP) wiring installed. Due to budget constraints, they have asked you to reuse the existing wiring instead of installing new fiberoptic cabling. Which Ethernet standard could you implement in this situation? 1000BaseZX 10BaseFL 1000BaseLX 1000BaseCX 1000BaseT 1000BaseSX

1000BaseCX Explanation The 1000BaseCX standard specifies 150ohm STP cabling. The maximum cable length is 25 meters. The 10BaseFL, 1000BaseSX, 1000BaseLX, and 1000BaseZX standards employ fiberoptic cabling. 1000BaseT uses Category 5 UTP instead of STP cabling.

Which Gigabit Ethernet standard can support long network segments up to a maximum of 5 km when used with fiberoptic cable? 1000BaseSX 1000BaseLX 1000BaseT 1000BaseCX

1000BaseLX Explanation 1000BaseLX supports segment lengths of up to 5 km when used with fiber-optic cable. This maximum segment length is cut to 550 m when fiber-optic cable is used and it operates in half-duplex. 1000BaseSX supports segment lengths of only 550 meters. 1000BaseCX uses copper wire and supports segment lengths of only 25 meters. 1000BaseT uses twisted pair cables.

You want to implement an Ethernet network at very long distances using fiber optic cables. Which standard and cable type would you choose? (Select two.) 1000BaseLX Single mode fiber 1000BaseCX Mutimode fiber 1000BaseSX

1000BaseLX Single mode fiber Explanation Of the standards listed in this question, 1000BaseLX provides the greatest cable length (think of the "L" in 1000BaseLX as "long"). When using long distances for fiber optic, use single mode fiber. Multimode fiber is cheaper but has a shorter maximum distance than single mode fiber. 1000BaseSX is for short fiber optic, and 1000BaseCX uses short copper within a wiring closet.

You want to implement an Ethernet network at very long distances using fiber optic cables. Which standard and cable type would you choose? (Select two.)

1000BaseLX Single mode fiber

You have been tasked with designing an Ethernet network. Your client needs to implement a very highspeed network backbone between campus buildings; some of which are around 300 m apart. Fiberoptic cabling has already been installed between buildings. Your client has asked that you use the existing cabling that operates in fullduplex. Which Ethernet standard meets these guidelines? (Choose two.) 1000BaseSX 1000BaseT 10GBaseSR 10BaseFL 1000BaseCX

1000BaseSX 10GBaseSR Explanation 10GBaseSR and 1000BaseSX can operate within these parameters. Both will support segment lengths 300 meters long and operate using full-duplex. 10BaseFL isn't a good choice because its data transmission rate is relatively slow. 1000BaseCX and 1000BaseT both use copper wiring.

Which Gigabit Ethernet standard uses fiberoptic cabling and supports network segments up to a maximum of 550 meters long? 1000BaseT 1000BaseZX 1000BaseCX 1000BaseSX

1000BaseSX Explanation The 1000BaseSX standard uses fiberoptic cable with a maximum segment length of 550 meters. However, to implement segments this long, you must use 50 micron, 500MHz/km fiber optic cable. Other types of cable will shorten the maximum segment length. 1000BaseFX also supports lengths up to 550 meters. 1000BaseFX supports distances up to 10 kilometers. 1000BaseZX has a maximum segment length of up to 100 km. 1000BaseCX and 1000BaseT use copper cabling instead of fiberoptic.

Which of the following use the CSMA/CD access method? Select all that apply. Token Ring 1000BaseT 10BaseT FDDI

1000BaseT 10BaseT Explanation CSMA/CD stands for Carrier Sense Multiple Access / Collision Detection. It defines the steps network devices take when two devices attempt to use a data channel simultaneously. Ethernet networks use CSMA/CD, including 10BaseT, 10Base2 and 1000BaseT.

Which of the following Ethernet standards uses fiber optic cabling? (Select two.) 1000BaseCX 100BaseT4 100BaseFX 100BaseTX 1000BaseLX

100BaseFX 1000BaseLX Explanation 100BaseFX and 1000BaseLX are Ethernet standards that use fiberoptic. Following the Ethernet naming conventions: • F designates fiberoptic cables. Ethernet standards with the F designation are 10BaseFL and 100BaseFX. • L designates "long" distances and requires fiberoptic to support the distance. Ethernet standards with the L designation are 10BaseFL, 1000BaseLX, and 10GBaseLR. • S designates "short" distances that use fiberoptic cables. Ethernet standards with the S designation are 1000BaseSX and 10GBaseSR. • T designates twisted pair cables. Ethernet standards with the T designation are 10BaseT, 100BaseTX, 100BaseT4, and 1000BaseT. • C designates copper cables. The 1000BaseCX standard is for fast Ethernet at short distances within wiring closets.

Which of the following IP addresses have a default subnet mask of 255.255.0.0? (Select all that apply.) 129.0.0.1 123.254.19.6 1.6.45.254 168.16.5.1 191.168.2.15 228.62.18.6

129.0.0.1 168.16.5.1 191.168.2.15 Explanation IP addresses are divided into classes. The most common of these are classes A, B, and C. Each address class has a different default subnet mask. To identify the class of an IP address, look at its first octet. • Class A networks use a default subnet mask of 255.0.0.0 and have 0-126 as their first octet. • Class B networks use a default subnet mask of 255.255.0.0 and have 128-191 as their first octet. • Class C networks use a default subnet mask of 255.255.255.0 and have 192-223 as their first octet. In this question, the IP addresses that fall in the Class B IP address range are 191.168.2.15, 129.0.0.1, and 168.16.5.1.

Which of the following are valid IPv6 addresses? Select all that apply.

141:0:0:0:15:0:0:1 6384:1319:7700:7631:446A:5511:8940:2552

Which of the following are valid IPv6 IP addresses? Select all that apply. 343F:1EEE:ACDD:2034:1FF3:5012 165.15.78.53.100.1 127.0.0.1 141:0:0:0:15:0:0:1 192.168.2.15 6384:1319:7700:7631:446A:5511:8940:2552

141:0:0:0:15:0:0:1 6384:1319:7700:7631:446A:5511:8940:2552 Explanation An IPv6 IP address is a 128-bit address listed as eight 16-bit hexadecimal sections. Leading zeros can be omitted in each section. Therefore, 6384:1319:7700:7631:446A:5511:8940:2552 and 141:0:0:0:15:0:0:1 are both valid IPv6 IP addresses. A single set of all zero sections can be abbreviated with two colons (::). Therefore, 141::15:0:0:1 would also be a valid address.

Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server? 192.168.0.1 192.168.255.254 172.16.0.1 172.31.255.254 10.0.0.1 10.255.255.254 169.254.0.1 169.254.255.254

169.254.0.1 169.254.255.254 Explanation 169.254.0.1 169.254.255.254 is the range of IP addresses assigned to Windows DHCP clients if a DHCP server does not assign the client an IP address. This range is known as the Automatic Private IP Addressing (APIPA) range. The other three ranges listed in this question are defined as the private IP addresses from RFC 1918 which are commonly used behind a NAT server.

You have a computer that is connected to the Internet through a NAT router. You want to use a private addressing scheme for your computer. Which of the following IP addresses could you assign to the computer? (Select all that apply.) 172.18.188.67 192.168.12.253 10.0.12.15 32.188.99.10 224.15.166.12 240.12.188.1 127.0.0.1

172.18.188.67 192.168.12.253 10.0.12.15 Explanation Of the addresses listed here, the following are in the private IP address ranges: • 10.0.12.15 (private range = 10.0.0.0 to 10.255.255.255) • 172.18.188.67 (private range = 172.16.0.0 to 172.31.255.255) • 192.168.12.253 (private range = 192.168.0.0 to 192.168.255.255)

Your network has been assigned the Class B network address of 179.113.0.0. Which three of the following addresses can be assigned to hosts on your network? 179.113.89.0 179.113.0.0 180.113.0.67 179.114.88.0 179.113.0.118 179.112.95.64 179.113.65.12

179.113.89.0 179.113.0.118 179.113.65.12 Explanation All hosts on this network must share the first two octets of the IP address (179.113). You cannot assign 179.113.0.0 to a host because this address indicates the address of the network.

You are planning a network for an educational campus. Due to the size of the buildings and the distance between them, you have elected to use 10BaseFL hubs, cabling, and network interface cards. What is the maximum length for the network cable between a workstation and a hub? 550 meters 1000 meters 220 meters 100 meters 412 meters 2000 meters

2000 meters Explanation The maximum length for a 10BaseFL network segment is 2000 meters (2 km). Because a 10baseFL network uses a physical star topology, a segment is defined as one of the arms of the star, (between the hub and a host). That means the fiberoptic cable between the hub and a workstation can be up to 2000 meters long. 100BaseFX supports up to 412 meters. 1000BaseSX and 1000BaseLX support up to 550 meters. 100 meters is the maximum twisted pair cable length.

You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the main floor. You need to connect the two wiring closets. Which of the following are typically used to connect the two wiring closets? (Select two.) Demarc extension 25 pair Horizontal cross connect Smart jack Vertical cross connect

25 pair Horizontal cross connect Explanation A horizontal cross connect connects wiring closets on the same floor. 25 pair or 100 pair wiring punched down into 66 or 110 blocks are often used to connect the wiring closets together. A vertical cross connect connects the IDF to the MDF on a different floor. The demarcation point (demarc) is the line that marks the boundary between the telco equipment and the private network or telephone system. A demarc extension extends the demarcation point from its original location to another location within the building. A smart jack is a special loopback plug installed at the demarcation point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc.

Which of the following specifications identiy security that can be added to wireless networks? 802.11a 802.3 802.11i 802.5 802.1x

802.11i 802.1x

You are designing an update to your client's wireless network. The existing wireless network uses 802.11b equipment, which you client complains runs too slowly. She wants to upgrade the network to run at 150 Mbps. Due to budget constraints, your client wants to upgrade only the wireless access points in the network this year. Next year, she will upgrade the wireless network boards in her users' workstations. She has also indicated that the system must continue to function during the transition period. Which 802.11 standard will work best in this situation?

802.11n 802.11n is the best choice for this client. Both 802.11a and 802.11g each operate at a maximum speed of 54 Mbps. 802.11a isn't compatible with 802.11b network boards. 802.11g access points, on the other hand, are backwards-compatible with 802.11b equipment and run at speeds of up to 300 Mbps. Using this type of access point allow the wireless network to continue to function during the transition.

You have been contacted by OsCorp to recommend a wireless Internet solution. The wireless strategy must support a transmission range of 150 feet, use a frequency range of 2.4 GHz, and provide the highest possible transmission speeds. Which of the following wireless solutions would you recommend?

802.11n Of the technologies listed, only the IEEE 802.11n wireless standard addresses the desired requirements. The 802.11a wireless standard offers maximum speeds of 54 Mbps and uses the 5 Ghz frequency range. The 802.11g wireless standard offers maximum speeds of 54 Mbps. 802.11b uses the 2.4 GHz frequency range but supports only 11 Mbps transfer speeds.

You are installing networking wiring for a new Ethernet network at your company's main office building. The project specifications call for Category 5 UTP network cabling and RJ-45 wall jacks. Near the end of the project, you run out of wire before the last few runs are complete. You have a spool of Category 3 network cable in storage. Upon investigation, it appears very similar to Category 5 wiring. Should you substitute Category 3 cabling for Category 5 cabling to finish the project? A No, Category 5 cabling has more twists per inch than Category 3 cabling to reduce cross—talk and support higher data rates. B No, Category 3 cabling doesn't support RJ-45 connectors. C No, Category 5 cabling uses a thicker copper wire than Category 3 cable; enabling higher data transmission rates. D No, the sheath surrounding Category 5 cable is much thicker; creating an extra layer of shielding to reduce cross—talk and support higher data rates. E Yes, you can substitute Category 5 wiring with Category 3 wiring, as they are electrically identical

A No, Category 5 cabling has more twists per inch than Category 3 cabling to reduce cross—talk and support higher data rates.

Which pins in an RJ-45 connector are used to transmit data when used on a 100BaseT Ethernet network? (Choose two.) A Pin 1 B Pin 2 C Pin 3 D Pin 4 E Pin 5 F Pin 6 G Pin 7 H Pin 8

A Pin 1 B Pin 2

You have a small home network connected to the Internet using an RG-6 cable. You need to move the router connecting the network to the Internet, but can't find any RG-6 cable. Which cable types could you use instead? A RG-59 B RG-8 C RG-8, RG-58, or RG—59 D RG-58 or RG-59 E RG-58 F RG-8 or RG-58

A RG-59

F—type connectors are typically used with cables using which of the following standards? (Select two.) A RG-59 B RG-6 C RG-58 D cat 5 E Cat 5e F Cat 6e

A RG-59 B RG-6

Which of the following cable classifications are typically used for cable and satellite networking with coaxial cables? (Select two.) A RG-6 B RG-8 C RG-58 D RG-59

A RG-6 D RG-59

Which of the following is true about single mode fiber optic network cabling? A The central core is smaller than that of multimode fiber optic cabling. B It transmits multiple rays of light concurrently. C It doesn't support segment lengths as long as that supported by multimode fiber optic cabling. D It's less expensive than multimode fiber optic cabling. E The central core is composed of braided plastic or glass fibers.

A The central core is smaller than that of multimode fiber optic cabling.

Which of the following are characteristics of an LC fiber optic connector? (Choose two.) A They use a housing and latch system similar to an RJ-45 UTP connector. B They are threaded. C They use a one—piece bayonet connecting system. D They are half the size of standard connectors. E They can be used with either fiber optic or copper cabling. F They use a stainless steel housing.

A They use a housing and latch system similar to an RJ-45 UTP connector. D They are half the size of standard connectors.

Which of the following are characteristics of an MT-RJ fiber optic connector? (Select two.) A They use metal guide pins to ensure accurate alignment. B They use a keyed bayonet. C They use a nickel-plated housing. D They can be used with multimode fiber optic cables. E They must never be used with single-mode fiber-optic cables. F They are used with multifiber fiber optic ribbon cables.

A They use metal guide pins to ensure accurate alignment. D They can be used with multimode fiber optic cables.

Coupler

A device used for the purpose of extending the length of various types of network cable runs.

In virtualization, what is the role of the hypervisor? A hypervisor is a software implementation of a computer that executes programs like a physical machine. A hypervisor allows virtual machines to interact with the hardware without going through the host operating system. A hypervisor has the actual hardware in place on the machine, such as the hard disk drive(s), optical drive, RAM, and motherboard. A hypervisor is created within the host operating system and simulates a hard disk for the virtual machine.

A hypervisor allows virtual machines to interact with the hardware without going through the host operating system. Explanation A hypervisor is a thin layer of software that resides between the virtual operating system(s) and the hardware. A hypervisor allows virtual machines to interact with the hardware without going through the host operating system. A hypervisor manages access to system resources such as: • CPU • Storage • RAM A physical machine (also known as the host operating system) has the actual hardware in place on the machine, such as the hard disk drive(s), optical drive, RAM, motherboard, etc. A virtual machine is a software implementation of a computer that executes programs like a physical machine. The virtual machine(s) appear to be a self-contained and autonomous system(s). A virtual hard disk (VHD) is a file that is created within the host operating system and that simulates a hard disk for the virtual machine.

DMZ

A lightly protected subnet placed on the outside of the company's firewall consisting of publicly available servers

Which of the ff. describes a configuration baseline?

A list of common security settings that a group or all devices share

Load Balancer

A network device designed for managing the optimal distribution of workloads across multiple computing resources is called:

CSMA

A network protocol providing means for controlling access to a transmission medium

HIDS

A security solution implemented on an individual computer monitoring that specific system for malicious activities or policy violations is referred to as:

...within your server room are failing at a rapid pace. You discover that the humidity room is at 60% and the temperature is at 80 degrees. What should do to help reduce problems?

A separate SC unit in the server room

Routing table

A set of rules stored on a Layer 3 switch or a networked host that allows to determine the topology of the surrounding network

OCX

A set of signal rate multiples for transmitting digital signals on optical fiber. This is included in SONET

collision

A situation in which two or more demands are made simultaneously on equipment that can handle only one at any given moment

Hypervisor

A software application used to manage multiple guest operating systems on a single host system

Agent

A software module on a managed device that sends SNMP notifications to the managing station

Web service

A software solution designed to enable interaction between two devices over a network is generally referred to as:

RS-232 standard

A standard for serial communication transmission of data. It formally defines the signals connecting between a DTE (data terminal equipment) such as a computer terminal, and a DCE (data circuit-terminating equipment or data communication equipment), such as a modem.

Cable Certifier

A tool used to verify that a cable meets its specifications such as the bandwidth and frequency

PAN

A type of limited-range computer network used for data transmission among various types of personal devices centered around a single workstation

WLAN

A type of network consisting of computers and peripheral devices that use high-frequency radio waves to communicate with each other

Multicast

A type of network traffic intended for a particular group of hosts

Unicast

A type of network traffic intended for a single host identified by a unique IP address

Syslog server

A type of server used for collecting system messages from networked devices

You manage the two-location network shown in the exhibit. Workstations and servers at each location connect to a patch panel using behind-the-wall wiring. The patch panel then connects network hosts to one of three 1000BASE-T switches. Routers are implemented at each location to connect the two networks together using a private WAN. The switch ports have auto-MDIX disabled. Drag the cable type on the left to the most appropriate network location on the right. Each cable type can be used more than once. Laptop ---cable A---> Switch ---cable B---> Patch Panel ---cable C--> Server ---cable D for 2 kms?---> Server ---cable B---> Patch Panel ---cable C--> Switch ---cable A---> PC

A. Drop cables Cat 6 straight-through UTP B. Patch cables Cat 6 straight-through UTP C. Uplink cables Cat 6 crossover UTP D. WAN cable Single-mode fiber optic

Which of the following is a valid MAC address? 95ABC2F4.ABC5.569D.43BF AB.07.CF.62.16.BD FABC.875E.9BG6 145.65.254.10

AB.07.CF.62.16.BD Explanation MAC addresses are comprised of 12 hexadecimal digits (ranging from 09 and AF). They are typically represented as a three sets of four hexadecimal digits or six sets of two hexadecimal digits separated with periods. Regardless of the grouping and separator values, look for 12 hex digits for a valid MAC address.

An infrastructure device designed for connecting wireless/wired client devices to a network is commonly referred to as: Demarc Access Point (AP) Intermediate Distribution Frame (IDF) Active hub

Access Point

True

APIPA-assigned addresses are valid only for communications within a network segment that a given host is connected to (a host with APIPA-assigned address cannot connect to the Internet).

A host wants to send a message to another host with the IP address 115.99.80.157. IP does not know the hardware address of the destination device. Which protocol can be used to discover the MAC address? DNS IGMP BOOTP DHCP ARP ICMP

ARP Explanation Hosts use the Address Resolution Protocol (ARP) to discover the hardware address of a host.

Which exploit seeks to maliciously re-associate the IP address of a legitimate network host with the MAC address of the attacker's computer.

ARP Poisoning

Which exploit seeks to maliciously re-associate the IP address of a legitimate network host with the MAC address of the attacker's computer.

ARP Poisoning ARP spoofing (also known as ARP poisoning) uses spoofed ARP messages to associate a different MAC address with an IP address. ARP spoofing can be used to perform a man-in-the-middle attack.

Which of the following exploits takes advantage of the spoofed MAC address? Bluejacking DNS poisoning MAC filtering ARP poisoning

ARP poisoning Is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network. This results in the linking of an attacker's MAC address with the IP address of a legitimate computer or server on the network.

In the AAA security architecture, the process of tracking accessed services as well as the amount of consumed resources is called:

Accounting

In the AAA security architecture, the process of tracking accessed services as well as the amount of consumed resources is called: Authentication Authorization Accounting

Accounting

A wireless networking topology in which client devices communicate directly with each other without the use of a controlling Access Point (AP) is known as: (Select 3 answers) Service Set Identifier (SSID) Ad hoc mode Independent Basic Service Set (IBSS) Peer-to-peer mode Infrastructure mode

Ad hoc mode Independent Basic Service Set (IBSS) Peer-to-peer mode

You have a shared folder named Reports. Members of the Managers group have been given Write access to the shared folder. Mark Mangum is a member of the Managers group. He needs access to the files in the Reports folder, but should not have any access to the Confidential.xls file. What should you do?

Add Mark Mangum to the ACL for the Confidential.xls file with Deny permissions.

Your Cisco router has three network interfaces configured: • S0/1/0 is a WAN interface that is connected to an ISP. • F0/0 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24. • F0/1 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24. You have configured an access control list on this router using the following rules: • deny ip 192.168.1.0 0.0.0.255 any • deny ip 192.168.2.0 0.0.0.255 any These rules will be applied to the WAN interface on the router. Your goal is to block any IP traffic coming in on the WAN interface that has a spoofed source address that makes it appear to be coming from the two internal networks. However, when you enable the ACL, you find that no traffic is being allowed through the WAN interface. What should you do?

Add a permit statement to the bottom of the access list.

Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do?

Add a separate A/C unit in the server room

LAB

Add an HTTP Firewall Rule that allows traffic from the WAN to the Web server in the DMZ Hide Details From Zone: UNSECURE (WAN) To Zone: DMZ Service: HTTP Action: Allow Always Source Hosts: Any Internal IP Address: 172.16.2.100 External IP Address: Dedicated WAN Add an HTTPS Firewall Rule that allows traffic from the WAN to the Web server in the DMZ Hide Details From Zone: UNSECURE (WAN) To Zone: DMZ Service: HTTPS Action: Allow Always Source Hosts: Any Internal IP Address: 172.16.2.100 External IP Address: Dedicated WAN Add an FTP Firewall Rule that allows traffic from the administrator workstation to the Web server in the DMZ Hide Details From Zone: SECURE (LAN) To Zone: DMZ Service: FTP Action: Allow Always Source Address: 192.168.1.200 Destination Address: 172.16.2.100 Add an SSH (TCP) Firewall Rule that allows traffic from the administrator workstation to the Web server in the DMZ Hide Details From Zone: SECURE (LAN) To Zone: DMZ Service: SSH (TCP) Action: Allow Always Source Address: 192.168.1.200 Destination Address: 172.16.2.100 Explanation To configure the Firewall, complete the following steps: 1.In the Security Appliance Configuration Utility, select Firewall > IPv4 Rules. 2.Click Add.... 3.Enter Firewall Rule parameters as required by the scenario and click Apply. 4.Repeat steps 2 and 3 for additional firewall rules

Your organization provides its sales force with Windows RT 8.1 tablets to use while visiting customers sites. You manage these devices by enrolling them in your cloud-based Microsoft Intune account. One of your sales reps left her tablet at an airport. The devices contains sensitive information and you need to remove it in case that device is compromised. Which Intune portal should you use to perform a remote wipe?

Admin Portal

You have a network connected to a physical star topology. One of the drop cables connecting a workstation is removed. What best describes what happens to communications?

All devices except the device connected with the drop cable will be able to communicate

During a network infrastructure upgrade, you have replaced two 10 Mbps hubs with switches and upgraded from Category 3 UTP cable to Category 5e. During the process, you accidentally cut the Cat 5e patch cable that stretches from the network printer to the upgraded switch. What is the impact on the network?

All network nodes, with the exception of the printer, will be available.

Which of the following is a characteristic of static routing when compared to dynamic routing? All routes must be manually updated on the router. Routers use the hop count to identify the distance to a destination network. Routers can only use static routing when not connected to the Internet. Routers send packets for destination networks to the next hop router.

All routes must be manually updated on the router. Explanation Static routing requires that entries in the routing table are configured manually. Network entries remain in the routing table until manually removed. When changes to the network occur, static entries must be added or removed. The next hop router is used with most routes to identify the next router in the path to the destination, regardless of whether the route is a static or dynamically-learned route. The hop count can be used by static or dynamic routes, depending on the routing protocol used. Static routing can be used for private and public networks, whether connected to the Internet or not.

Many popular operating system allow for quick and easy sharing of files and printers with other network members. Which of the ff. is not a means by which file and printer sharing is hardened?

Allowing NetBIOS traffic outside of your secured network.

Community cloud

Allows cloud services to be shared by several organizations

You are implementing a SOHO network for a local business. The ISP has already installed and connected a cable modem in the business. The business has four computers that need to communicate with each other and the Internet. The ISP's cable modem has only one RJ45 port. You need to set up the network with the following in mind: • Spend as little money as possible. • Do not purchase unnecessary equipment. • Computers need to have a gigabit connection to the network. • New devices should not require management or configuration. You examine each computer and notice only one of the four computers has a wireless NIC; they all have Ethernet NICs. What should you purchase?

An unmanaged switch and CAT5e cabling.

Which of the devices listed below allows for establishing a communication channel over a PSTN? Analog modem ICS server Multilayer switch Default gateway

Analog Modem

Which of the devices listed below allows for establishing a communication channel over a PSTN?

Analog modem

Which of the following is the best recommendation for applying hotfixes to your servers?

Apply only the hotfixes that apply to software running on your systems

Which of the following activities are typically associated with penetration testing? (select two)

Attempting social engineering Running a port scanner

You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat6e cable to connect the wiring closet to the shipping building. Which of the following conditions are you most likely to experience?

Attenuation

You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat6e cable to connect the wiring closet to the shipping building. Which of the following conditions are you most likely to experience?

Attenuation Attenuation is the loss of signal strength from one end of a cable to the other. The longer the cable, the more attenuation. For this reason, it is important to not exceed the maximum cable length defined by the networking architecture. In this example, the distance from the wiring closet to the other building exceeds the 100 meter maximum for Ethernet.

Which part of the AAA security architecture deals with the verification of the identity of a person or process?

Authentication

Which part of the AAA security architecture deals with the verification of the identity of a person or process? Authentication Authorization Accounting

Authentication

Which of the following are improvements to SNMP that are included within SNMP version 3? (Select two)

Authentication for agents and managers Encryption of SNMP messages

You are working with 25 pair wires and 66 blocks. You have pushed the wires onto the 66 block, but now need to cut off the excess end of each wire. Which tool should you use? A Snips B Punchdown tool C Cable stripper D Butt set

B Punchdown tool

Which of the connector types listed below are used with coaxial cabling? (Select 2 answers) ST MT-RJ BNC LC F-connector

BNC F-Connector

Which of the following are characteristics of the 802.11g wireless standard?

Backwards compatible with 802.11b devices Operates in the 2.4 Ghz range Maximum bandwidth of 54 Mbps 802.11g wireless network: -Operates in the 2.4 Ghz range -Have a maximum bandwidth of 54 Mbps -Are backwards compatible with 802.11b networks

You are concerned about the amount of traffic that passed through a router on your network. You want to see how the amount of traffic has changed over time. Which document would help in identifying past average network traffic?

Baseline.

The practice of sending unsolicited messages over Bluetooth is known as: Phishing Bluejacking Vishing Bluesnarfing

Bluejacking Bluesnarfing. ... Both Bluesnarfing and Bluejacking exploit others' Bluetooth connections without their knowledge. While Bluejacking is essentially harmless as it only transmits data to the target device, Bluesnarfing is the theft of information from the target device.

The practice of gaining unauthorized access to a Bluetooth device is referred to as: MITM attack Bluejacking Phishing Bluesnarfing

Bluesnarfing Bluesnarfing. ... Both Bluesnarfing and Bluejacking exploit others' Bluetooth connections without their knowledge. While Bluejacking is essentially harmless as it only transmits data to the target device, Bluesnarfing is the theft of information from the target device.

You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standard could the network be using. select two

Bluetooth 802.11b

A collection of intermediary compromised systems that are used as a platform for a DDoS attack is known as: Honeynet Botnet Quarantine network Network controllers Malware

Botnet The word Botnet is formed from the words 'robot' and 'network'. Cybercriminals use special Trojan viruses to breach the security of several users' computers, take control of each computer and organise all of the infected machines into a network of 'bots' that the criminal can remotely manage.

Which three of the following devices operate at the Data Link layer of the OSI model? Routers Bridges Switches Repeaters Network interface cards (NICs) Hubs

Bridges, Switches & NICs Explanation Network interface cards (NICs), bridges, and switches all operate at the OSI Data Link layer. They use the physical device address (MAC address) to identify packets. Hubs and repeaters operate at the Physical layer they simply repeat packets without regard to addresses. Routers function at the Network layer they examine the logical device and network address to perform routing tasks.

Which of the following topologies connects all devices to a trunk cable? Tree Bus Star Ring

Bus Explanation The bus topology connects all devices to a trunk cable.

You are making Ethernet drop cables using Cat5e cable and RJ-45 connectors. You need to remove the plastic coating over the cable to expose the individual wires. Which tool should you use? A Snips B Punchdown tool C Cable stripper D Butt set

C Cable stripper

Of the following cables, which offer the best protection against EMI? A cat 5 B RG-6 C Single mode fiber optic D Cat 5e

C Single mode fiber optic

When would you typically use an RJ-11 connector? A When using single mode fiber optic cables. B When using Cat 3 cables. C When connecting a phone to a phone line. D When using multimode fiber optic cables. E When using Cat 5 or higher cables. F When using RG—6 cables.

C When connecting a phone to a phone line.

Which of the following devices is used on a WAN to convert synchronous serial signals into digital signals?

CSU/DSU A CSU/DSU is a device that converts the signal received from the WAN provider into a signal that can be used by equipment at the customer site. A CSU/DSU is composed of two separate devices: • The CSU terminates the digital signal and provides error correction and line monitoring. • The DSU converts the digital data into synchronous serial data for connection to a router. The CSU/DSU might be two separate devices, one combined device, or it might be integrated into a router.

Which of the tools listed below allows for verification of the network cabling installation performance and its compliance with TIA or ISO standards? Multimeter Cable certifier Toner probe Cable tester

Cable certifier

Which of the following tools would be used for attaching an RJ-45 connector to the end of a twisted-pair Ethernet cable? Punch down tool Cable crimpers Needle-nose pliers Cable certifier

Cable crimpers

You are making Ethernet drop cables using Cat5e cable and RJ45 connectors. You need to remove the plastic coating over the cable to expose the individual wires. Which tool should you use? Snips Punchdown tool Butt set Cable stripper

Cable stripper Explanation Use a cable stripper to remove the plastic covering for a cable. Note: When making drop cables or using punchdown blocks, do not remove the plastic covering for individual wires. Use snips to cut cables. Use a punchdown tool to push wires into 66 or 110 blocks and cut wires at the same time. Use a butt set to connect to phone lines to monitor, make, or answer phone calls.

Rollover cable

Cable type often used to connect a computer terminal to a router's console port.

Coaxial Fiber-optic STP

Cabling types which provide protection against an outside signal interference.

You are working on upgrading the network in an older building. Over the years, the building has had several types of networking cable installed. The network must support 1000 Mbps Ethernet. You would like to minimize the cost of the upgrade by replacing cables only if necessary. Which types of cable must be replaced to support the required network speed? (Select two.) Cat 3 Cat 4 Cat 5 Cat 5e Cat 6 Cat 6e

Cat 3 & Cat 4 Explanation 1000 Mbps Ethernet (Gigabit Ethernet) requires at least Cat 5 cables. While Cat 5 supports 1000 Mbps, it can have poor performance during high-data transfers. Whenever possible, it is best to use a higher grade cable (Cat 5e or Cat 6) if you want 1000 Mbps data transmission. Cat 3 only supports 10 Mbps Ethernet. Cat 5e or Cat 6 is required for 10 Gbps Ethernet.

Which of the following are advantages of virtualization? select two

Centralized administration Easy migration of systems to different hardware

The 802.11ac wireless networking standard provides increased bandwidth and communication speeds by using which o fthe following technologies?

Channel bonding to combine more channels in the 5GHz band to allow for up to 160 MHz wide channels. MU-MIMO to allow multiple users to use the same channel. The 802.11ac wireless network standard increases bandwidth and communication speeds by using the following technologies: -MU-MIMO is an enhancement to MIMO that allows multiple users to use the same channel. In addition to adding MU-MIMO, 802.11ac doubled the number of MIMO radio streams from four to eight. -Channel Bonding is used to combine even more channels in the 5 GHz band, allowing for up to 160 MHz wide channels. (Even though 160 MHz wide channels are supported, most 802.11ac networks use 80 MHz wide channels.)

Non-routable (private) IP address range Class C range

Characteristic features of the 192.168.0.0 - 192.168.255.255 IP address space

In IPv4 addressing, the leading octet of an IP address with a value of 1 through 126 denotes that the IP address within that range belongs to the: Class A address space Class B address space Class C address space Class D address space

Class A address space

Which of the following answers refer to the characteristic features of the 10.0.0.0 - 10.255.255.255 IPv4 address space? (Select 2 answers) Class A range Public IP address range Class B range Non-routable (private) IP address range Class C range

Class A range Non-routable (private) IP address range

In IPv4 addressing, the leading octet of an IP address with a value of 192 through 223 denotes that the IP address within that range belongs to the: Class A address space Class B address space Class C address space Class D address space

Class C address space

You manage a server that uses an IP address of 192.168.255.188 with a mask of 255.255.0.0. Which of the following describes the address type? Classless Classful Multicast Public Broadcast

Classless Explanation Because the IP address is not using the default subnet mask, it is using classless addressing. Classless addressing modifies the length of the subnet mask, using a custom mask value instead of the default subnet mask. Classful addressing uses the default subnet mask. Devices that only support classful addressing assume the subnet mask based on the IP address class. A broadcast address is an address that is sent to all hosts. Broadcast addresses are the last possible address on a subnet. A multicast address is an address that identifies a group of computers. Members of the group share the same multicast address. Multicast addresses are in the range of 224.0.0.0 to 239.255.255.255. A public address is an address that is registered for use on the Internet.

Which of the following terms are often synonymous with or made possible with CIDR? (Select two.) NAT Classless VLSM OSPF Classful

Classless VLSM Explanation Classless InterDomain Routing (CIDR) allows for non-default subnet masks (variable length subnet mask or VLSM). Routers use the following information to identify networks: • The beginning network address in the range • The number of bits used in the subnet mask For example, the subnet 199.70.0.0 with a mask of 255.255.0.0 is represented as 199.70.0.0/16 (with 16 being the number of 1 bits in the subnet mask). Classful addresses rely on the IP address class to identify the subnet mask. Network Address Translation (NAT) allows you to connect a private network to the Internet without obtaining registered addresses for every host. Private addresses are translated to the public address of the NAT router. OSPF is a routing protocol that supports CIDR features.

When you run the show interfaces command on switch1, you observe a significant number of runts on the Gi0/1 interface. What does this statistic indicate?

Collisions are occurring.

Consider the network shown in the exhibit. When you run the show interfaces command on switch1, you observe a significant number of runts on the Gi0/1 interface. What does this statistic indicate?

Collisions are occurring. Runts are frames that are too small. (The minimum frame size required is 64 bytes.) This is commonly caused by collisions. In this scenario, the collisions are probably caused by a duplex mismatch error.

Which of the following is not a reason to use subnets on a network? Combine different media type on to the same subnet. Extend the network. Improve security. Isolate network problems.

Combine different media type on to the same subnet. Explanation Subnets cannot be used to combine networks of different media type on to the same subnet. Each network with a distinct media type has its own subnet. Subnets can be used to combine networks with different media types within the same internetwork.

You want to make sure that the correct ports on a firewall have been opened or closed. Which document should you check?

Configuration documentation.

Which of the following enterprise wireless configurations strategies best keeps public wireless access separate from private wireless access?

Configure a guest access WLAN that uses open authentication and that isolates guest WLAN traffic from other clients on the same access point.

You want to make sure that all users have passwords over 8 character and that passwords must be changed every 30 days. What should you do?

Configure account policies in Group policy

You are the wireless network administrator for your organization. As the size of the organization has grown, you've decide to upgrade your wireless network to use 802.1x authentication instead of preshared keys. To do this, you need to configure a RADIUS server and RADIUS clients. You want the server and the clients to mutually authenticate with each other. What should you do? (Select two. Each response is a part of the complete solution.)

Configure all wireless access points with client certificates. Configure the RADIUS server with a server certificate.

Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them. To increase security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? select two

Configure and apply security policy settings in a mobile device management system Enroll the devices in a mobile device management system

You are the wireless network admin for your org. As the size of the org has grown, you've decided to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys. To do this, you need to configure a RADIUS Server and RADIUS clients. You want the server and the clients to mutually authenticate with each other. What should you do? (Select two. Each response is part of the complete solution)

Configure the RADIUS server with a server certificate and Configure all wireless access points with client certificates.

A salesperson in your organization spends most of her time traveling between customer sites. After a customer visit, she must complete various managerial tasks, such as updating your organization's order database. Because she rarely comes back to your home office, she usually accesses the network from her notebook computer using WiFi access provided by hotels, restaurants, and airports. Many of these locations provide unencrypted public WiFi access, and you are concerned that sensitive data could be exposed. To remedy this situation, you decide to configure her notebook to use a VPN when accessing the home network over an open wireless connection. Which key steps should you take when implementing this configuration? (Select two.)

Configure the browser to send HTTPS requests through the VPN connection. Configure the VPN connection to use IPsec.

You want to create a rollover cable that has an RJ45 connector on both ends. How should you connect the wires within the connectors? Connect pin 1 to pin 8, pin 2 to pin 7, pin 3 to pin 6, and pin 4 to pin 5. Use the T568A standard on one end and the T568B standard on the other end. Connect each pin on one end to the same pin on the other end (i.e. pin 1 with pin 1, pin 2 with pin 2, etc.). Connect pin 1 with pin 3 and pin 2 to pin 6.

Connect pin 1 to pin 8, pin 2 to pin 7, pin 3 to pin 6, and pin 4 to pin 5. Explanation When terminated with an RJ45 connector on both ends, the wires within the connectors are rolled over to the opposite connector as follows: • Pin 1 is connected to pin 8 • Pin 2 is connected to pin 7 • Pin 3 is connected to pin 6 • Pin 4 is connected to pin 5 A crossover cable uses the T568A standard on one end and the T568B standard on the other end. The crossover cable connects pin 1 with pin 3 and pin 2 to pin 6. Connecting each pin to the same pin on the other end creates a straight-through cable.

An application software used to selectively block access to certain websites is an example of: (Select best answer)

Content filter

• You notice that a router/firewall/content filter UTM device has been implemented in the server closet to protect the internal network from external attacks. Which securityrelated recommendations should you make to this client? (Select two.)

Control access to the work area with locking doors and proximity readers. //Relocate the switch to the locked server closet.

You have a network configured to use the OSPF routing protocol. Which of the following describes the state when all OSPF routers have learned about all other routes in the network? Link state Convergence Classful VLSM Distance vector

Convergence Explanation The term convergence is used to describe the condition when all routers have the same (or correct) routing information. Convergence requires some time, but once reached means that any router has learned about all other networks that are being advertised (or shared) on the network. Link state and distance vector describe general methods that routers use to share routes with other routers. Classful describes a routing protocol that assumes the subnet mask based on the address class of the network. Variable

What is the basic purpose of the OSI Physical layer?

Coordinates rules for transmitting bits.

A device used for the purpose of extending the length of various types of network cable runs is commonly referred to as: Coupler Media converter Amplifier Cable certifier

Coupler

Which of the following phone attacks adds unauthorized charges to a telephone bill?

Cramming

You are responsible for maintaining Windows workstation operating systems in your organization. Recently, an update from Microsoft was automatically installed on your workstations that caused an in-house application to stop working. To keep this from happening again, you decide to test all updates on a virtual machine before allowing them to be installed on production workstations. Currently, none of your testing virtual machines have a network connection. However, they need to be able to connect to the update servers at Microsoft to download and install updates.

Create a new virtual switch configured for bridged (external) networking Connect the virtual network interfaces in the virtual machine to the virtual switch

You are an application developer. You use a hypervisor with multiple virtual machines installed to test your applications on various operating system versions and editions. Currently, all of your testing virtual machines are connected to the production network through the hypervisor's network interface. However, you are concerned that the latest application you are working on could adversely impact other network hosts if errors exist in the code. To prevent this, you decide to isolate the virtual machines from the production network. However, they still need to be able to communicate directly with each other. What should you do?

Create a new virtual switch configured for host-only (internal) networking. Connect the virtual network interfaces in the virtual machines to the virtual switch.

What is the primary function of the IKE protocol used with IPSec?

Create a security association between communicating partners

A user reports that she can't connect to the Internet. After some investigation, you find that the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point. What should you do next?

Create an action plan.

You need to transfer data from one laptop to another and would like to use an Ethernet cable. You do not have a hub or a switch. Which type of cable should you use? Loopback Crossover Straight-through Rollover

Crossover Explanation Use a crossover cable to connect two devices together in a back-to-back configuration. Use a straight-through cable to connect a workstation to a hub or switch port. Use a rollover cable to connect a workstation to the console port of a router or a switch. Use a loopback plug to allow a device to communicate with itself through its own network adapter.

You have a network with 50 workstations. You want to automatically configure workstations with the IP address, subnet mask, and default gateway values. Which device should you use? DNS server Gateway Router DHCP server

DHCP server Explanation Use a DHCP server to deliver configuration information to hosts automatically. Using DHCP is easier than configuring each host manually. Use a gateway to provide access to a different network, or to a network using a different protocol. Use a router to connect multiple subnets. Use a DNS server to provide name resolution, for example to get the IP address associated with a logical host name.

Which firewall implementation creates a buffer network that can be used to host email or web servers?

DMZ

Which network service would you use to get the IP address from the FQDN hostname?

DNS

Which of the following answers refers to a system containing mappings of domain names to various types of data, such as for example numerical IP addresses?

DNS

You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. Which protocol should you implement?

DNS

You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. Which protocol should you implement? Telnet ARP DHCP DNS

DNS Explanation DNS is a system that is distributed throughout the internetwork to provide address/name resolution. For example, the name www.mydomain.com would be identified with a specific IP address. ARP is a protocol for finding the IP address from a known MAC address. DHCP is a protocol used to assign IP addresses to hosts. Telnet is a remote management utility.

You need to enable hosts on your network to find the IP address of logical names such as srv1.myserver.com. Which device would you use? IPS DNS server Bandwidth shaper IDS Load balancer

DNS server Explanation Use a DNS server to provide hostname-to-IP address resolution. A bandwidth shaper modifies the flow of traffic to keep traffic within predefined limits. A load balancer accepts incoming client requests, and distributes those requests to multiple other servers. An IDS detects security threats, while an IPS can both detect and respond to security threats.

You have configured a wireless access point to create a small network. You have configured all necessary parameters. Wireless clients seem to take a long time to find the wireless access point. You want to reduce the time it takes for the clients to connect. What should you do?

Decrease the beacon interval.

Which of the following describes the point where the service provider's responsibility ends and the customer's responsibility begins for installing and maintaining wiring and equipment? Smart jack Punchdown block IDF Demarc Vertical cross connect

Demarc Explanation When you contract with a local exchange carrier (LEC) for data or telephone services, they install a physical cable and a termination jack onto your premises. The demarcation point (demarc) is the line that marks the boundary between the telco equipment and the private network or telephone system. Typically, the LEC is responsible for all equipment on one side of the demarc, and the customer is responsible for all equipment on the other side of the demarc. A smart jack is a special loopback plug installed at the demarcation point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc. A punchdown block is a block used to connect individual copper wires together. While the demarc might terminate in a punchdown block, punchdown blocks are used within other locations at the customer site. An intermediate distribution frame (IDF) is a smaller wiring distribution point within a building. IDFs are typically located on each floor directly above the main distribution frame (MDF), although additional IDFs can be added on each floor as necessary. A vertical cross connect connects the IDF to the MDF on a different floor.

You have a network that occupies the top floor of a three story building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. What would you use to relocate the WAN line into a wiring closet on your floor? Horizontal cross connect Demarc extension 66 block Smart jack 110 block

Demarc extension Explanation A demarc extension extends the demarcation point from its original location to another location within the building. The demarc extension typically consists of a single wire bundle that attaches to the existing demarc and supplies a termination point to a different location. You might need a demarc extension if your network occupies an upper floor of a building. The LEC will typically install the demarc into the MDF on the bottom floor, and you will need to install an extension to place the demarc into the IDF on your floor. A horizontal cross connect connects IDFs on the same floor. Cabling runs horizontally (sideways) between the IDFs. A smart jack is a special loopback plug installed at the demarcation point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc. Use 66 and 110 blocks to connect individual wires within a wiring closet. These blocks can be used to connect devices to the WAN service wiring, but are not typically used for installing a demarc extension.

Which of the following can be used to stop piggybacking that has been occurring at the front entrance where employees should swipe their smart cards to gain entry?

Deploy a mantrap

Users report that the network is down. After some investigation, you determine that a specific router is configured such that a routing loop exists. What should you do next?

Determine if escalation is needed

Users report that the network is down. After some investigation, you determine that a specific router is configured such that a routing loop exists. What should you do next?

Determine if escalation is needed.

Which of the following functions can a port scanner provide? select two

Determining which ports are open on a firewall Discovering unadvertised servers

A network connected using a full physical mesh topology. the link between device A and device B is broken. What happens to communications?

Device A will be able to communicate will all other devices.

Which of the following protocols can TLS use for key exchange? (Select two.)

DiffieHellman and RSA

Which of the antenna types listed below provide a 360-degree horizontal signal coverage? (Select 2 answers) Unidirectional antenna Dipole antenna Dish antenna Omnidirectional antenna Yagi antenna

Dipole antenna Omnidirectional antenna

If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?

Disconnect the intruder.

You manage the website for your company. The WEB1 server hosts the website. This server has the following configuration...Which component is a single point of failure for the website?

Disk controller

You have just started a new job as a network team leader for a small company. You are responsible for overseeing the work of Help Desk technicians, as well as doing your own share of the administrative work. To improve the safety of your organization, you decide to assemble Material Safety Data Sheets (MSDS) for all chemicals used in your organization. How should you get them?

Download them from the chemical manufacturers' websites.

Using the Netstat command, you notice that a remote system has made a connection to your Windows Server 2008 system using TCP/IP port 21. Which of the following actions is the remote system most likely to be performing?

Downloading a file

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. There is no default route configured on the router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet? Drop the packet. Send the packet to both networks 192.168.3.0 and 192.168.4.0 to the next hop router. Hold the packet in cache until a matching route is learned or configured. Send the packet out both of its directly connected networks as a broadcast frame.

Drop the packet. Explanation If a packet does not match any route in a routing table, the router will simply drop the packet. In this example, the router does not know about the destination network, and also is not configured with a default route. With a default route, the router will forward the packet to the next hop router specified by the default route.

You are reviewing the output of the show interfaces command for the Gi0/1 interface on a switch. You notice a significant number of CRC errors displayed. What are the most likely causes? (Select two. Either response is a complete solution.)

EMI or cross-talk on the cable connected to the interface Collisions

SONET networks are most often based on: Star topology Bus topology Dual ring topology Mesh topology

Dual ring topology

A user reports that network access from her workstation is very slow. The problem does not seem to be affecting any other users. Which of the following conditions is the most likely cause?

Duplex mismatch

You are reviewing the output of the show interfaces command for the Gi0/1 interface on a switch. You notice a significant number of CRC errors displayed. What are the most likely causes? (Select two. Either response is a complete solution.)

EMI or cross-talk on the cable connected to the interface Collisions

You want to connect your small company network to the Internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connection to internal hosts. What type of Network Address Translation (NAT) should you implement?

Dynamic

Which of the following describes the point where the service provider's responsibility ends and the customer's responsibility begins for installing and maintaining wiring and equipment? A Smart jack B tor C Punchdown block D Vertical cross connect E Demarc

E Demarc

Which of the following terms identifies the wiring closet in the basement or a ground floor that typically includes the demarcation point? A IDF B Smart jack C Horizontal cross connect D 110 block E MDF

E MDF

Which of the following methods would you use to create a crossover cable? A Use the T568A standard on one connector, and the BLOG convention on the other connector. B Use the T568B standard. C Use the T568B standard on one connector, and the BLOG convention on the other connector. D Use the T568A standard. E Use the T568A standard on one connector, and the T568B standard on the other connector.

E Use the T568A standard on one connector, and the T568B standard on the other connector.

Mesh

Each of the network node, computer and other devices, are interconnected with one another.

You have a cable Internet connection at home. The installer had connected the router near the outside wall of your house with RG-6 cable. You move the cable router a distance of 50 meters using RG-8 cables and special connector adapters. Which condition are you most likely to experience?

Echo An impedance mismatch (manifested by echo) occurs when you connect cables and devices that have a different impedance (resistance) rating. Impedance is mostly a factor in coaxial cables used for networking. Be sure to choose cable with the correct rating (50 or 75 ohm) based on the network type, and do not mix cables with different ratings. RG-6 cables have a rating of 75 ohms, while RG-8 cables have a rating of 50 ohms.

You have a cable internet connection at home. the installer had connected the router near the outsde wall of your house with RG-6cable you move the cable router a distance of 50meters using RG-8 cables and special connector adapters. What condition are you most likely to experience?

Echo An impedance mismatch (manifested by echo) occurs when you connect cables and devices that have a different impedance (resistance) rating. Impedance is mostly a factor in coaxial cables used for networking.

How can an organization help prevent social engineering attacks?

Educate employees on the risks and countermeasures Publish and enforce clearly-written security policies

You are troubleshooting a client connectivity problem on an Ethernet network. the client system has intermittent connectivity to the network. You discover that the UTP patch cable is run 75 feet from the wall outlet, passes though the ceiling and over several florescent light fixtures before reaching the client system. What is the cause of the connectivity problem

Emi interference

You assigned the assistant network administrator to replace a defective patch cable that connected port 1 on your patch panel to one of your network switches. You noticed that it took him an unusually long time to complete this task. Once done, users almost immediately began to report that the network had gone down. Upon entering the server room, you see that the assistant administrator has configured your network rack as shown in the Exhibit. What should you do? (Choose two. Each response is a complete solution.)

Enable STP on each switch. Remove the patch cable connecting the first switch to the third switch.

You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. What will help reduce the effects of a broadcast storm?

Enable spanning tree on all the switches

In the OSI model, which of the following functions are performed at the Application layer? (Select all that apply.) Data translation Enabling communication between network clients and services Conversation identification Integration of network functionality into the host operating system

Enabling communication between network clients and services Integration of network functionality into the host operating system Explanation The Application layer enables network services, and integrates network functionality into the host operating system. Applications actually run above the OSI Application layer. Conversation identification is accomplished at the Session layer through connection or transaction ID numbers. Data translation is performed at the Presentation layer.

In the OSI model, which of the following functions are performed at the Presentation layer? (Select two.) Maintain separate client connections Handle general network access, flow control, and error recovery Encrypt and compress data Transmit data frames Specify data format (such as file formats) Provide network services

Encrypt and compress data Specify data format (such as file formats) Explanation The Presentation layer encrypts data, changes and converts character sets, and compresses data. File formats (such as .jpg, .wmv, and .wav) are part of the Presentation layer. The Application layer provides network services. The Session layer maintains separate client connections through session IDs, and maintains those sessions. Flow control and error detection are provided at both the Transport layer and the Data Link layer. Transmitting frames happens at the Physical layer.

Which of the following features are supplied by WPA2 on a wireless network?

Encryption

Which of the following provides a countermeasure against session hijacking? Port filtering Cleartext credentials Access Control List (ACL) Encryption

Encryption In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system.

You are investigating the use of Web site and URL content filtering to prevent users from visiting certain Web sites. Which benefits are the result of implementing this technology in your organization? (Choose two.)

Enforcement of the organization's Internet usage policy An increase in bandwidth availability

Your organization recently purchased 18 IPad tablets for use by the organizations management team. The devices have iOS pre-installed on them. To increase security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? select two

Enroll the devices in a mobile device management system Configure and apply security policy settings in a mobile device management system

Many of the end users in your organization are bringing their own personal mobile devices to work and are storing sensitive date on them. To precent the data from being compromised, you create a cloud-based Microsoft Intune account and configure mobile device security policies. You now need to apply those security policies to the end users mobile devices. What should you do? select two

Enroll the devices with the Intune service Create a user account for each user who has a managed mobile device

Dumpster diving is a low-tech means of gathering information that may be useful in gaining unauthorized access, or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving?

Establish and enforce a document destruction policy

You manage a firewall that connects your private network to the Internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use?

Event log.

Star

Every node connects to a central network device.

You have just signed up for a broadband home Internet service that uses coaxial cable. Which connector type will you most likely use? RJ45 SC Ftype BNC ST RJ11

F-type Explanation Use an F-type connector for broadband cable connections that use coaxial cable. Use a BNC connector for 10Base2 Ethernet networks. Use an RJ11 connector for modem connections to a phone line. Use an RJ45 connector for an Ethernet network that uses twisted pair cable. Use ST and SC connectors for fiberoptic cables.

Which of the following is a valid IPv6 address? FEC0::AB:9007 FEC0:9087:AB04:9900:7GA2:7788:CEDF:349A 199.12.254.11 FEC0:AB98::A7::9845:4567 FEC0:AB04:899A

FEC0::AB:9007 Explanation FEC0::AB:9007 is a valid IPv6 address. The :: in the address replaces blocks of consecutive 0's. The longer form of this address would be FEC0:0000:0000:0000:0000:0000:00AB:9007. Leading 0's within a quartet can also be omitted. You can only omit one block of 0's using the double colon. Each number in the IPv6 address must be between 0-9 or A-F; G is not a valid number for the IPv6 address. An address without double colons should have a total of 32 hexadecimal numbers in 8 blocks.

You want to allow your users to download files from a server running the TCP/IP protocol. You want to require user authentication to gain access to specific directories on the server. Which TCP/IP protocol should you implement to provide this capability? HTML FTP IP HTTP TFTP TCP

FTP Explanation You should implement the File Transfer Protocol (FTP). It enables file transfers and supports user authentication. The Trivial File Transfer Protocol (TFTP) enables file transfer, but does not support user authentication.

You want to transfer a file from a UNIX server to a Windows 2000 computer. Which of the following utilities could you use to do this? Select all that apply. Netstat TFTP FTP Tracert Telnet NBTSTAT

FTP & TFTP Explanation UNIX computers use TCP/IP, as do Windows 2000 computers. Therefore, the TCP/IP utilities FTP and TFTP will both allow you to transfer files.

Which of the following is a secure alternative to FTP that uses SSL for encryption?

FTPS

You have just connected four new computer systems to an Ethernet switch using spare patch cables. 3 out of 4 of are working. You replace the nic, but still no connection. what could be the possible cause?

Failed patch cable

You are moving a client to a new location within an Ethernet network. Previous to the move, the client system did not have difficulty accessing the network. During the relocation, you attach a patch cable from the client system to the wall jack and from the patch panel to the switch. Once connected you do not get a link light on the network card or the switch. You swap out the cable running between the patch panel and the switch with a known working one but you can still not connect. Which of the following might you suspect as the problem?

Failed patch cable between the client system and the wall jack

An SSL VPN connection typically requires a dedicated VPN client application.

False

Upon conducting a visual inspection of the server room, you see that a switch displays LED collision lights that are continually lit. You check the LED on the corresponding workstation and see that it is flashing rapidly even though it is not sending or receiving network traffic at that time. What is the cause of the network collisions?

Faulty network card

Upon conducting a visual inspection of the server room, you see that a switch displays LED collision lights that are continually lit. You check the LED on the corresponding workstation and see that it is flashing rapidly even though it is not sending or receiving network traffic at that time. What is the cause of the network collisions?

Faulty network card Sometimes when a NIC fails, it doesn't just stop working but begins to flood the network with transmissions called jabbering, a single network card can slow down and entire network by its continual transmissions onto the network.

Ethernet 100BaseFX networks use what type of cabling? Unshielded twisted pair Fiber optic Shielded twisted pair Coaxial

Fiber optic Explanation Ethernet 100BaseFX networks use fiber optic cabling.

Which of the following is a reason to use a protocol analyzer?

Find devices that might be using legacy protocols, such as IPX/SPX or NetBIOS

What is the function of a Time-Domain Reflectometer (TDR)? Finding breaks in copper network cables Locating the beginning and the end of a cable in a cabling bundle Checking network installation for compliance with TIA or ISO standards Finding breaks in fiber-optic network cables

Finding breaks in copper network cables

Which of the following identifies an operating system or network service based upon it response to ICMP messages?

Fingerprinting

Which of the following answers refers to a software or hardware that monitors network traffic and depending on the configuration settings applied to each data packet either blocks it or allows it to pass through?

Firewall

Which of the following answers refers to a software or hardware that monitors network traffic and depending on the configuration settings applied to each data packet either blocks it or allows it to pass through? HIDS Firewall Load balancer Vulnerability scanner

Firewall

You have heard about a Trojan horse program where the compromised systems sends personal information to a remote attacker on a specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker. Which log would you monitor?

Firewall

You are the administrator of your company's network. You want to prevent unauthorized access to your intranet from the Internet. Which of the following should you implement? Proxy server Packet Internet Groper ICS Firewall

Firewall Explanation A firewall allows you to filter unwanted traffic from the Internet to your network. Packet Internet Groper is better known by its acronym, PING, a TCP/IP command. A proxy server caches web pages. ICS allows you to connect a small network to the Internet through a single connection.

A network topology in which each node has a direct physical connection to every other node is called: Star Partial mesh Bus Full mesh Ring

Full mesh

Which of the following is the best device to deploy to protect your private network from a public untrusted network? Firewall Gateway Hub Router

Firewall Explanation A firewall is the best device to deploy to protect your private network from a public untrusted network. Firewalls are used to control traffic entering and leaving your trusted network environment. Firewalls can manage traffic based on source or destination IP address, port number, service protocol, application or service type, user account, and even traffic content. Routers offer some packet based access control, but not as extensive as that of a full-fledged firewall. Hubs and gateways are not sufficient for managing the interface between a trusted and an untrusted network.

You are the network administrator for a small organization. Recently, you contracted with an ISP to connect your organization's network to the Internet to provide users with Internet access. Since doing so, it has come to your attention that an intruder has invaded your network from the Internet on three separate occasions. What type of network hardware should you implement to prevent this from happening again? Proxy server Switch Hub Firewall CSU/DSU Router

Firewall Explanation The role of a firewall is to provide a barrier between an organization's network and a public network, such as the Internet. Its job is to prevent unauthorized access into the organization's private network. To do this, the firewall examines incoming packets and determines whether they should be allowed to enter based on a set of rules defined by the network administrator.

Arrange the Group Policy Objects (GPOs) in the order in which they are applied

First The Local Group Policy on the computer. Second GPOs linked to the domain that contains the user or computer object. Third GPOs linked to the organizational unit that contains the object.

Arrange the Group Policy Objects (GPOs) in the order in which they are applied.

First ==> The Local Group Policy on the computer. Second ==> GPOs linked to the domain that contains the user or computer object. Third ==> GPOs linked to the organizational unit that contains the object.

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The router is also configured with a static route of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet? Send the packet out both of its directly connected networks to the next hop router. Send the packet out both of its directly connected networks as a broadcast frame. Forward the packet to the next hop router specified by the route to network 0.0.0.0. Drop the packet.

Forward the packet to the next hop router specified by the route to network 0.0.0.0. Explanation A route of 0.0.0.0 with a mask of 0.0.0.0 identifies a default route. The default route is used when no other route is a better match. Packets that match no other networks are sent to the next hop router specified by default route.

What type of virtualization completely simulates a real physical host? Full virtualization Semi-virtualization Paravirtualization Partial virtualization

Full virtualization Explanation In full virtualization, the virtual machine completely simulates a real physical host. This allows most operating systems and applications to run within the virtual machine without being modified in any way. In partial virtualization, only some of the components of the virtual machine are virtualized. Be aware of the following: •The operating system uses some virtual components and some real physical hardware components in the actual device where the hypervisor • The operating system or application must be modified to run in a partial virtualization environment. In paravirtualization, the hardware is not virtualized. Be aware of the following: • All of the guest operating systems running on the hypervisor directly access various hardware resources in the physical device; components are not virtual. • The guest operating systems run in isolated domains on the same physical hardware. • The operating system or application must be modified before they can run in a paravirtualization environment.

What type of module might a switch use to allow it to modify the media type supported by a switch port? (Select two.) MPLS GBIC OCx SFP

GBIC & SFP Explanation Older network adapters used an external transceiver that matched the media type. While nearly all current network adapters come with a built in transceiver type, new devices, such as switches and routers, use transceiver modules that allow you to modify the media type of a port by changing the transceiver. Transceiver modules include the following: • A GBIC (gigabit interface converter) is a larger sized transceiver that fits in a port slot and is used for Gigabit media including copper and fiber optic. • An SFP (small formfactor pluggable) is similar to a GBIC but with a smaller size. An SFP is sometimes called a miniGBIC. • An XFP transceiver is similar in size to an SFP but is used for 10 Gigabit networking.

Which of the following answers refers to the measurement of data transfer rate that excludes all protocol overhead information as well as re-transmission of lost data packets? Goodput Bandwidth cap Throughput Baseline

Goodput

Which of the ff. solutions would you use to control the actions that users can perform on a computer, such as shutting down the system, logging on through the network, or loading and unloading device drivers?

Group Policy

You have contracted with a vendor to supply a custom application that runs on Windows workstations. As new application versions and patches are released, you want to be able to automatically apply these to multiple computers. Which tool would be the best choice to use?

Group Policy

A security solution implemented on an individual computer monitoring that specific system for malicious activities or policy violations is referred to as:

HIDS

A security solution implemented on an individual computer monitoring that specific system for malicious activities or policy violations is referred to as: NIPS MAC filter Firewall HIDS

HIDS

A security solution implemented on an individual computer which monitors that specific system for malicious activities or policy violations is referred to as:

HIDS - Host-based intrusion detection system (HIDS)

Which protocol is used on the World Wide Web to transmit Web pages to Web browsers? SMTP HTML HTTP NNTP

HTTP Explanation HTTP or HyperText Transfer Protocol is used by Web servers and browsers to transmit Web pages on the Internet. This is often confused with HTML or HyperText Markup Language which is the markup language used to create Web content.

Which protocol is used for securely browsing a Web site?

HTTPS

Match each physical security control on the left with an appropriate example of that control on the right. Each security control may be used once, more than once, or not at all.

Hardened carrier Protected cable distribution Biometric authentication Door locks Barricades Perimeter barrier Emergency escape plans Safety Alarmed carrier Protected cable distribution Antipassback system Physical access control Emergency lighting Safety Exterior floodlights Perimeter barrier

By definition, what is the process of reducing security exposure and tightening security controls?

Hardening

An administrator needs to adjust multiple Access Point (AP) placement in order to ensure the best coverage for the network. Which of the following tools would be of help while identifying the areas of low signal strength? Heat map Power level controls Logical network diagram Wi-Fi hotspots

Heat map Wireless heat map. A diagram of signal strength in a Wi-Fi network. Using a wireless monitor tool, a visual map of a workplace gives the network administrator invaluable knowledge about how to adjust the access points (APs) for better coverage

You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through plenum UTP cable that will be run through the suspended tile ceiling of the data center. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. The only power available in the data center is located on the wall opposite the new server rack, so you must run extension cords across the floor to plug in the UPS unit. There are problems with this plan. What should you do?

Hire an electrician to install a wall outlet near the new rack.

Match the Active Directory component on the left with the appropriate description on the right. Each component may be used once, more than once, or not at all.

Holds a copy of the Active Directory database Domain Controller Manages access for a workstation Computer Object Manages access for an employee User Object Can be created to logically organize network resources Organizational Unit Cannot be moved, renamed, or deleted Generic Container Defines a collection of network resources that share a common directory database Domain

You have been asked to deploy a network solution that requires an alternate location where operational recovery is provided within minutes of a disaster. Which of the following strategies would you choose?

Hot site

You have been hired to design a wireless network for a SOHO environment. You are currently in the process of gathering network requirements from management. Which of the following questions should you ask? (Select three.)

How many devices will need to be supported? Is the business expected to grow in size in the future? What type of data will be transmitted on the network?

Which of the following hardware devices regenerates a signal out all connected ports without examining the frame or packet contents? (Select two.) Bridge Hub Repeater Switch Gateway Router

Hub & Repeater Explanation A hub and a repeater send received signals out all other ports. These devices do not examine the frame or the packet contents. A switch or a bridge use the MAC address in a frame for forwarding decisions. A router uses the IP address in a packet for forwarding decisions.

Drag the collision domain property on the left to the appropriate network device(s) on the right. Each property can be used more than once.

Hub Single collision domain Switch Multiple collision domains 802.11n wireless access point Single collision domain Router Multiple collision domains Bridge Multiple collision domains Repeater Single collision domain Layer 3 switch Multiple collision domains

You have a network that occupies both floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a second wiring closet on the second floor directly above the wiring closet that holds the demarc. Which of the following terms describes the closet on the second floor? Vertical cross connect Demarc extension MDF IDF Horizontal cross connect

IDF Explanation An intermediate distribution frame (IDF) is a smaller wiring distribution point within a building. IDFs are typically located on each floor directly above the MDF, although additional IDFs can be added on each floor as necessary. The main distribution frame (MDF) is the main wiring point for a building. The MDF is typically located on the bottom floor or basement. The LEC typically installs the demarc to the MDF. A vertical cross connect connects the MDF on the main floor to IDFs on upper floors. Cabling runs vertically (up and down) between the MDF and the IDFs. A horizontal cross connect connects IDFs on the same floor. Cabling runs horizontally (sideways) between the IDFs. A demarc extension extends the demarcation point from its original location to another location within the building.

You have a private network connected to the Internet. Your routers will not share routing information about your private network with Internet routers. Which of the following best describes the type of routing protocol you would use? Static Link state IGP Dynamic Distance vector BGP

IGP Explanation You would use an Interior Gateway Protocol (IGP) on routers within your network. Routing protocols can be classified based on whether they are routing traffic within or between autonomous systems: An Interior Gateway Protocol (IGP) routes traffic within an AS; an Exterior Gateway Protocol (EGP) routes traffic between ASs. Link state and distance vector describe how routing protocols share routing information. The network size might determine which protocol is best for your network. Static routing uses manually defined routes in the routing table, while dynamic routing uses a protocol so routers learn and share routes with other routers. You can use either static or dynamic routing (or both) on a private network.

You are asked to recommend an email retrieval protocol for a company's sales team. The sales team needs to access email from various locations and possibly different computers. The sales team does not want to worry about transferring email messages or files back and forth between these computers. Which email protocol was designed for this purpose? IMAP SMTP MFTP POP4 POP3

IMAP Explanation The Internet Message Access Protocol (IMAP) is an email retrieval protocol designed to enable users to access their email from various locations without the need to transfer messages or files back and forth between computers. Messages remain on the remote mail server and are not automatically downloaded to a client system. POP3 is an email retrieval protocol that downloads and then deletes messages from a mail server. POP3 is well suited for reading email offline; however, you need to go online when you want to receive and send new messages. Once your new messages have been downloaded to your computer you can log off to read them. This option is often used when email is received over a dialup connection.

Which of the following protocols stores email on the mail server and gives users a choice to download mail or keep it on the server? (Select 2) POP3 SMTP NTP IMAP4

IMAP4 & POP3 Explanation IMAP4 allows a mail server to hold messages for a client. POP3 is a simpler protocol than IMAP4 that downloads email messages and deletes them from the server by default, but most newer POP3 clients provide an option to leave mail on the server after download. SMTP allows a user to send email to a server. The NTP protocol synchronizes the clocks of all computers on a network.

Which of the following solutions are used for implementing VPNs? (Select all that apply) IPsec GRE SDLC SSL/TLS PPTP

IPsec GRE SSL/TLS PPTP

Which of the following solutions are used for implementing VPNs?

IPsec, GRE, SSL/TLS, PPTP

Which of the following solutions are used for implementing VPNs? (Select all that apply)

IPsec, GRE, SSL/TLS, PPTP

The DNS database AAAA record creates a pointer that maps a hostname to:

IPv6 address

Hexadecimal numbers

IPv6 addresses are expressed with the use of these

0:0:0:0:0:0:0:1 ::1

IPv6 loopback addresses

A user reports that he can't connect to a specific website. You go to the user's computer and reproduce the problem. What should you do next?

Identify the affected areas of the network.

Arrange the steps in the Change and Configuration Management process on the left in the correct order in which they should be completed on the right.

Identify the need for a change. Conduct a feasibility analysis. Define the procedure for implementing the change. Notify affected parties of the pending change. Implement the change. Test the implementation. Document the change.

A user is unable to connect to the network. You investigate the problem and determine that the network adapter is defective. You replace the network adapter and verify that it works. What should you do next?

Identify the results and effects of the solution.

Match each network enumeration technique on the left with its corresponding description on the fish.

Identifying phone number with modems War dialing Scanning for wireless access points Wardriving Identifying operating system type and version number Banner grabbing Identifying services that can pass through a firewall Firewalking

Match each network enumeration technique on the left with its corresponding description on the right.

Identifying phone numbers with modems ==> War dialing Scanning for wireless access points ==> Wardriving Identifying operating system type and version number ==> Banner grabbing Identifying services that can pass through a firewall ==> Firewalking

Under which of the following circumstances might you implement BGP on your company network and share routes with Internet routers? If the network is connected to the Internet using multiple ISPs. If the network has over 15 areas and uses IPv6. If the network is connected to the Internet using public addressing. If the network has over 15 hops.

If the network is connected to the Internet using multiple ISPs. Explanation Very large networks can use BGP internally, but typically only share routes on the Internet if the AS has two (or more) connections to the Internet through different ISPs. If your network has over 15 hops, use a routing protocol other than RIP. Use OSPF or ISIS to divide your network into areas. Private networks that use public IP addresses do not need to share routes with Internet routers; it is typically the responsibility of the ISP to configure routes into the private network, even when public addressing is being used. A single route out of the private network is all that is required if the network has a single connection to the Internet.

The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for guests. The owner has asked that you implement security controls such that only paying guests are allowed to use the wireless network. She wants guests to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at checkin, guests should then be allowed full access to the Internet. If a user does not provide the correct code, they should not be allowed to access the Internet. What should you do?

Implement a captive portal.

The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for patrons. The owner has asked..... Under no circumstances should..... What should you do?

Implement a guest network

• The office manager informs you that her desktop system will no longer boot and asks you to repair or replace it, recovering as much data as possible in the process. You carry the workstation out to your car and bring it back to your office to work on it. What securityrelated recommendations should you make to this client?

Implement a hardware checkout policy

A user reports that he can't browse to a specific website on the Internet. From his computer, you find that a ping test to the web server succeeds. A traceroute test shows 17 hops to the destination web server. What is the most likely cause of the problem?

Incorrect DNS server address

a user reports that he can't browse the internet. You ping test the web server succeeds. A trace route test shows 17 hops to the destination web server. What is the likely cause

Incorrect DNS server address

You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation can communicate with some hosts on the private network, but not with other hosts. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . . : Broadcom network adapter Physical Address. . . . . . : 00-AA-BB-CC-74-EF DHCP Enabled . . . . . . . : No Autoconfiguration Enabled. . . : Yes IPv4 Address . . . . . . . : 192.168.1.102(Preferred) Subnet Mask . . . . . . . : 255.255.255.0 Default Gateway. . . . . . . . . : 192.168.2.1 DNS Servers. . . . . . . . . . . : 192.168.2.20 What is the most likely cause of the problem?

Incorrect default gateway In this example, the default gateway address is incorrect. The default gateway address must be on the same subnet as the IP address for the host. The host address is on the 192.168.1.0/24 subnet, but the default gateway address is on the 192.168.2.0 subnet.

Match each type of access point on the left with the wireless network architecture that they are commonly used in on the right. Each type of access point may be used once, more than once, or not at all.

Independent access point infrastructure ==> Intelligent AP Hub-and-spoke infrastructure ==> Lightweight AP Distributed wireless mesh infrastructure ==> Intelligent AP Independent access points: In the early days of wireless networking, large organization implemented independent access points through their facility. Each AP stood alone, providing separate wireless networks using its own independent configuration. Hub-and-spoke infrastructure: In a hub-and-spoke configuration, a wireless controller is connected to all access points using wired links. The individual access points contain very little embedded intelligence and are sometimes referred to as lightweight access points (LWAPs). Distributed wireless mesh infrastructure: Newer wireless networks can be deployed using a distributed wireless mesh architecture. These networks still use a controller, but they move some of the network intelligence from the controller out to the individual access points. In this configuration, the controller is no longer a bottleneck. The APs are smart enough to communicate directly with each other to create more efficient data paths for network traffic.

A wireless networking topology consisting of at least one Access Point (AP) is known as: Infrastructure mode Independent Basic Service Set (IBSS) Ad hoc mode Peer-to-peer mode

Infrastructure mode

You have worked as the network administrator for a company for seven months. One day all picture files on the server become corrupted. You discover that a user downloaded a virus from the Internet onto his workstation, and it propagated to the server. you successfully restore all files from backup, but your boss is adamant that this situation does not recoccur. What should you do? -Install a firewall -Allow users to access the internet only from terminals that are not attached to the main network. -Disconnect the user from the Internet -Install a network virus detection software solution

Install a network virus detection software solution

You manage the information systems for a large manufacturing firm. Supervisory control and data acquistion (SCADA) devices are used on the manfucaturing floor to manager your organization's automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?

Install the latest firmware updates from the device manufacturer Verify that your network's existing security infrastrucutre is working properly.

You have purchased a solar backup power device to provide temporary electrical power to critical systems in your data center should the power provided by the electrical utility company go out The solar panel array captures sunlight, converts it into DC, and stores it in large batteries. However... Which electrical devices should you implement to convert the DC power stored in the batteries into AC power that can be used in the data center?

Inverter

Which of the following best describes how a switch functions? It connects multiple segments of different architectures. It translates frames, and forwards them to the appropriate segment. It connects multiple segments of different architectures. It translates frames, and broadcasts them to all of its ports. It connects multiple cable segments (or devices), and forwards frames to the appropriate segment. It connects multiple cable segments (or devices), and broadcasts frames to all of its ports.

It connects multiple cable segments (or devices), and forwards frames to the appropriate segment. Explanation Switches have multiple ports and can connect multiple segments or devices. The switch forwards frames to the appropriate port. They function similarly to a hub, except instead of sending packets to all ports, switches send packets only to the destination computer's port.

Which of the following are characteristics of coaxial network cable? (Choose three.) It uses two concentric conductors made from plastic or glass which conduct light signals. It has a conductor made from copper in the center of the cable. It is composed of four pairs of 22-gauge copper wire. The conductors within the cable are twisted around each other to eliminate crosstalk. It uses two concentric metallic conductors. The ends of the cable must be terminated. It uses RJ45 connectors

It has a conductor made from copper in the center of the cable. It uses two concentric metallic conductors. The ends of the cable must be terminated. Explanation Coaxial cable is composed of a central copper conductor surrounded by an insulator which is then surrounded by a second metallic mesh conductor. The name coaxial is derived from the fact that both of these conductors share a common axis. When using coaxial cable, both ends of the cable must be terminated.

The Data Link Layer of the OSI model is comprised of two sublayers. What are they? (Select two.)

LLC MAC • Logical Link Control (LLC) Sublayer: Provides the operating system link to the device driver. • Media Access Control (MAC) Sublayer: Translates generic network requests into device-specific terms.

Which of the following is true about the MAC address? (Select two.) It is typically represented by octets of decimal numbers between 0255. It is a 32-bit address. It is a 64-bit address. It is a 48-bit address. It is typically represented by hexadecimal numbers.

It is a 48-bit address. It is typically represented by hexadecimal numbers. Explanation The MAC address identifies the physical address of the network adapter. The MAC address is a 12-digit (48-bit) hexadecimal number (each number ranges from 09 or AF). The address is often written as 00B0D006BCAC or 00B0.D006.BCAC, although dashes, periods, and colons can be used to divide the MAC address parts. An IPv4 address is 32bits and uses octets of decimal numbers between 0255. An IPv6 address is a 64-bit address that uses 32 hexadecimal numbers.

Which of the following statements accurately describes how a modem works? (Select two.) It modulates digital data from the PC into analog data and transmits it on a telephone network. It communicates over a telephone network using digital signals. It transmits digital signals over ordinary telephone copper wiring at a rate up to 128 Kbps. It demodulates analog data from a telephone network into digital PC data. It demodulates analog PC data into digital data that can be transmitted through a telephone network. It modulates digital data from a telephone network into analog data that a PC can use.

It modulates digital data from the PC into analog data and transmits it on a telephone network. It demodulates analog data from a telephone network into digital PC data. Explanation Modem is shorthand for modulator/demodulator. Its job is to convert (or modulate) digital data from a PC into analog telephone signals and transmit them through a telephone network. It also receives analog data from the telephone network and converts (or demodulates) it into digital PC data.

Which of the following is the most important thing to do to prevent console access to a network switch?

Keep the switch in a room that uses a cipher lock.

When using 110 blocks for connecting Cat5 and higher data cables, which recommendation should you follow? Keep wire pairs twisted up to within one-half of an inch of the connector. Use C5 connectors. Connect wires using the T568B standard. Connect wires using the T568A standard.

Keep wire pairs twisted up to within one-half of an inch of the connector. Explanation When using for Cat5 (or higher) wiring, be sure to preserve the twists in each wire pair to within one-half of an inch of the connecting block. Use C4 connectors to connect four pairs of wires. When connecting data wires on a 110 block, you typically connect wires in the following order: • White wire with a blue stripe, followed by the solid blue wire. • White wire with an orange stripe, followed by the solid orange wire. • White wire with a green stripe, followed by the solid green wire. • White wire with a brown stripe, followed by the solid brown wire. T568A and T568B are used to connect wires within an RJ45 connector when making drop cables.

Which of the following answers lists an example of a protocol used for implementing control over multiple Wireless Access Points (WAPs)? RTSP LWAPP LDAP MGCP

LWAPP (Lightweight Access Point Protocol) Is the name of a protocol that can control multiple Wi-Fi wireless access points at once. This can reduce the amount of time spent on configuring, monitoring or troubleshooting a large network.

You are reviewing the output of the show interfaces command for the Gi0/1 interface on a switch. Which interface statistic displays the number of collisions that occurred after the 64th byte of the frame was transmitted?

Late collisions

At which OSI model layer does a media converter operate? Layer 1 Layer 2 Layer 3 Layer 4

Layer 1 Explanation A media converter operates at the OSI model layer 1 (Physical layer). The media converter translates frames into bits and transmits them on the transmission medium. At layer 2, the MAC address is added to make the data into a frame. At layer 3, the IP address is added to the packet. A media converter does not alter or use the MAC address or the IP address.

At which of the following OSI layers does a router operate? Layer 1 Layer 2 Layer 3 Layer 4

Layer 3 Explanation A router operates at layer 3, or the Network layer.

You have a website that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before performance is negatively impacted. Which tool should you use

Load tester

You have a website that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before the performance is negatively impacted. Which tool should you use?

Load tester

Which of the following features on a wireless network allows or rejects client connections based on the hardware address?

MAC address filtering

Which of the following DNS database records maps a domain name to a list of mail servers for that domain?

MX

Which of the following features on a wireless network allows or rejects client connections based on the hardware address?

Mac address filtering Mac address filtering allows or rejects client connections based on the hardware address. Wi-Fi Protected Access II (WPA2) provides encryption and user authentication for wireless networks. Wired Equivalent Privacy (WEP) also provides security, but WPA2 is considered more secure than WEP. The SSID is the network name or identifier.

Which two of the following tasks do routers perform? Control access to the transmission media Identify devices through hardware addresses Maintain information about paths through an internetwork Multiplex signals onto the same transmission media Route data based on logical network addresses Route data based on hardware device addresses

Maintain information about paths through an internetwork Route data based on logical network addresses Explanation Routers build and maintain tables of routes through an internetwork, and deliver data between networks based on logical network addresses.

You have two folders that contain documents used by various departments: o The Development group has been given the Write permission to the Design folder. o The Sales group has been given the Write permission to the Products folder. No other permission have been given to either group. User Mark Tillman needs to have the Read permission to the Design folder and the Write permission to the Products folder. You want to use groups as much as possible. What should you do?

Make Mark a member of the Sales groupl add Mark's user account directly to the ACL for the Design folder.

You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks. The next hop router for the default route has changed. You need to make the change with the least amount of effort possible. What should you do? Manually reconfigure the default route to point to the new next hop router. Stop and restart the RIP protocol on the router. Force RIP to perform an immediate update. Wait for network convergence to take place.

Manually reconfigure the default route to point to the new next hop router. Explanation With a static route, when changes to the network occur, routing table entries must be modified, added, or removed manually. In this example, the default route was configured manually, so must be manually updated. When using a routing protocol, routing changes are made automatically by routers sharing routing information. To make a change for a dynamic route, simply wait for convergence to occur (the term convergence describes the condition when all routers have the same routing information).

2.048 Mbps

Maximum data transfer rate of an E1 connection.

34.368 Mbps

Maximum data transfer rate of an E3 connection.

622.08 Mbps

Maximum data transfer rate of an OC-12 connection.

A network link consisting of two dissimilar media types requires an intermediary device known as: Content filter Patch panel Media converter Coupler

Media converter

Which type of network topology provides the highest level of redundancy? Ring Mesh Bus Star

Mesh

You have been asked to implement a network infrastructure that will accommodate failed connections. Which of the following network topologies provides redundancy for a failed link? Star Mesh Bus Ring

Mesh Explanation In a mesh topology, each network device is interconnected to all other network nodes. This creates multiple data paths and in the event of a failed link, the data has an alternate route to arrive at its destination. The star topology connects network devices to the network with a single patch cable and the failure of a patch cable will make the connected device unavailable. The bus topology has a single point of failure, if there is a break in the network media, the network will be unavailable. A single break in a physical ring topology will disable the network.

You have implemented an adhoc wireless network that doesn't employ a wireless access point. Every wireless network card can communicate directly with any other wireless network card on the network. What type of physical network topology has been implemented in this type of network? Mesh Ring Star Tree Bus

Mesh Explanation This type of network uses a physical mesh topology. The key characteristics of a mesh topology are: • There's no central connecting point. • Any host can communicate directly with any other host on the network. A mesh network, such as this one, is usually impractical on a wired network. Each host would have to have a separate, dedicated network interface and cable for each host on the network. However, a mesh topology can be implemented with relative ease on a wireless network due to the lack of wires.

You have a network that uses a logical ring topology. How do messages travel through the network? Messages are sent directly to the destination device only. Messages are sent to a central device which then forwards the message to the destination device. Messages travel from one device to the next until they reached the destination device. Messages are sent to all devices connected to the network.

Messages travel from one device to the next until they reached the destination device. Explanation In a logical ring topology, messages travel to each device in turn. If the message is not intended for that device, the message is forwarded to the next device on the network.

You manage a network with multiple subnets connected to the Internet. A user reports that she can't access the Internet. You investigate the problem and find that she can access all hosts on the private network, but no hosts on the Internet. Which of the following is likely the cause of the problem?

Missing default route on a router f you can access all private subnets but not the Internet, troubleshoot the connection to the Internet. For example, verify that routers have a default route that would apply to Internet traffic, and make sure the Internet link is up and working. The default gateway on the workstation is configured properly because routing to other subnets works correctly, meaning that the workstation is able to send and receive packets from remote networks.

You manage a network with multiple subnets connected to the Internet. A user reports that she can't access the new server used in the accounting department. You check the problem and find out that her computer cannot access any server on that subnet, however the computer does access other computers on other subnets as well as the Internet. Which of the following is most likely the cause of the problem?

Missing route on the default gateway router

You manage a network with multiple subnets connected to the Internet. A user reports that she can't access the new server used in the accounting department. You check the problem and find out that her computer cannot access any server on that subnet, however the computer does access other computers on other subnets as well as the Internet. Which of the following is most likely the cause of the problem?

Missing route on the default gateway router

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with a user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?

Move the router to a secure server room.

Which of the following best describes the condition where a signal sent on one wire is received on another wire within the same connector?

NEXT Near end crosstalk (NEXT) is crosstalk measured on the same end as the transmitter. For example, when a signal is sent on one wire, near end crosstalk measures the interference on another wire at the same connector near the source of the original signal. Far end crosstalk (FEXT) is crosstalk measured on the opposite end from the transmitter. For example, when a signal is sent on one wire, far end crosstalk measures the interference on another wire at the opposite end from the source signal.

You have a file server named Srv3 that holds files used by the Development department. You want to allow users to access the files over the network, and control access to files when files are accessed through the network or through a local logon. Which solution should you implement?

NTFS and share permissions

Which type of device should you use to create the DMZ?

Network-based firewall

Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?

Network-based firewall

Your company has a connection to the internet that allows users to access the Internet. You aslo have a Web sever and an e-mail server that you want to make available to the Internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?

Network-based firewall

VRRP

Networking protocol which enables creation of virtual routers

You are installing networking wiring for a new Ethernet network at your company's main office building. The project specifications call for Category 5 UTP network cabling and RJ45 wall jacks. Near the end of the project, you run out of wire before the last few runs are complete. You have a spool of Category 3 network cable in storage. Upon investigation, it appears very similar to Category 5 wiring. Should you substitute Category 3 cabling for Category 5 cabling to finish the project? No, the sheath surrounding Category 5 cable is much thicker; creating an extra layer of shielding to reduce crosstalk and support higher data rates. Yes, you can substitute Category 5 wiring with Category 3 wiring, as they are electrically identical. No, Category 5 cabling has more twists per inch than Category 3 cabling to reduce crosstalk and support higher data rates. No, Category 3 cabling doesn't support RJ45 connectors. No, Category 5 cabling uses a thicker copper wire than Category 3 cable; enabling higher data transmission rates.

No, Category 5 cabling has more twists per inch than Category 3 cabling to reduce crosstalk and support higher data rates. Explanation While Category 3 and Category 5 cabling may appear similar physically, they are electrically different. Category 5 cabling is twisted much tighter than Category 3 cabling. This reduces

You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through plenum UTP cable that will be run along the floor around the perimeter of the data center to prevent tripping. To provide power for the net devices.... Will this configuration work?

No, you should consider relocating the new rack next to the existing rack.

You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum. You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used multimode GBIC modules on eBay that you will install in each router to allow them to connect to the switch. Both the switch and the GBIC modules use MT-RJ connectors. You purchased several used 1 meter multimode patch cables from Amazon. However, when they arrived, you noticed that they use LC connectors. Fortunately, with some force, you found that you are able to get the LC connectors on the cables to lock into the MT-RJ connectors on the GBIC modules and on the switch. Will this implementation work?

No, you should purchase patch cables that use MT-RJ connectors.

You are adding a new rack to your data center, which will house five new blade servers. The new servers will be installed in a cluster that will host a customer tracking database. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to connect each new server to the switch in the existing rack using straight-through UTP cables that will be run along the floor around the perimeter of the data center. To provide power for the new devices, you will hire an electrician to install several new 20-amp wall outlets near the new rack. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work?

No, you should run the cable around the perimeter of the room in a cable tray.

You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum. You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used single mode GBIC modules on eBay that you will install in each router to allow them to connect to the switch. Both the switch and the GBIC modules use MT-RJ connectors. You connect each module to the switch with 1 meter multimode patch cables. Will this implementation work?

No, you shouldn't use multimode patch cables with single mode GBIC modules.

You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum. You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used single mode GBIC modules on eBay that you will install in each router to allow them to connect to the switch. Both the switch and the GBIC modules use MT-RJ connectors. You connect each module to the switch with 1 meter multimode patch cables. Will this implementation work?

No, you shouldn't use multimode patch cables with single mode GBIC modules.

Your consulting firm has been hired by a small business to implement a wireless network. The company leases two office suites within a business park approximately 200 m apart, as shown below. The objectives of the implementation are as follows: • Create a secure wireless network whose signal doesn't emanate beyond each office space by implementing access points in locations A-D in each building. • Connect the wireless networks at each office together with a secure outdoor wireless link using locations E and F. Drag the antenna type from the list on the left to the appropriate location on the right. Each antenna type can be used more than once or not at all.

Normal gain directional antenna aimed East Normal gain directional antenna aimed South Normal gain directional antenna aimed North Normal gain directional antenna aimed West High-gain directional parabolic antenna aimed East High-gain directional parabolic antenna aimed West

Your 24U rack currently houses two 4U server systems. To prevent overheating, you've installed a rack-mounted environment monitoring device within the rack. Currently, the device shows the temperature within the rack to be 70 degrees Fahrenheit (21 degrees Celsius). What should you do? Install a humidifier to increase the humidity within the server room.

Nothing, the temperature within the rack is within acceptable limits.

Which of the following routing protocols are classified as link state routing protocols? (Select two.) EIGRP OSPF RIP ISIS RIPv2

OSPF & IS-IS Explanation Both OSPF and ISIS are link state protocols. Using the link state method, routers share only their directly connected routes using special packets called link-state advertisements (LSAs) and link-state packets (LSPs). These route advertisements are flooded (forwarded) throughout the network. Routers use this information to build a topology database of the network. RIP and RIPv2 are classified as distance vector protocols. Using the distance vector method, routers share their entire routing table with their immediate neighbors. Routes learned from neighboring routers are added to the routing table, then shared with that router's neighbors. EIGRP is a balanced hybrid protocol. A hybrid method combines characteristics of both the distance vector and link state methods. It shares its full routing table at startup, followed by partial updates when changes occur.

Which of the following best describes OSPF? OSPF is a classful link-state routing protocol. OSPF is a classless distance vector routing protocol. OSPF is a classless link-state routing protocol. OSPF is a classful distance vector routing protocol.

OSPF is a classless link-state routing protocol. Explanation OSPF is a classless link-state routing protocol. RIP version 1 and IGRP are both classful distance vector routing protocols. EIGRP is a hybrid protocol that supports classless addressing.

What are the main differences between the OSPF and ISIS routing protocols? OSPF is a link state protocol, while ISIS is not. OSPF is a classful protocol, while ISIS is a classless protocol. OSPF requires an area 0, while ISIS does not. OSPF is an IGP routing protocol, while ISIS is a BGP routing protocol.

OSPF requires an area 0, while ISIS does not. Explanation Like OSPF, ISIS uses areas when designing the network. However, ISIS does not require an area 0 like OSPF does. Because ISIS was originally designed for non-IP protocols, it can more easily support IPv6 routing. Both OSPF and ISIS have the following characteristics: • Both are link state protocols. • Both are classless protocols, supporting CIDR and VLSM. • Both are Interior Gateway Protocols (IGPs) that are used within an AS.

You are setting up a wireless hotspot in a local coffee shop. For best results, you want to disperse the radio signals evenly throughout the coffee shop. Which of the following types of antennas would you use on the AP to provide a 360-degree dispersed wave pattern?

Omni-directional

Which of the following answers refer(s) to highly directional antenna type(s) used for long-range point-to-point bridging links? (Select all that apply) Dipole antenna Omnidirectional antenna Dish antenna Non-directional antenna Unidirectional antenna

Omnidirectional antenna Dish antenna Unidirectional antenna

Two routers with the hostnames SLC and PROVO have been configured to connect using PPP with CHAP authentication through their BRI0 interfaces. Attempts to establish a session between the two routers fails. You check the running configuration on both routers and find the output shown below: hostname SLC enable password cisco username PROVO password vanilla ! ! interface Serial0 ip address 172.16.55.129 255.255.255.252 encapsulation ppp ppp authentication chap ! ! - remaining output omitted -- hostname PROVO enable password ccna username SLC password chocolate ! ! interface Serial0 ip address 172.16.55.130 255.255.255.252 encapsulation ppp ppp authentication chap ! ! - remaining output omitted -- What should you do to correct the problem?

On SLC, change the username password to chocolate.

You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?

On a RADIUS Server

True

One of the differences between the UTP and STP cabling is that STP cable takes advantage of additional protective cover reducing signal interference from outside sources.

You work for a large, multinational organization that has an extensive global network that is interconnected using WAN links and routers. Lately, users in one location have complained that they are unable to access resources stored on a server named FS23 in a South American branch office. To troubleshoot the issue, you have done the following: • Verified that the server is up and running. • Verified that the various routers in between the two locations are up and running. You suspect that perhaps one of the routers between the two locations may be dropping packets. To test this theory, you enter the ping FS23 -f -l 1500 command on your workstation. The ping command returns the following command for each ping packet sent: "Packet needs to be fragmented but DF set." What does this mean?

One of the intermediate routers is an MTU black hole. A black hole router will drop packets when the packet size exceeds the Maximum Transmission Unit (MTU) size. You can use ping to locate a black hole router by setting the following parameters along with the IP address of the remote host: • -f causes the ping utility to send an ICMP echo packet that has the IP "do not fragment" bit set. • -l sets the buffer (or payload) size of the ICMP echo packet. Specify this size by typing a number after the -l parameter. The ping test will provide you with helpful information: • If the MTU of every segment of a routed connection is at least the MTU size, the ping is successful. • If there is an intermediate segment that has a smaller MTU size, the router returns an ICMP "destination unreachable" packet and the ping utility displays a Packet needs to be fragmented but DF set message.

You want to set up a service to allow multiple users to dial in to the office server from modems on their home computers. What service should you implement?

RAS

Which of the following TCP/IP protocols do email clients use to download messages from a remote mail server? SNMP POP3 SPC FTP SMTP

POP3 Explanation The POP3 protocol is part of the TCP/IP protocol suite and used to retrieve email from a remote server to a local client over a TCP/IP connection. SNMP is a protocol used to monitor network traffic. SMTP is a TCP/IP protocol used to send email. FTP is used to transfer files.

You have implemented a network where each device provides shared files with all other devices on the network. What type of network do you have? Multiple access Peer-to-peer Polling Client/server

Peer-to-peer Explanation In a peer-to-peer network, each host can provide network resources to other hosts or access resources located on other hosts, and each host is in charge of controlling access to those resources. In a client/server network, hosts have specific roles. For example, some hosts are assigned server roles which allows them to provide network resources to other hosts. Other hosts are assigned client roles which allows them to consume network resources. Polling is a media access method where a single device grants permission to other devices to access the network. Multiple access describes a media access method where each device determines when the medium is free.

You suspect that your web server has been the target of a denial-of-service attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?

Performance

Match the social engineering description on the left with the appropriate attack type on the right.

Phishing -An attacker sends an email pretending to be from a trusted organization, asking users to access a website to verify personal information. Whaling -An attacker gathers personal information about the target individual, who is a CEO. Spear phishing -An attacker gathers personal information about the target individual in an organization. Dumpster diving -An attacker searches through an organization's trash for sensitive information. Piggybacking -An attacker enters a secured building by following an authorized employee through a secure door without providing identification. Vishing -An attacker uses a telephone to convince target individuals to reveal their credit card

What topology is used with 100BaseTX Fast Ethernet networks? (Select two.) Physical star/logical bus Physical star/logical ring Physical star/logical star Physical ring/logical star

Physical star/logical bus Physical star/logical star Explanation 100BaseTX Fast Ethernet networks use a physical star/logical bus topology when a hub is used or a physical star/logical star when a switch is used.

Which pins in an RJ45 connector are used to transmit data when used on a 100BaseT Ethernet network? (Choose two.) Pin 1 Pin 2 Pin 3 Pin 4 Pin 5 Pin 6 Pin 7 Pin 8

Pin 1 & Pin 2 Explanation On a 100BaseT network cable, the RJ45 pinouts are as follows: • Pin 1: Tx+ • Pin 2: Tx- •Pin 3: Rx+ • Pin 4: Unused • Pin 5: Unused • Pin 6: Rx- •Pin 7: Unused • Pin 8: Unused

Which of the following recommendations should you follow when placing wireless access points (WAPs) to provide wireless access for users within your company building?

Place WAP's above where most clients are. Devices often get better reception from WAPs that are abouve or below. If possible, place WAPs higher up to avoid interference problems caused by going through building foundations. For security reasons, do not place WAPs near outside walls. The signal will extend outside beyond the walls. Placing the WAP in the center of the building decreases the range of the signals available outside of the building. When using multiple WAPs, place access points coverage for all areas.

which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building>

Place access points above where most clients are

Which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building?

Place access points above where most clients are.

A type of enclosed space in a building (such as the one between a dropped ceiling and the structural ceiling) used for air handling is commonly referred to as: Plenum Access Point (AP) Cable tray HVAC system

Plenum

Which switch features are typically used with VoIP?

PoE VLAN

Needle Nose Pliers

Pointy pr long nose pliers used to snip wires

A server with a private IP address has been set up to handle requests from an outside (public) network. Which of the solutions listed below would enable this function?

Port forwarding

Your company recently installed a unified communication system. Employees are now able to inform each other of their availability.

Presence information

You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the Internet. From your work office, you try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the Internet. Why can't you access the server? Private addresses are not accessible through the Internet. The server has been assigned a multicast address. The server must have an entry on a DNS server that exists on the Internet. The server isn't using the default subnet mask.

Private addresses are not accessible through the Internet. Explanation The server has been assigned a private IP address. Private addresses are not accessible from the Internet. Instead, a NAT router translates the private address into a public address, and the public address is used to gain access to the private host.

CorpServ is a small company with 14 client systems and network printer. Because there are only a limited number of networked systems, you decide to us APIPA addressing for the network. With APIPA configured, all systems are able to communicate with each other but you are having rouble configuring Internet access. What is the likely cause of the problem?

Private addresses cannot directly communicate to hosts outside the local subnet

You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffer software on a device which is connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation and not other devices. Which feature should you configure?

Promiscuous mode.

Besides protecting a computer from under voltage, a typical UPS also performs which two actions.

Protects from over voltage Conditions the power signal

You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use?

Protocol analyzer Use a protocol analyzer (also called a packet sniffer) to examine network traffic. You can capture or filter packets from a specific device or that use a specific protocol.

Public cloud

Provides cloud services to just about anyone

In computer networking, a system or an application processing requests on behalf of another system is commonly referred to as:

Proxy

Match each description on the left with the appropriate cloud technology on the right.

Public cloud Provides cloud services to just about anyone. Private cloud Provides cloud services to a single organization. Community cloud Allows cloud services to be shared by several organizations. Hybrid cloud Integrates one cloud service with other cloud services.

Which of the answers listed below refers to a tool used for attaching cables to a 110 block? Punch down tool Crimp tool Cable certifier Needle-nose pliers

Punch down tool

What tool should you use to extend network services beyond the demarc? Media certifier Tone generator Crimper Punchdown tool

Punchdown tool Explanation A demarc is the location where the local network ends and the telephone company's network begins. This location is usually at a punch down block in a wiring closet. You use a punchdown tool to attach wires to the punch down block.

You are working with 25 pair wires and 66 blocks. You have pushed the wires onto the 66 block, but now need to cut off the excess end of each wire. Which tool should you use? Snips Butt set Cable stripper Punchdown tool

Punchdown tool Explanation Use a punchdown tool to push wires into 66 or 110 blocks and cut wires at the same time. The punchdown tool has a blade on one side the cuts off the excess wires. Use snips to cut cables or wires. However, a punchdown tool would be easier to use for this task than wire snips. Use a cable stripper to remove the plastic covering for a cable. Note: When making drop cables or using punchdown blocks, do not remove the plastic covering for individual wires. Use a butt set to connect to phone lines to monitor, make, or answer phone calls.

You want to implement 802.1x authentication on your wireless network. Which of the following will be required?

RADIUS

Which of the following solutions provide(s) the AAA functionality? PAP RADIUS TACACS+ PPTP MSCHAP

RADIUS TACACS+

You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer at home. Which protocol should you use?

RDP

Which of the following answers list examples of coaxial cabling types? (Select 2 answers) STP RG-59 Multimode fiber UTP RG-6 Single mode fiber

RG-59 RG-6

Which of the following cable classifications are typically used for cable and satellite networking with coaxial cables? (Select two.) RG6 RG8 RG58 RG59

RG6 & RG59 Explanation Both RG6 and RG59 can be used for cable and satellite networking applications, although RG6 has less signal loss than RG59, and is a better choice for networking applications, especially where longer distances (over a few feet) are involved. Both RG6 and RG59 have an impedance rating of 75 ohms. RG8 and RG58 have an impedance rating of 50 ohms and were used with 10 Mbps Ethernet.

F-type connectors are typically used with cables using which of the following standards? (Select two.) RG58 Cat 6e Cat 5e RG6 Cat 5 RG59

RG6 & RG59 Explanation F-type connectors are used with coaxial cable, and are typically used for cable TV and satellite installations using RG6 or RG59 cables. RG58 cables typically use BNC connectors and cables are used for 10Base2 Ethernet. Cat 5, 5e, and 6e cables use RJ45 connectors.

Which of the following protocols has a limit of 15 hops between any two networks? BGP EIGRP OSPF RIP ISIS

RIP Explanation RIP networks are limited in size to a maximum of 15 hops between any two networks. A network with a hop count of 16 indicates an unreachable network. The other routing protocols do not use the hop count as the metric. EIGRP uses bandwidth and delay for the metric. OSPF and ISIS use a relative link cost. BGP uses paths, rules, and polocies for the metric.

What is the main difference between RIP and RIPv2? RIP has a limit of 15 hops, while RIPv2 increases the hop count limit. RIP is a distance vector protocol, while RIPv2 is a link state protocol. RIP is a classful protocol, while RIPv2 is a classless protocol. RIP use the hop count for the metric, while RIPv2 uses a relative link cost.

RIP is a classful protocol, while RIPv2 is a classless protocol. Explanation RIP v1 is a classful protocol, meaning that the subnet mask is not included in routing updates. With RIP, only the default subnet mask is used to identify networks. RIP v2 is a classless protocol, meaning that the subnet mask is included in routing updates. RIPv2 supports variable length subnet masks (VLSM). Both RIP and RIPv1 are distance vector protocols and use the hop count for the metric. RIP and RIPv2 have a limit of 15 hops between any two networks.

Which of the following statements about RIP is true? RIP uses hop counts as the cost metric. RIP is the routing protocol used on the Internet. RIP is suitable for large networks. RIP is a link state routing protocol.

RIP uses hop counts as the cost metric. Explanation RIP is a distance vector routing protocol. As such, it is susceptible to the count-to-infinity problem. RIP uses the hop count as the cost metric. Because it has a limitation of 15 hops in one route, it is not suited for large networks.

Which of the following answers list(s) the characteristic feature(s) of a Category 5 (CAT5) cabling? (Select all that apply) Copper cable RJ-45 connector Fiber-optic cable 10 Gbps Ethernet 100 Mbps Ethernet

RJ-45 connector Fiber-optic cable 100 Mbps Ethernet

Which three of the following functions are performed by the OSI Transport layer? Reliable message delivery Format packets for delivery through the media Data segmentation and reassembly End-to-end flow control Path identification and selection Control media access, logical topology, and device identification Consistent data formatting between dissimilar systems

Reliable message delivery, Data segmentation and reassembly, & End-to-end flow control Explanation The Transport layer is responsible for taking upperlayer data, breaking it into segments, and providing for reliable communications through end-to-end flow control and error correction and detection. Transmitting messages through the media is performed at the Physical layer. Media access, logical topology, and device identification occurs at the Data Link layer. Path identification and selection is a function of the Network layer. Data formatting is performed at the Presentation layer.

You are implementing a wireless network inside a local office. You require a wireless link to connect a laptop in the administrator's office directly to a system in the sales department. In the default configuration, the wireless AP uses a 360dispersed RF wave design. After installed, the signal between the two systems is weak as many obstacles interfere with the signal.

Replace the Omni-directional antenna with a directional antenna

A user from the Sales department calls to report that he is experiencing problems connecting to the Sales file server. All users in the Sales department connect to the Sales server through a single Ethernet switch. No other users have reported problems connecting to the Sales server. Which of the following troubleshooting actions are you most likely to perform first?

Replace the network card in the user's computer

A user from the Sales department calls to report that he is experiencing problems connecting to the sales file server all users in the sales department connect to the sales server through a single ethernet switch. No other users have reported problems connecting to the sales server. what troubleshooting actions are you most likely to perform first?

Replace the network card in the user's computer

Which of the following protocols are used by VoIP to set up, maintain, and terminate a phone call?

SIP

A network topology in which each node connects to exactly two other nodes is called: Partial mesh topology Ring topology Full mesh topology Star topology

Ring Topolgy

Which of the following protocols is used by VoIP to set up, maintain, and terminate a phone call? TLS SIP NTP RTP SSH

SIP Explanation The Session Initiation Protocol (SIP) is used to set up, maintain, teardown, and redirect the call. The Real-Time Transport Protocol (RTP) contains the actual voice data. SSH is used for secure remote administration of a network device. TLS is used to add security to other protocols. NTP is used for synchronizing clocks on network devices.

You have purchased a new router that you need to configure. You need to connect a workstation to the router's console port to complete the configuration tasks. Which type of cable would you most likely use? RG6 Straight-through Crossover Rollover

Rollover Explanation Use a rollover cable to connect a workstation to the console port of a router or a switch. The rollover cable has an RJ45 connector on one end to connect to the console port, and a serial connector on the other end to connect to the serial port of the workstation. You then run a terminal emulation program on the workstation to connect to the console of the router or switch to perform configuration and management tasks. Use a straight-through or crossover Ethernet cable to connect devices using the Ethernet RJ45 ports. An RG6 cable is a coaxial cable.

A device designed to filter and transfer data packets between different types of computer networks is called:

Router

You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do?

Run the packet sniffer application on Host B.

You want to use Kerberos to protect LDAP authentication. Which authentication mode should you choose?

SASL

Which of the following connectors usually require polishing as part of the assembly process? (Select two.) BNC SC ST IDC AUI

SC & ST Explanation The fiber optic cable assembly process is more complex than other assemblies. It is necessary to polish the exposed fiber tip to ensure that light is passed on from one cable to the next with no dispersion.

Which of the following is an example of smart technology embedded within networked devices associated with automated factory equipment?

SCADA systems

As network administrator you are asked to recommend a secure method of transferring data between hosts on a network. Which of the following protocols would you recommend? (Select two.)

SFTP SCP

Which of the following protocols are used with VoIP?

SIP RTP

Which of the following protocols are used with VoIP? (Select two.) SNMP SIP SMTP RTP NTP

SIP & RTP Explanation Voice over IP (VoIP) uses the following protocols: • Real-Time Transport Protocol (RTP) packets contain the actual voice data. • Session Initiation Protocol (SIP) is used to set up, maintain, teardown, and redirect the call. NTP is used for synchronizing time between devices. SNMP is used by devices for sending configuration information. SMTP is used for sending email.

Your company has just acquired another company in the same city. You are given the task of integrating the two email systems so that messages can be exchanged between the email servers. However, each network uses an email package from a different vendor. Which TCP/IP protocol will enable messages to be exchanged between systems? IMAP4 SMTP ICMP POP3 FTP

SMTP Explanation The Simple Mail Transfer Protocol (SMTP) specifies how messages are exchanged between email servers. POP3 and IMAP4 are used by email clients to download email messages from email servers. FTP is a file transfer protocol. ICMP is used in ping and traceroute for communicating network communication information.

Dual ring topology

SONET networks are most often based on this.

SFTP uses which mechanism to provide security for authentication and data transfer?

SSH

Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet?

SSH

Which of the following network services or protocols uses TCP/IP port 22?

SSH

Which of the following protocols can be used to securely manage a network device from a remote connection?

SSH

Which of the following tools allow for remote management of servers? (Select two.)

SSH Telnet

You can use a variety of methods to manage the configuration of a network router. Match the management option on the right with its corresponding description on the left. (Each option can be used more than once.)

SSL Uses publickey cryptography HTTP Transfers data in clear text SSH Uses publickey cryptography Telnet Transfers data in clear text Console port Cannot be sniffed

Which of the VPN connection types listed below typically doesn't require a dedicated VPN client application? (Select all that apply)

SSL VPN Site-to-site

Which protocol does HTTPS use to offer greater security for Web transactions?

SSL.

Which of the following connectors is used with fiber optic cables and connects using a twisting motion? F-type SC BNC LC ST

ST Explanation The ST connector is used with fiber optic cable and uses a twist-type connector. Tip: To remember the difference between ST and SC connectors, associate the T in ST with "twist". SC and LC connectors are used with fiber optic cables but plug in instead of twist. F-type and BNC connectors use a twist to connect, but are used with coaxial cables.

A range of IP addresses assigned to hosts requesting dynamic IP address from a DHCP server is known as:

Scope

Which of the following mobile device security consideration will disable the ability to use the device after a short period of inactivity?

Screen lock

Mobile devices in your organization use the access points shown in the figure below to connect to your wireless network. Recently, a catastrophic early morning power surge occurred, followed by an outage that lasted longer than your backup equipment could supply temporary power. After you powered the equipment back on, everything initially appeared to work correctly. However, ever since this event, some mobile users report that wireless network connections sometimes get dropped or perform very poorly. What should you do? (Select two.)

Set the channel used by access point B to 8. Set access point B to use 802.11n wireless networking.

You use Cat5e twisted pair cable on your network. Cables are routed through walls and the ceiling. A user puts a screw in the wall to hang a picture and pierces the cable such that a signal sent on pin 1 arrives on the cable connected to pin 7. What term describes this condition?

Short circuit An electrical short occurs when electrical signals take a different path other than the intended path. In the case of twisted pair wiring, a short means that a signal sent on one wire might arrive on a different wire. Shorts are caused by worn wire jackets or crushed wires so that two wires touch, or by something metal piercing the wire and causing an alternate path. An open circuit is a cut in the wire that prevents the original signal from reaching the end of the wire. With a short, the signal travels a different path, but with an open circuit, the signal does not travel anywhere (electricity cannot flow because the path is disconnected).

You are considering using WIFI triangulation to track the location of wireless devices within your organization. However, you have read on the internet that this type of tracking can produce inaccurate results. What is the most important consideration for getting reliable results when implementing this type of system?

Signal strength

Which of the following forms of optical fiber would usually be used to connect two buildings across campus from each other, which are several kilometers apart? Fibre Channel mode Multimode Single mode Dual mode

Single mode Explanation In this scenario, use single mode fiber optic cables. Fiber optic is graded as single mode or multimode. Single mode consists of a single very thin core which produces fewer reflections. This provides greater effective bandwidth over greater distances. Multimode is less costly than single mode fiber. Multimode transmits multiple light rays concurrently. Multimode is used to transmit over shorter distances as the rays tend to disperse as the transmission distance increases. Fibre channel is a network topology used in storage area networks.

You would like to implement 10 Gbps Ethernet over a distance of at least 10 kilometers. Which of the following would meet the requirement for this implementation? (Select three.) 10GBaseER standards 10GBaseLR standards Multimode fiber Single mode fiber 10GBaseSR standards

Single mode fiber 10GBaseER standards 10GBaseLR standards Explanation For 10 Gbps Ethernet at distances of 10 kilometers or more, use singlemode fiber optic cable. 10GBaseLR (up to 10 km) and 10GBaseER (up to 40 km) both support 10 Gbps single mode fiber. Multimode fiber is cheaper but has a shorter maximum distance than single mode fiber. 10GBaseSR uses multimode fiber at distances up to 300 meters.

Users report that the Internet is no longer accessible. You suspect that the line connecting your building to the Internet is not working properly. Which of the following allows the service provider to remotely test the local loop?

Smart jack

Users report that the Internet is no longer accessible. You suspect that the line connecting your building to the Internet is not working properly. Which of the following allows the service provider to remotely test the local loop?

Smart jack A smart jack is a special loopback plug installed at the demarcation point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc. A smart jack is similar to a loopback plug; however, the loopback plug must be manually inserted into a jack to test the line, while the smart jack is a special plug that includes loopback support and can be used for remote testing of the local loop. With a smart jack, technicians can diagnose the local loop without visiting your location.

A fraudulent email requesting its recipient to reveal sensitive information (e.g. user name and password) used later by an attacker for the purpose of identity theft is an example of: Bluesnarfing Brute-force attack Social engineering Bluejacking

Social engineering Social engineering is an attack vector that relies heavily on human interaction and often involves tricking people into breaking normal security procedures.

The unauthorized practice of obtaining confidential information by manipulating people into disclosing sensitive data is known as: Social engineering Zero-day attack Multifactor authentication Backdoor access

Social engineering Social engineering is an attack vector that relies heavily on human interaction and often involves tricking people into breaking normal security procedures.

Which of the following solutions would you implement to eliminate switching loops?

Spanning tree Run the spanning tree protocol to prevent switching loops. A switching loop occurs when there are multiple active paths between switches. The spanning tree protocol runs on each switch and is used to select a single path between any two switches. Switch ports that are part of that path are placed in a forwarding state. Switch ports that are part of redundant but unused paths are placed in a blocking (non-forwarding) state.

You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal Web site. What should you use to allow access? DNS A record Static NAT DNS CNAME record Multicast Dynamic NAT

Static NAT Explanation Static NAT maps an internal IP address to a static port assignment. Static NAT is typically used to take a server on the private network (such as a Web server) and make it available on the Internet. External hosts contact the internal server using the public IP address and the static port. Using a static mapping allows external hosts to contact internal hosts. Dynamic NAT automatically maps internal IP addresses with a dynamic port assignment. On the NAT device, the internal device is identified by the public IP address and the dynamic port number. Dynamic NAT allows internal (private) hosts to contact external (public) hosts but not vice versa. External hosts cannot initiate communications with internal hosts. DNS records associate a host name with an IP address. With multicast, a single data stream can be forwarded to all computers that are members of the same multicast group.

False (I wasn't sure how to reword this one. Sorry)

Static VLAN configuration relies on assigning VLAN membership by examining the MAC address of the device connecting to a switch port.

When troubleshooting network issues, it's important to carry out tasks in a specific order. Drag the trouble shooting task on the left to the correct step on the right.

Step 1- Identify the problem. Step 2 - Establish a theory of probable cause. Step 3 - Test the theory to determine the cause. Step 4 - Establish a plan of action. Step 5 - Implement the solution or escalate. Step 6 - Verify full system functionality. Step 7 - Document findings, actions and outcomes.

Arrange the Fibre Channel SAN implementations tasks in the order they should be performed.

Step 1- Install a Fibre Channel adapter in each server that will access the shared storage on the SAN. Step 2- Deploy a Fibre Channel switch. Step 3- Connect each server to the Fibre Channel switch using the appropriate fiber optic cabling for the equipment you are using. Step 4- Deploy a shared storage device, such as an external RAID device containing multiple hard disk drives.

Arrange the steps in the Change and Configuration Management process on the left in the

Step 1: Identify the need for a change. Step 2: Conduct a feasibility analysis. Step 3: Define the procedure for implementing the change. Step 4: Notify affected parties of the pending change. Step 5: Implement the change. Step 6: Test the implementation. Step 7: Document the change

You need to connect a workstation to a switch using a regular port on the switch (not an uplink port). The switch does not support auto-MDI. Which type of cable should you use? Straight-through Crossover Loopback Rollover

Straight-through Explanation Use a straight-through cable to connect a workstation or router to a regular switch port. Use a crossover cable to connect the workstation to the uplink port. Use a rollover cable to connect the workstation to the console port of the switch. Use a loopback plug to allow a workstation to communicate with itself through its own network adapter.

Which of the following applications is more likely to justify the investment in Category 6 cable? Instant Messaging Printing Email Streaming video

Streaming video Explanation Category 6 cable is specified to extend the available bandwidth from 100 MHz to 200 MHz. This serves as the basis for greater capacity, throughput and reliability. Producing high quality streaming multimedia usually requires consistent highspeed network bandwidth. Email and messaging are typically low bandwidth applications consisting of small, brief transmissions. Printing typically consists of greater amounts of data being transferred, however printing is highly amenable to delays and buffering and usually will not suffer any noticeable effects with decreased bandwidth.

Which of the following best describes the purpose of using subnets? Subnets let you connect a private network to the Internet. Subnets place each device within its own collision domain. Subnets combine multiple IP network addresses into one network address. Subnets divide an IP network address into multiple network addresses.

Subnets divide an IP network address into multiple network addresses. Explanation Subnets divide an IP network address into multiple network addresses. This allows you to have several smaller networks while using only one network address.

You manage a subnet that uses the following subnet address: 198.162.1.0/23. Which of the following best describes how addressing is configured for the subnet? Supernetting Private Subnetting Classful

Supernetting Explanation The subnet address 198.162.1.0/23 is an example of a supernetted address. With supernetting, multiple smaller subnets are combined into a single larger subnet. Supernetting is performed by taking the default subnet mask and making it smaller (using less bits). For this address, the default subnet mask uses 24 bits (255.255.255.0). With supernetting, the mask is altered to use only 23 bits (255.255.254.0) to combine multiple subnets together. Subnetting is the process of dividing a larger network into smaller networks. With the subnet address in this example, a subnetted address would use a larger subnet mask (using more bits). A subnetted address might use 25 bits (255.255.255.128) or more to subdivide the network into multiple smaller subnets. Sometimes the term subnetting can be used to refer to both subnetting and supernetting, but in this example, supernetting better describes what is being done. Classful addressing uses the default subnet mask based on the address class. If classful addressing were used, the subnet would use a 24 bit mask. Private addresses are within the following ranges: • 10.0.0.1 to 10.255.255.254 • 172.16.0.1 to 172.31.255.254 • 192.168.0.1 to 192.168.255.254

What device is used to create a physical star topology? Switch Firewall Bridge Router

Switch Explanation A physical star topology uses a switch or a hub. Routers are used to connect multiple subnets together. A firewall is a router that performs filtering on packets or other information contained in network communications.

Which of the following devices is used on a LAN and offers guaranteed bandwidth to each port? Router Bridge Switch

Switch Explanation A switch offers guaranteed bandwidth to each port.

Which of the following devices operate at OSI model layer 2? (Select two.) Network interface card Firewall Switch Hub Repeater Router

Switch & Network interface card Explanation A network interface card and a switch operate at layer 2 (Data Link) of the OSI model. Layer 2 includes protocols that define the MAC address. The MAC address is burned into the network interface card, and a switch uses the MAC address to make forwarding decisions. A hub or a repeater operate at layer 1; they regenerate a signal without looking at layer 2 or layer 3 information. A router operates at layer 3, using the IP address to make forwarding decisions. A firewall operates at layer 3 or higher, using packet or data contents for making filtering decisions.

Which of the following is a standard for sending log messages to a central logging server?

Syslog

You are teaching new users about security and passwords. Which example of the passwords would be the most secure password?

T1a73gZ9!

44.736 Mbps

T3 lines support data transfer rates of up to this speed.

44.736 Mbps

T3 lines support data transfer rates of up to:

What kind of termination would be used to create a straight-through Ethernet cable? (Select 2 answers) T568A on both ends Rollover / Yost T568A and T568B T568B on both ends

T568A on both ends T568B on both ends

Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access?

TACACKS+, Radius

Which of the ff. protocols can be used to centralize remote access authentication?

TCACS

Which of the following protocols includes extensive error checking to ensure that a transmission is sent and received without mistakes? TCP UDP UDB UCP

TCP Explanation The TCP protocol includes error checking.

You are an application developer and are writing a program to exchange video files through a TCP/IP network. You need to select a transport protocol that will guarantee delivery. Which TCP/IP protocol would you implement that provides this capability? RIP TCP IP FTP UDP TFTP

TCP Explanation Write the application to use the Transmission Control Protocol (TCP). TCP guarantees delivery through error checking and acknowledgments.

You have been asked to document the wiring in your building. You need to identify the length of the cables, but most cables run through walls and ceilings, making them difficult to trace. What tool do you use?

TDR a special device that sends electrical pulses on a wire in order to discover information about the cable. It measures impedance discontinuities, or in other words the echo received on the same wire in response to a signal on the wire.: Length of wire cable impedance location of splices and connectors on the wire shorts and open circuits and location of the fault

What encryption method is used by WPA for wireless networks?

TKIP uses rotating keys for added security over WEP

You have a small wireless network that uses multiple access points. The network uses WPA and broadcasts the SSID. WPA2 is not supported by the wireless access points. You want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop? (Select two.)

TKIP encryption Preshared key

Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)

TLS and SSL

Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)

TLS// SSL

Match each troubleshooting command on the left with its function on the right. Each utility may be used once, more than once, or not at all.

Tests connectivity between two network hosts by sending IPv4 ICMP Echo Request packets without modifying the TTL parameter. ==> ping Computes lost/sent packet statistics for each hop in the route between two hosts. ==> pathping Used on Linux systems to identify the route between two IPv6 hosts. ==> traceroute6 Used on Windows systems to identify the route between two IPv4 hosts. ==> tracert Tests connectivity between two network hosts by sending IPv6 ICMP Echo Request packets without modifying the TTL parameter. ==> Leave Blank

Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. Recently, your CEO conducted a video conference with the employees at the branch office. The employees complained that the video was choppy and that the audio was frequently out of sync with the video. What is the most likely cause of this poor WAN performance? There is an authentication misconfiguration issue between the WAN interfaces on both ends of the link

The WAN provider is throttling bandwidth on the link.

Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. Recently, your CEO conducted a video conference with the employees at the branch office. The employees complained that the video was choppy and that the audio was frequently out of sync with the video. What is the most likely cause of this poor WAN performance?

The WAN provider is throttling bandwidth on the link. In this scenario, its possible that the WAN service provider is the cause of the problem. You should check the contract with the service provider to make sure they aren't throttling the bandwidth of the WAN link. It's not uncommon for service providers to impose bandwidth or utilization caps that could be hampering communications. Because connectivity exists between the home and branch office networks in this scenario, the following are very unlikely to be the cause of the problem: • A disabled WAN interface • A protocol mismatch • An authentication mismatch • An IP address misconfiguration

Consider the network shown in the exhibit. You have been experiencing intermittent connectivity issues with switch2. To check the status of the interfaces, you run the following commands: switch2# show interfaces fa0/1 status Port Name Status Vlan Duplex Speed Type Fa0/1 connected 3 a-half a-100 10/100BaseTX switch2# show interfaces Gi0/1 status Port Name Status Vlan Duplex Speed Type Gi0/1 connected trunk a-full a-1000 1000BaseTX switch2# show interfaces Gi0/2 status Port Name Status Vlan Duplex Speed Type Gi0/2 connected trunk a-full a-1000 1000BaseTX What is the issue with this network?

The device connected to the Fa0/1 interface has autonegotiation disabled. A duplex mismatch probably exists on the Fa0/1 interface. Note that duplexing has been automatically set to half, which is the default behavior for Cisco devices when autonegotiation fails. To fix the issue, check the Gi0/1 interface on router1 to see if autonegotiation has been disabled. You could manually configure the Fa0/1 interface on switch2 to use the same duplexing and link speed settings as the interface on the router, or you could re-enable autonegotiation on the router interface. The Gi0/1 and Gi0/2 interfaces on switch2 appear to be functioning correctly with full duplexing and full link speed having been automatically configured.

A network is connected following the IEEE 802.3 specifications. Which of the following best describes when a device can transmit messages? The device is notified of its turn to send messages. The device requests permission from a controlling device. The device with the token can use the transmission media. The device transmits whenever it is ready. The device listens to determine if the transmission media is free.

The device listens to determine if the transmission media is free. Explanation The IEEE 802.3 committee describes the CSMA/CD media access method. Devices listen to the network to determine if the transmission media is free before transmitting.

E- Carrier

The digital telecommunications services backbone system of Europe. They can be used for wide area network (WAN) connections. Available wherever the parallel T-carrier services are not.

Hub

The disadvantage from using this device results from the fact that any incoming signal on any of its ports is re-created and sent out on any connected ports which has a negative impact on network performance.

Which of the following describe the EDGE cellular technology? (select two.)

The first Internet compatible technology Offers speeds of 400-1,000 Kbps

What information does the next hop entry in a routing table identify? The first router in the path to the destination network. The number of routers that the packet must go through to reach the destination network. The last router in the path to the destination network. A backup router that is used for forwarding packets addressed to unknown networks.

The first router in the path to the destination network. Explanation The next hop router is the first (or next) router in the path to the destination network. Each router looks at the destination network in the packet, then consults the routing table to identify the next hop router to the destination network. The hop count identifies the number of routers in the path to the destination network. A default gateway router is a router that is used for packets used to external networks. Most routers do not have a default gateway setting, but instead use a default route setting which identifies a next hop router for all unknown networks.

10.119.128.1

The first valid host address for a node residing in the 10.119.136.143/20 network

You are the wireless network admin for your org. As the size of the org has grown, you've decided to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys. You've decided to use LEAP to authenticate wireless clients. To do this, you configured a Cisco RADIUS server and installed the neccessary Cisco client software on each RADIUS client. Which of the following is true concerning this implementation?

The system is vulnerable because LEAP is susceptible to dictionary attacks.

You are the wireless network administrator for your organization. As the size of the organization has grown, you've decide to upgrade your wireless network to use 802.1x authentication instead of preshared keys. You've decided to use LEAP to authenticate wireless clients. To do this, you configured a Cisco RADIUS server and installed the necessary Cisco client software on each RADIUS client. Which of the following is true concerning this implementation?

The system is vulnerable because LEAP is susceptible to dictionary attacks.

HAVAC System

The technology of indoor and vehicular environmental comfort.

A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While talking to her, you discover that she is trying to work from the coffee rom two floors above the floor where she normally works. What is the most likely cause of her connectivity problem?

The user is out of the effective range of the wireless access point on her floor

A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While talking to her, you discover that she is trying to work from the coffee room two floors above the floor where she normally works. What is the most likely cause of her connectivity problem?

The user is out of the effective range of the wireless access point on her floor.

Your organization uses an 802.11b wireless network. Recently, other tenants installed the following equipment in your building: • A wireless television distribution system running at 2.4 GHz • A wireless phone system running at 5.8 GHz • A wireless phone system running at 900 MHz • An 802.11a wireless network running in the 5.725 - 5.850 GHz frequency range • An 802.11j wireless network running in the 4.9 - 5.0 GHz frequency range Since this equipment was installed, your wireless network has been experiencing significant interference. Which system is to blame?

The wireless TV system

While viewing the status of the interfaces on a Cisco switch, you see an abnormally large number of oversized Ethernet frames being received on one interface. This interface is connected to a workstation located on the 2nd floor. What could be causing this to happen?

The workstation's network board is jabbering. Frames that are too long are typically caused by a faulty network card that jabbers (constantly sending garbage data).

Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following: • Interface status: Up • Protocol status: Down What is the most likely cause of this WAN issue?

There is an authentication misconfiguration issue between the WAN interfaces on both ends of the link.

You have two switches connected together as shown in the following diagram. How many broadcast domains are there in the network shown?

There are two broadcast domains. Each VLAN is in its own broadcast domain. When connecting devices to a switch, each switch port connection is in its own collision domain.

Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following: • Interface status: Up • Protocol status: Down What is the most likely cause of this WAN issue?

There is a data link encapsulation protocol mismatch between the WAN interfaces on both ends of the link. If the WAN interface's line status is up and the protocol status is down, then you're most likely experiencing a Layer 2 issue. This could be caused by a mismatch in the data link encapsulation protocol used on the link. Common Layer 2 point-to-point WAN protocols include HDLC, PPP, and Frame Relay. The same Layer 2 protocol must be used on both ends of the link.

Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following: • Interface status: Down • Protocol status: Down What are the most likely causes of this WAN issue? (Select two.)

There is a problem with the service provider's network. The WAN interface on one or both routers has been disabled. Because both the line status and the protocol status of the WAN interface is down, you're most likely experiencing a Layer 1 issue. As such, you should start troubleshooting at Layer 1. In this scenario, it's possible that: • One or both WAN interfaces have been shut down (disabled). • There is an issue with the service provider's network. Because both interfaces have a status of down/down, the problem must lie at Layer 1. The following issues are Layer 2 or 3 issues: • A protocol mismatch • An authentication mismatch • An IP address misconfiguration Latency on the link would still allow communications to occur between the routers, but performance would be poor. If this were the case, the interface status of both link ends would be in an up/up state.

Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following: • Interface status: Up • Protocol status: Up What is the most likely cause of this WAN issue?

There is an IP address misconfiguration issue between the WAN interfaces on both ends of the link.

Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following: • Interface status: Up • Protocol status: Up What is the most likely cause of this WAN issue?

There is an IP address misconfiguration issue between the WAN interfaces on both ends of the link.

Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following: • Interface status: Up • Protocol status: Down What is the most likely cause of this WAN issue?

There is an IP address misconfiguration issue between the WAN interfaces on both ends of the link.

Your organization recently opened a branch office in a remote area. Because of its location, traditional WAN connectivity was not available, so you contracted with a satellite provider to connect the branch office network to your home office network. Recently, your CEO conducted a video conference with the employees at the branch office. The employees complained that the video was choppy and that the audio was frequently out of sync with the video. What is the most likely cause of this poor WAN performance?

There is latency on the WAN link. In this scenario, its very likely that the satellite link itself is the cause of the problem. Because the radio signals used by satellite links must travel thousands of miles into space and back, several milliseconds of latency are introduced. For some types of network communications, such as saving a file or sending an email, this latency is not a problem. However, for time-sensitive communications such as a video conference, the latency inherent in the satellite link can cause poor network performance.

What is the risk associated with smart technology used in network devices such as smart refrigerators, environmental controls, or industrial equipment?

They are vulnerable to exploits due to weaker security.

Which of the following are characteristics of an MT-RJ fiber optic connector? (Select two.) They are used with multifiber fiber optic ribbon cables. They use a nickel-plated housing. They can be used with multimode fiber optic cables. They use a keyed bayonet. They must never be used with singlemode fiber-optic cables. They use metal guide pins to ensure accurate alignment.

They can be used with multimode fiber optic cables. They use metal guide pins to ensure accurate alignment. Explanation MTRJ connectors can be used with either multimode or single-mode fiber optic cabling. The connector is made from plastic and uses metal guide pins to ensure it is properly aligned in the jack.

Which of the following are characteristics of an LC fiber optic connector? (Choose two.) They use a stainless steel housing. They are threaded. They can be used with either fiber optic or copper cabling. They use a one-piece bayonet connecting system. They use a housing and latch system similar to an RJ45 UTP connector. They are half the size of standard connectors.

They use a housing and latch system similar to an RJ45 UTP connector. They are half the size of standard connectors. Explanation LC fiber optic connectors are small; about half the size of other fiber optic connectors. Their appearance is similar to a typical RJ45 connector used with UTP wiring. Like an RJ45 connector, it uses a small latch to lock the connector in a jack.

You have a WAN link that connects two sites. The WAN link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link. Which tool should you use?

Throughput tester.

Which of the following are used when implementing Kerberos for authentication and authorization? (Select two.)

Ticket granting server Time server

Which of the following technologies does GSM use to allow multiple connections on the same frequency?

Time division multiple access

What purposes does a wireless site survey serve? (Choose two.)

To identify existing or potential sources of interference. To identify the coverage area and preferred placement of access points.

Punch down tool

Tool used for attaching cables to a 110 block.

Wire stripper

Tool used for removing electrical insulation cover from electric wires.

Cable certifier

Tools that allows for verification of the network cabling installation performance and its compliance with TIA or ISO standards

Cable crimpers

Tools used for attaching an RJ-45 connector to the end of a twisted-pair Ethernet cable.

Match each Wi-Fi jamming attack on the left with its corresponding description on the right.

Transmits radio signals at random amplitudes and frequencies ==> Random noise jamming Transmits pulses of radio signals at random amplitudes and frequencies ==> Random pulse jamming Repeatedly transmits high-intensity, short-duration RF bursts at a rapid pace ==> Spark jamming

Which OSI model layer is responsible for guaranteeing reliable message delivery? Transport Application Data Link Session

Transport Explanation The Transport layer is responsible for connection services that provide reliable message delivery through error detection and correction mechanisms. Specifically, the TCP protocol provides these services. The Application layer integrates network functionality into the host operating system, and enables network services. The Session layer's primary function is managing the sessions in which data is transferred. The Data Link layer defines the rules and procedures for hosts as they access the Physical layer.

True or false Category 3 (CAT3) cable is a 10 Mbps twisted-pair copper cable used in telephone wiring.

True

What is a program that appears to be legitimate application, utility, game or screensaver and that performs malicious activities surreptitiously?

Trojan horse

A device that apart from the function of an ordinary network switch can also provide additional functions at higher levels of the OSI reference model is known as a multilayer switch.

True

Networked clients not residing on the same subnet as the DHCP server can still obtain an IP address from the server through a DHCP relay agent.

True

One of the features of the Dynamic Host Configuration Protocol (DHCP) is the capability for static allocation of an IP address based on the IP-to-MAC address mapping.

True

Optical Time-Domain Reflectometer (OTDR) is a type of specialized cable tester that allows for locating faults and breaks in fiber-optic cabling. True False

True

True or False A special type of cabling with a fire-retardant jacket placed inside the space between structural floor and dropped ceiling or inside walls is known as a plenum-rated cabling.

True

Penetration test of a computer system without the prior knowledge on how the system that is to be tested works is commonly referred to as black box testing. True False

True Black-box testing is a method of software testing that examines the functionality of an application without peering into its internal structures or workings. This method of test can be applied virtually to every level of software testing: unit, integration, system and acceptance.

An attack against encrypted data that relies heavily on computing power in order to check all possible keys and passwords until the correct one is found is known as a brute-force attack. True False

True Is a trial-and-error method used to obtain information such as a user password or personal identification number (PIN). In a brute force attack, automated software is used to generate a large number of consecutive guesses as to the value of the desired data.

you manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN1 and VLAN2 on each switch. A device on the first switch in VLAN1 needs to communicate with a device on the second switch also in VLAN 1. What should you configure to allow communication between these two devices through eh switches?

Trunking trunk port is used to connect two switches together

What type of cabling is used with 100BaseTX Fast Ethernet networks? Type 1A STP or Category 5 UTP Type 5 STP or Category 1 UTP Category 3 UTP, Category 4 UTP, or Category 5 UTP None of the above

Type 1A STP or Category 5 UTP Explanation Either Type 1A STP or category 5 UTP can be used with 100BaseTX Fast Ethernet networks.

Mesh

Type of network topology which provides the highest level of redundancy

100 meters

Typical cable segment length for a copper twisted-pair Ethernet cable.

Wireless site survey

Typically involved in the process of planning and designing new WLANs for optimal performance, security, and compliance

Match each UC component on the left with its corresponding definition on the right.

UC Server - Manages the entire UC system UC Gateway - Connects a digital network to an analog network UC Server - Makes presence information available to users UC Hardware Device - An IP phone for making phone calls UC Gateway - Connects a UC network to the PSTN UC Software Device - A smart phone used to access the UC system UC Hardware Device - Designed to work specifically with the UC server

161

UDP port upon which An SNMP Agent receives requests

162

UDP port upon which An SNMP management station receives SNMP notifications from Agents

Which type of address is used in a packet to address the packet to a single host? Multicast Fullduplex Unicast Simplex Broadcast

Unicast Explanation A unicast address is an address that identifies a single host. A broadcast address is an address that is sent to all hosts. Broadcast traffic is typically only forwarded within (but not between) a subnet. A multicast address is an address that identifies a group of computers. Members of the group share the same multicast address. Simplex communication uses a single channel for both sending and receiving. Full-duplex has a dedicated send and receive channel between any two hosts.

Which type of address is the IP address 198.162.12.254/24? Unicast Private Multicast Broadcast

Unicast Explanation The address 198.162.12.254 is a unicast address that identifies a single host on the 198.162.12.0 subnet. 198.162.12.255 is the broadcast address for the subnet. Multicast addresses are in the range of 224.0.0.0 to 239.255.255.255. The private IPv4 address ranges are: • 10.0.0.1 to 10.255.255.254 • 172.16.0.1 to 172.31.255.254 • 192.168.0.1 to 192.168.255.254

Which of the following strategies are used to prevent duplicate IP addresses being used on a network? (Select two.) Install the DHCP client on all workstations Set the Windows networkmonitoring utility to identify potential IP conflicts Configure a HOSTS file for local IP resolution Use Automatic Private IP Addressing Install a DHCP server on the network Configure client systems to use static IP assignment

Use Automatic Private IP Addressing Install a DHCP server on the network Explanation To avoid duplicate IP addresses being used by network systems, automatic IP assignment is used. Both the DHCP service and APIPA can automatically assign addresses to client systems. Clients configured to use static IP addressing may inadvertently have duplicate IP addresses assigned to them. In such a case, one of the systems will not be able to log on to the network.

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a locked server closet. You use an FTP client to regularly back up the router configuration to a remote server in an encrypted file. You access the router configuration interface from a notebook computer that is connected to the router's console port. You've configured the device with a user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?

Use SCP to back up the router configuration to a remote location.

You have been recently hired to manage a network for a small company. Prior to your arrival, the entire network was migrated from IPv4 to IPv6. Each of the two functional groups within the organization has its own network segment that is separated from the other with a router. All network segments within the organization use a /64 prefix, including the point-to-point backbone segment that connects the two routers. You are concerned that Neighbor Discovery (ND) issues could occur between the two routers on the backbone segment. Which strategy could you employ to help prevent these issues from occurring?

Use a /127 prefix on the backbone segment.

You are troubleshooting a connectivity problem in which one client system is unable to connect to a server. Both the server and client system are connected to the same Ethernet network switch. No other users have complained of a problem, and you suspect that faulty network cabling might be to blame. Which of the following troubleshooting steps are you most likely to perform first?

Use a cable tester to test the cable between the computer system and the network switch.

While configuring a new 802.11g wireless network, you discover another wireless network within range that uses the same channel ID that you intend to use. Which of the following strategies are you most likely to adopt in order to avoid a conflict between the networks?

Use a different channel ID

You are troubleshooting a connectivity problem in which one client system is unable to connect to a server. Both the server and client system are connected to the same Ethernet network switch. No other users have complained of a problem, and you suspect that faulty network cabling might be to blame. What steps will you perform first?

Use a media tester to test the cable between the computer system and the network switch. it is a hardware device that can be used to verify the correct operation of network cabling.

You are preparing to attach wires in a 110 block. You want to connect the wires and trim off the excess at the same time. Which of the following should you do? (Select two.) Use a butt set with clips. Use a punchdown tool with a notched blade. Point the cut side of the tool towards the connected end of the wire. Use a punchdown tool with a straight blade. Use a butt set with a jack. Point the cut side of the tool towards the wire end.

Use a punchdown tool with a notched blade. Point the cut side of the tool towards the wire end. Explanation Use a punchdown tool to connect wires to a 110 or 66 block. When using a punchdown tool, choose the right blade for the job: • Use a notched blade for a 110 block. • Use a straight blade for a 66 block. • For both blade types, you can use the end without a cutting blade if you want to punch down without cutting the wire. When using the cutting blade, point the cut side of the punchdown tool towards the wire end that you want to trim.

You manage a network with a single switch. All hosts connect to the network through the switch. You want to increase the security of devices that are part of the accounting department. You want to make sure that broadcast traffic sent by an accounting computer is only received by other accounting computers, and you want to implement ACLs to control traffic sent to accounting computers through the network. What should you do?

Use a router to configure a subnet for the accounting computers

You have just been hired as a network administrator. A user has just changed offices and needs you to activate the network and telephone connections in his office. However, the wiring at the punch down block is labeled poorly and you are unable to tell which wires go to the user's office. What should you do?

Use a tone generator to locate the correct wiring

You have just been hired as a network administrator. a user has just changed offices and needs you to activate the network and telephone connections in his office. However, the wiring at the punch down block is labelled poorly and you are unable to tell which wires go to the user's office

Use a tone generator to locate the correct wiring This allows you to create a tone at on end of a wire and find the other and by testing alll connections at the location of the other end of the wire

You have 5 salesmen who work out of your office and who frequently leave their laptops laying on their desk in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best protection to implement to address your concerns?

Use cable locks to chain the laptops to the desks

Which of the following methods would you use to create a crossover cable? Use the T568B standard. Use the T568A standard on one connector, and the BLOG convention on the other connector. Use the T568A standard on one connector, and the T568B standard on the other connector. Use the T568B standard on one connector, and the BLOG convention on the other connector. Use the T568A standard.

Use the T568A standard on one connector, and the T568B standard on the other connector. Explanation The easiest way to create a crossover cable is to arrange the wires in the first connector using the T568A standard and arrange the wires in the second connector using the T568B standard. A crossover cable connects the transmit pins on one connector to the receive pins on the other connector (pin 1 to pin 3 and pin 2 to pin 6).

You are the network administrator for a growing business. When you were initially hired, the organization was small and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device's console. However, the organization has grown considerably in recent months. You now must manage 8 individual switches and three routers. It's becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner. What should you do?

Use syslog to implement centralized logging.

Match each bring your own device (BOYD) security concern on the right with a possible remedy on the left. Each remedy may be used once, more than once, not at all.

Users take pictures of proprietary processes and procedures- Specify where and when mobile devices can be possessed in your acceptable use policy. Devices with a data plan can e-mail stole data- Specify where and when mobile devices can be possessed in your acceptable use policy Devices have no PIN or password configured- Enroll devices in a mobile device management system Anti-malware software is not installed- Implement a network access control (NAC) solution A device containing sensitive data may be lost- Enroll devices in a mobile device management system

Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients? WEP,WPA PERSONAL, WPA ENTERPRISE, WPA2 PERSONAL, AND WPA2 ENTERPRISE OR WEP, WPA PERSONAL, AND WPA2 PERSONAL

WEP, WPA PERSONAL, AND WPA2 PERSONAL

You manage the information systems for a large co-location data center. Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?

Verify that your network's existing security infrastrucutre is working properly. Install the latest firmware updates from the device manufacturer

You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a wiring closet on the two remaining floors directly above the wiring closet on the main floor. What would you use to connect the wiring closets together? Demarc extension Horizontal cross connect Vertical cross connect Smart jack

Vertical cross connect Explanation A vertical cross connect connects the main distribution frame (MDF) on the main floor to intermediate distribution frames (IDFs) on upper floors. Cabling runs vertically (up and down) between the MDF and the IDFs. A horizontal cross connect connects IDFs on the same floor. Cabling runs horizontally (sideways) between the IDFs. A smart jack is a special loopback plug installed at the demarcation point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc. A demarc extension extends the demarcation point from its original location to another location within the building. The demarc extension typically consists of a single wire bundle that attaches to the existing demarc and supplies a termination point to a different location. You might need a demarc extension if your network occupies an upper floor of a building. The LEC will typically install the demarc into the MDF on the bottom floor, and you will need to install an extension to place the demarc into the IDF on your floor.

You have configured a virtual network that includes the following virtual components: *Four virtual machines (Virtual OS 1, Virtual OS 2, etc.) *One virtual switch The virtual switch is connected to a physical network to allow the virtual machines to communicate with the physical machines out on the physical network. Give the port configuration for the virtual switch and the physical switch in the table below, click on on all of the virtual and physical machines Virtual OS 1 can communicate with.

Virtual OS 2 Virtual OS 3

A system that uses public network (e.g. Internet) as a means for creating private encrypted connections between remote locations is known as:

Virtual Private Network (VPN)

A system that uses public network (e.g. Internet) as a means for creating private encrypted connections between remote locations is known as: Personal Area Network (PAN) Virtual Local Area Network (VLAN) Integrated Services Digital Network (ISDN) Virtual Private Network (VPN)

Virtual Private Network (VPN)

A system that uses public network (such as Internet) as a means for creating private encrypted connections between remote locations is known as:

Virtual Private Network (VPN)

You need to provide DHCP and file share services to a physical network. These services should be deployed using virtualization. Which type of virtualization should you implement?

Virtual servers

You need to provide DHCP and file share services to a physical network. These services should be deployed using virtualization. Which type of virtualization should you implement? Virtual networks Network as a Service (NaaS) Virtual servers Virtual desktops

Virtual servers Explanation Server virtualization runs multiple instances of a server operating system on a single physical computer. With server virtualization, you can migrate servers on older hardware to newer computers, or add virtual servers to computers with extra unused hardware resources. Virtual desktops do not provide DHCP services. Virtual networks allow virtual servers and desktops to communicate with each other, and they can also allow communication (via the host operating system) to network devices out on the physical network. Network as a Service (NaaS) servers and desktops that are all virtualized and managed by a contracted third-party.

Which component is most likely to allow physical and virtual machines to communicate with each other?

Virtual switch

Which of the following offers the weakest form of encryption for an 802.11 wireless network?

WEP

Which component is most likely to allow physical and virtual machines to communicate with each other? Host operating system Virtual desktop Virtual switch VHD

Virtual switch Explanation Virtual switches allow multiple virtual servers and/or desktops to communicate on virtual network segments and/or the physical network. Virtual switches are often configured in the hypervisor. A virtual hard disk (VHD) is a file that is created within the host operating system and that simulates a hard disk for the virtual machine. A physical machine (also known as the host operating system) has the actual hardware in place on the machine, such as the hard disk drive(s), optical drive, RAM, motherboard, etc. A virtual desktop is a virtual machine in a software implementation of a computer that executes programs like a physical machine.

Which of the following social engineering attacks use Voice over IP (VoIP) to gain sensitive information?

Vishing

hub-and-spoke topology

WAN topology; each remote site connects back to a main site, communication between the two remote sites travels through the hub site; benefits: costs are reduced, adding an additional site is easy (only one link per site); drawbacks: suboptimal routes between remote sites, hub site is a single point of failure because all remote sites converge on that main site, lacks redundancy

Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients?

WEP, WPA Personal, and WPA2 Personal

Internet access

WLAN hotspot

Which of the following provides security for wireless networks?

WPA

You need to secure your wireless network. Which security protocol would be the best choice?

WPA2

You are concerned about sniffing attacks on your wireless network. Which of the following implementations offers the best countermeasure to sniffing?

WPA2 and AES

Which of the following technologies simplifies configuration of new wireless networks by providing non-technical users with a capability to easily configure network security settings and add new devices to an existing network? WPA WPS WEP WAP

WPS Wi-Fi Protected Setup (WPS; originally, Wi-Fi Simple Config) is a network security standard to create a secure wireless home network.

Which of the following wireless technologies are not recommended and should not be used due to their known vulnerabilities? (Select 2 answers) WPS WAP WPA2 WAF WEP

WPS (Wi-Fi Protected Setup) WEP (Wired Equivalent Privacy)

You are configuring a firewall to allow access to a server hosted on the demilitarized zone of your network. You open TCP/IP ports 80, 25, 110 and 143. Assuming that no other ports on the firewall need to be configured to provide access, what applications are most likely to be hosted on the server?

Web server, email server

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. What should you do? Manually reconfigure the default route to point to the new next hop router. Stop and restart the RIP protocol on the router. Wait for convergence to take place. Force RIP to perform an immediate update.

Wait for convergence to take place. Explanation When using a routing protocol, changes in routing information take some time to be propagated to all routers on the network. The term convergence is used to describe the condition when all routers have the same (or correct) routing information. Static routes in the routing table must be updated manually. Restarting RIP might actually increase the time required for changes to be learned. Forcing an update (if the router supports it) is not a requirement as the periodic sharing of routes will eventually update the routing table entry.

The presence of unapproved modems on desktop systems gives rise to the LAN being vulnerable to which of the following?

War dialing

An optimal Wireless Access Point (WAP) antenna placement provides a countermeasure against: War chalking Tailgating War driving Shoulder surfing

War driving

Which of the following is an example of a wireless site survey? Spear phishing Bluejacking War driving Shoulder surfing

War driving Also called access point mapping, is the act of locating and possibly exploiting connections to wireless local area networks while driving around a city or elsewhere.

A software solution designed to enable interaction between two devices over a network is generally referred to as: Proxy Web service Software as a Service (SaaS) Virtual switch

Web Server

A software solution designed to enable interaction between two devices over a network is generally referred to as:

Web Service

A software solution designed to enable interaction between two devices over a network is generally referred to as:

Web service

You manage a website for your company. The Web site uses three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component represents a single point of failure?

Website storage

You have configured your organization's DHCP server to dynamically assign IP addresses to DHCP clients using a lease duration of four days. A user's workstation is powered on and receives addressing information from this DHCP server Monday morning at 8:00 AM. When will the client contact the DHCP server to renew the lease (by default)?

Wednesday morning

A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind production. The email is sent from someone she doesn't know and he is asking for immediate clarification on several of the project's details so the project can get back on schedule. Which type of an attack best describes the scenario?

Whaling

4G

What type of standard is LTE?

How do switches and bridges learn where devices are located on a network?

When a frame enters a port, the source MAC address is copied from the frame header.

How do switches and bridges learn where devices are located on a network? When a frame enters a port, the destination IP address is copied from the frame header. When a frame enters a port, the source IP address is copied from the frame header. When a frame enters a port, the source MAC address is copied from the frame header. When a frame enters a port, the destination MAC address is copied from frame header.

When a frame enters a port, the source MAC address is copied from the frame header. Explanation Bridges and switches learn addresses by copying the MAC address of the source device and placing it into the MAC address table. The port number which the frame entered is also recorded in the table and associated with the source MAC address. The switch or the bridge cannot record the destination MAC address because it does not know the port that is used to reach the destination device. Bridges and switches operate at Layer 2 and do not use IP addresses (which exist at Layer 3).

Lease line

Which of the following answers list a more costly alternative to VPN?

LWAPP

Which of the following answers lists an example of a protocol used for implementing control over multiple Access Points (APs)?

MPLS

Which of the technologies listed below enables the use of different types of network protocols on the same network?

Authentication

Which part of the AAA security architecture deals with the verification of the identity of a person or process?

You are connecting Cat5e cables to a 110 block. In what order should you connect the wires to follow standard wiring conventions? White/orange, orange, white/green, blue, white/blue, green, white/brown, brown White/green, green, white/orange, blue, white/blue, orange, white/brown, brown White/blue, blue, white/orange, orange, white/green, green, white/brown, brown White/brown, brown, white/blue, blue, white/orange, orange, white/green, green

White/blue, blue, white/orange, orange, white/green, green, white/brown, brown Explanation When connecting data wires on a 110 block, you typically connect wires in the following order: • White wire with a blue stripe, followed by the solid blue wire. • White wire with an orange stripe, followed by the solid orange wire. • White wire with a green stripe, followed by the solid green wire. • White wire with a brown stripe, followed by the solid brown wire. Tip: Use BLOG (blue-orange-green) to remember the wire order, and remember to start with the white striped wire first. When adding RJ45 connectors to a drop cable, use one of the following orders, based on the standard you want to follow: • T568A- To use this standard, arrange the wires from pins 1 to 8 in each connector in the following order: GW, G, OW, B, BW, O, BrW, Br. • T568B- To use this standard, arrange the wires from pins 1 to 8 in each connector in the following order: OW, O, GW, B, BW, G, BrW, Br.

You want to use the T568A standard for adding connectors to your Cat5 cable. Starting with pin 1, which order should you use for the wires within the connector? White/orange, orange, white/green, blue, white/blue, green, white/brown, brown White/green, green, white/orange, blue, white/blue, orange, white/brown, brown White/orange, orange, white/green, green, white/blue, blue, white/brown, brown White/blue, blue, white/orange, orange, white/green, green, white/brown, brown

White/green, green, white/orange, blue, white/blue, orange, white/brown, brown Explanation The T568A standard uses the following order of wires in the connector: White/green, green, white/orange, blue, white/blue, orange, white/brown, brown. The T568B standard switches the orange and green wires (along with their corresponding white wires). Use the order Blue-Orange-Green-Brown (BLOG), with the white wire first, for connecting wires on a 110 punchdown block.

What is the name of a tool used for removing electrical insulation cover from electric wires? Cable crimper Snips Wire stripper Certifier

Wire stripper

Which of the following forms of networking is highly susceptible to eavesdropping and must be secured accordingly?

Wireless

You configure on o3 router on your DHCP server so it can deliver the IP address of the default gateway to workstations. After configuring your workstations to get their IP addressing information dynamically, your users complain that they are unable to access web sites on the internet. How can you fix this problem

You must configure your DHCP server with an option that delivers the IP address of the DNS server (option 06)

You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a cross-over plenum UTP cable that will be run through the suspended tile ceiling for the data center. what is wrong with this configuration? select two

You should implement a UPS between the wall outlet and the network devices You should implement redundant power supplies for the network devices

In which of the following situations would you use port security? -You want to restrict the device that could connect through a switch port. - You want to prevent MAC address spoffing -You want to control the packets sent and received by a router -You want to prevent sniffing attacks on the network.

You want to restrict the devices that could connect through a switch port

SAN

a dedicated local network consisting of devices providing data access

NAS

a dedicated storage appliance that can be added to a local network

Media Converter

a device that makes it possible to connect two dissimilar media types

IaaS

a form of cloud computing that provides virtualized computing resources over the Internet The question from the quiz seemed confusing, so I looked up the term and entered what I have above, but just in case, here is the original question: In which of the cloud computing infrastructure types clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment?

802.1w RSTP

a newer replacement for the Spanning Tree Protocol (STP)

Which TCP/IP utility gives you the following output? Interface: 192.168.4.101 on Interface 0x3 Internet Address Physical Address Type 192.168.1.23 00-d1-b6-b7-c2-af dynamic

arp This output is displayed when you use the arp command to look at the ARP cache.

Which TCP/IP utility gives you the following output? Interface: 192.168.4.101 on Interface 0x3 Internet Address Physical Address Type 192.168.1.23 00-d1-b6-d7-c2-af dynamic

arp this output is displayed when you use the arp command to look at ARP cache

Which TCP/IP utility gives you the following output? Interface: 192.168.1.111 on Interface 0x2 Internet Address Physical Address Type 192.168.1.102 00-60-08-bd-62-5a dynamic 192.168.1.168 00-06-5b-1c-48-76 dynamic

arp -a The arp -a command shows the current entries in the computer's ARP cache.

RADIUS is primarily used for what purpose?

authenticating remote clients before access to the network is granted

You manage a network that uses 1000BaseT Ethernet. You find that one device communicates on the network at only 100mbps. What device should you use to test the drop cable and the connection to the network?

certifier is a multifunction tool that verifies or validates that a cable or an installation meets the requirements for a specific architecture implementation.

peer-to-peer network

client devices share their resources with other client devices, resource sharing is made available through the clients' operating systems; benefits: easily installed, usually cost less due to no dedicated server resources; drawbacks: scalability is limited, performance might be degraded depending on what other tasks are running on the device providing resources

PaaS

cloud service type which would provide the best solution for a web developer intending to create a web app

VoIP

common term for a group of protocols used to carry voice data over a packet-switched network

T- Carrier

commonly used by telecommunications companies, for providing Internet access to homes and businesses.

data link layer OSI model

concerned with packaging data into frames and transmitting those frames on the network, performing error detection/correction, uniquely identifying network devices with an address, and handling flow control; has 2 sublayers: MAC and LLC; logical topology

physical layer OSI model

concerned with the transmission of bits on the network along with the physical and electrical characteristics of the network; physical topology

You have hired 10 new temporary workers who will be with the company for 3 months. You want to make sure that these users can only log on during regular business hours. What should you do?

configure time and day restrictions

media

copper cabling, fiber optic cable, wireless radio waves

Yo manage a single domain named widgets.com. Organizational units (OUs) have been created for each company department. User and computer accounts have been moved into their corresponding OUs. Members of the Directors OU want to enforce longer passwords than are required for the rest of the users. You define a new granular password policy with the required settings. All users in the Directors OU are currently members of the DirectorsGG group, a global security group in that OU. You apply the new password policy to that group. Matt Barnes is the chief financial officer. He would like his account to have even more strict password policies than is required for other members of the Directors OU. What should you do?

create a granular password policy for Matt. apply the new policy directly to Matt's user account.

You manage a single domain named widgets.com. Organizational units (OUs) have been created for each company department. User and computer accounts have been moved into their corresponding OUs. You define a password and account lockout policy for the domain. However, members of the Directors OU want to enforce longer passwords than are required for the rest of the users. You need to make the change as easily as possible. What should you do?

create a granular password policy. apply the policy to all users in the director's OU

A manage has told you she is concerned about her employees writing their passwords for Web sites, network files, and databases resources on sticky notes. Your office runs exclusively in a Windows environment. Which tool could be used to prevent this?

credential manager

You have decided to implement Gigabit ethernet on your network. Each switch port is connected to a single device. Following the installation, you find a device connected to a switch that is only running a 100 mbps. What is the likely causes?

crosstalk

Consider the following output. ;; res options: init recurs defnam dnsrch ;;got answer: ;;->>HEADER<<-opcode:QUERY, status; NOERROR,id:4 ;;flags: qr rd ra; QUERY:1, ANSWER:1, AUTHORITY:2, ADDITIONAL:0 ;;QUERY SECTION: ;; westsim111.com, type = A, class = IN ;;ANSWER SECTION: westsim111.com. 7h33m IN A 76.141.43.129 ;;AUTHORITY SECTION: westsim111.com. 7h33m IN NS dns1.deriatct111.com. westsim111.com. 7h33m IN NS dns2.deriatct222.com. ;;Total query time: 78 msec ;;FROM: localhost.localdomain to SERVER: default -- 202.64.49.150 ;;WHEN: Tue Feb 16 23:21:24 2005 ;;MSG SIZE sent: 30 rcvd: 103 Which of the following utilities produced this output?

dig

Consider the following output. ;; res options: init recurs defnam dnsrch ;;got answer: ;;->>HEADER<<-opcode:QUERY, status; NOERROR,id:4 ;;flags: qr rd ra; QUERY:1, ANSWER:1, AUTHORITY:2, ADDITIONAL:0 ;;QUERY SECTION: ;; westsim111.com, type = A, class = IN ;;ANSWER SECTION: westsim111.com. 7h33m IN A 76.141.43.129 ;;AUTHORITY SECTION: westsim111.com. 7h33m IN NS dns1.deriatct111.com. westsim111.com. 7h33m IN NS dns2.deriatct222.com. ;;Total query time: 78 msec ;;FROM: localhost.localdomain to SERVER: default -- 202.64.49.150 ;;WHEN: Tue Feb 16 23:21:24 2005 ;;MSG SIZE sent: 30 rcvd: 103 Which of the following utilities produced this output?

dig The output shown is from the dig command run on a Linux system. Although nslookup and dig provide much the same information, this output can be identified as coming from dig because dig produces significantly more detail in its default usage.

client/server network

end user devices share a common set of resources located on dedicated servers; benefits: can easily scale, administration is simplified; drawbacks: if a single server is relied on for resources the server could be a single point of failure, can be more costly than other networks

You are configuring the local security policy of a Windows 7 system. You want to prevent users from reusing old passwords. You also want to force them to use a new password for at least 5 days before changing it again. Which policies should you configure? (Select two.)

enforce password history; minimum password age

In an identity Management System, what is the function of the Identity Vault?

ensure that each employee has the appropriate level of access in each system

Full Mesh

every node has a circuit connecting it to every other node in a network.

full mesh topology

every site has a direct connection to every other site; benefits: an optimal route exists between any two sites, fault tolerant, easy troubleshooting; drawbacks: difficult and expensive to scale

QoS Traffic management

functionality provided by the Class of Service (CoS) parameter

QoS Traffic management

functions of Differentiated Services Code Point (DSCP) architecture

The disadvantage from using this device results from the fact that any incoming signal on any of its ports is re-created and sent out on any connected ports which has a negative impact on network performance.

hub

You are in the process of configuring an iSCSI storage area network (SAN) for your network. You want to configure a Windows Server 2012 system to connect to an iSCSI target defined on a different server system. You also need to define iSCSI security settings, including CHAP and IPsec. Which tool should you use?

iSCSI Initiator

You are in the process of configuring an iSCSI storage area network (SAN) for your network.... Which tool should you use?

iSCSI Initiator

You are troubleshooting a connectivity problem on a Linux server. You are able to connect to another system on the local network, but are not able to connect to a server on a remote network. You suspect that the default gateway information for the system may be configured incorrectly. Which of the following commands would you use to view the default gateway information on the Linux server?

ifconfig Use the ifconfig command on systems running Linux to view information on the TCP/IP configuration of network adapters. Use ipconfig and winipcfg to view network configuration information on Windows systems. Use the dig command on Linux and Unix systems to query Domain Name Service (DNS) servers.

You work in an office that uses Linux servers, NetWare servers, and Windows NT 4.0 servers. The network uses both the TCP/IP and IPX/SPX protocols. The Linux server is used as an FTP server. Today you have received several calls from people who are unable to contact the Linux server at its known IP address. You are sitting at the Linux server and want to check its IP address. Which command should you use?

ifconfig Use the ifconfig command to show the TCP/IP configuration for a Linux computer.

You want to be able to view the DNS server address that a computer is using. Which of the following utilities would you use? (Select two.)

ifconfig ipconfig Use the ipconfig command on Windows and ifconfig command on Linux to view the IP configuration for a device including the IP address, subnet mask, default gateway, and DNS server addresses used for a connection.

You manage a single domain named widgets.com. Organizational units (OUs) have been created for each company department. User and computer accounts have been moved into their corresponding OUs. You define a password and account lockout policy for the domain. However, members of the Directors OU want to enforce longer passwords than are required for the rest of the users. You need to make the change as easily as possible. What should you do???????

implement a granular password policy for the users in the Directors OU

You are the network administrator for a small company. Your organization currently uses the following server systems: • A Windows server that functions as a domain controller and a file server. • A Novell Open Enterprise Server that functions as a GroupWise e-mail server. • A Linux server that hosts your organization's NoSQL database server that is used for big data analysis. Because each of these systems uses its own unique set of authentication credentials, you must spend a considerable amount of time each week keeping user account information updated on each system.In addition, if a user changes his or her password on one system, it is not updated for the user's accounts on the other two systems.

implement an identity vault. implement password synchronization

Your wireless network consists of multiple 802.11n access points that are configured as follows... what should you do

implement antenna diversity

You need to place a wireless access point in your two-story building. While trying avoid interference, which of the following is the best location for the access point?

in the top floor

A double colon in an IPv6 address

indicates that part of the address containing only zeroes has been compressed to make the address shorter.

In a SAN implementation, the servers that connect to shared storage devices are called___________________.

initiators

hub

interconnects network components; Layer 1 device; broadcasts data traffic all ports; multiport repeater

switch

interconnects network components; Layer 2 device; forwards data based on the MAC address on the NIC

router

interconnects network components; Layer 3 device; forwards data based on the destination IP address

You have been called in to troubleshoot a connectivity problem on a newly installed Windows Server 2003 system. The system is operating satisfactorily and is able to communicate with other systems on the local network. However it is unable to access any systems on other segments of the corporate network. You suspect that the default gateway parameter for the system has not been configured, or may be configured incorrectly. Which of the following utilities are you most likely to use to view the default gateway information for the system?

ipconfig Use the ipconfig utility to view the TCP/IP configuration of a Windows Server 2003 system. The information displayed by ipconfig includes default gateway information. Use winipcfg to view the TCP/IP configurations on earlier versions of Windows including Windows 98 and Me. It is not supported by Windows Server 2003. Use the ifconfig command to view the TCP/IP configuration on a Linux, Unix or Macintosh system. Use the netstat command to view statistics on TCP connections.

Which of the following devices accepts incoming client request and distributes those requests to specific servers? -Coaching engine -Load balancer -Media converter -CSU/DSU -IPS

load balancer

You have a website that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before performance is negatively impacted. Which tool should you use?

load tester

Which of the ff. is the single best rule to enforce when designing complex passwords?

longer passwords

1500 bytes

maximum payload value for a standard Ethernet frame

You have decided to conduct a business meeting at a local coffee shop. The coffee shop you chose has a wireless hotspot for its customers who want Internet access. You decide to check your e-mail before the meeting begins, but when you open the browser you cannot gain Internet access. Other customers are on the Internet and because you use a wireless connection at work, you are sure your laptops wireless adapter works. What is the likely cause of this problem?

mismatched SSID

Which TCP/IP utility gives you the following output? Local Area Connection: Node IpAddress: [192.168.1.111] Scope Id: [ ] NetBios Remote Cache Name Table Name Type Host Address Life [sec] ------------------------------------------------------------------------ NTINE.ES <54> UNIQUE 192.168.1.23 395 NTINE <20> UNIQUE 192.168.1.23 45 AUDIO <00> UNIQUE 192.168.1.168 585

nbtstat -c nbtstat -c shows you the resolved NetBIOS name cache for a computer. In other words, these are the NetBIOS name-to-IP address mappings for known remote computers.

Mary calls to tell you that she can't connect to an intranet server called WebSrv1. From her computer, you ping the server's IP address. The ping test is successful. Which tool would you use on her workstation next to troubleshoot the problem?

nslookup Use nslookup to troubleshoot name resolution problems. Because the ping test was successful, you know that both the client and the server can communicate using TCP/IP with IP addresses. This tells you that the problem is related to name resolution.

You are troubleshooting a network connectivity issue on a Unix system. You are able to connect to remote systems by using their IP address, but unable to connect using the hostname. You check the TCP/IP configuration, and note that a DNS server IP address is configured. You decide to run some manual resolution queries to ensure that the communication between the Unix system and the DNS server are working correctly. Which utilities can you use to do this? (Choose two.)

nslookup dig The dig and nslookup commands allow you to perform manual DNS lookups from a Linux or Unix system. This can be very useful when troubleshooting name resolution issues.

Mary calls to tell you that she can't connect to tan intranet server called Srvr1. From her computer, you ping the server's IP address. The ping test is successful. Which tool would you use on her workstation next to troubleshoot the problem?

nslookup to troubleshoot name resolution problems. Because the ping test was successful, you know that both the client and the server can communicate using TCP/IP with IP addresses. This tells you that the problem is related to name resolution

You need to perform a reverse lookup of the 10.0.0.3 IP address. Which command can you use to accomplish this? (Select two. Each response is a complete solution.)

nslookup 10.0.0.3 dig -x 10.0.0.3

CoS

optional field in an Ethernet frame header which can be used to enable the Quality of Service (QoS) functionality

PAN

personal area network; connection is limited to just a few meters; ex) connecting your PC to your digital camera or external hard drive through USB

You want to create a loopback plug using a single RJ-45 connector. How should you connect the wires in the connector?

pin 1 to 3 and 2 to 6

You work in an office that uses NetWare servers and Windows NT 4.0 servers. The network uses both the TCP/IP and IPX/SPX protocols. You are sitting at a workstation that uses Windows 95 OSR2. An application you are using is unable to contact a Windows NT server named FileSrv2. Which command can you use to determine whether your computer can still contact the server?

ping

Which TCP/IP utility gives you the following output? Reply from 192.168.1.168: bytes=32 time<10ms TTL=128> Reply from 192.168.1.168: bytes=32 time<10ms TTL=128> Reply from 192.168.1.168: bytes=32 time<10ms TTL=128> Reply from 192.168.1.168: bytes=32 time<10ms TTL=128> Packets: Sent = 4, Received = 4, Lost = 0 <0% Loss>, Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms

ping The output of the ping command shows you the results of four echo request/reply contacts with a destination host.

LACP

solution which enables combining several physical ports into a single logical channel

NAT

solutions alleviates the problem of the depleting IPv4 address space by allowing multiple hosts on the same private LAN to share a single public IP address

You are troubleshooting physical layer issues with the Gi0/1 interface in a router. You need to view and analyze the number of collisions detected on the interface. Which command should you use?

show interfaces gi0/1

You are troubleshooting physical layer issues with the Gi0/1 interface in a router. You suspect that a duplex mismatch error has occurred, and you need to determine the duplex settings configured on the interface. Which commands could you use? (Choose two. Each response is a complete solution.)

show interfaces gi0/1 show interfaces gi0/1 status

Check Answer The network board in a workstation is currently configured as follows: • Network speed = Auto • Duplexing = Auto The workstation is experiencing poor network performance and you suspect that the network board is not correctly detecting the network speed and duplex settings. Upon investigation, you find that it is running at 10 Mbps half-duplex. You know that your network switch is capable of much faster throughput. To fix this issue, you decide to manually configure these settings on the workstation. Before you do so, you need to verify the configuration of the switch port that the workstation is connected to. Given that it is a Cisco switch, which commands can be used on the switch to show a list of all switch ports and their current settings? (Select two.)

show running-config interface show interface

HVAC

solution used for controlling temperature and humidity

255.255.0.0

the default (classful) subnet mask for a class B network

client

the device an end user uses to access a network

Port scanner

tools used to identify running services on a networked host

While troubleshooting a problem on a Linux system, you run a utility that generates the following output: (longass example)

traceroute

While troubleshooting a problem on a Linux system, you run a utility that generates the following output: 5 s3232.gw.Seat.someisp.net (63.201.72.9) 38.433 ms 38.713 ms 39.085 ms 6 st11122.gar1.Seat.someisp.net (211.242.9.121) 38.620 ms 38.593 ms 38.050 ms 7 oc48-6yy.Seat.someisp.net (14.248.154.129) 57.440 ms 56.678 ms 57.675 ms 8 t223hgh-ytry.swa.someisp.net (142.133.89.232) 103.041 ms 57.181 ms 56.619 ms 9 t8343mmd.cgssel.someisp.net (162.191.10261) 91.977 ms 93.971 ms 93.767 ms 10 twirem2.cgssfdl.ip.someisp.net (145.97.133.23) 92.463 ms 92.337 ms 93.523 ms 11 twerrm1.nfffsiny.ip.someisp.net (117.116.141.38) 106.000 ms 106.007 ms 105.283 ms 12 gbed22repp0.n5ddsdsy.ip.someisp.net (123.194.132.8) 103.198 ms 105.447 ms 104.263 ms Which of the following utilities were you using?

traceroute The output from traceroute and tracert are very similar. However, tracert is a utility used on Windows systems, not on Linux systems. As the question stated that you were working on a Linux system, the output would therefore be from traceroute. Use the dig command on Unix to troubleshoot DNS issues. Use ping to test connectivity between systems on a network.

What TCP/IP utility gives you the following output?

tracert

Which of the statements listed below describe the function of a reverse proxy? (Select 2 answers)

• Acts on behalf of a server • Hides the identity of a server

Which of the statements listed below describe the function of a reverse proxy? (Select 2 answers)

• Acts on behalf of a server ( Missed) • Hides the identity of a server

Which of the following answers list(s) the characteristic feature(s) of fiber-optic cabling? (Select all that apply)

• Immunity to electromagnetic interference • Provides higher level of security than copper cabling (difficult to tap into) • More suitable for carrying digital information than copper cabling

Which of the following statements describing the function of a DNS PTR record are true? (Select 2 answers)

• PTR record resolves an IP address to a hostname for reverse lookups. • The functionality provided by a PTR record is the opposite of A and AAAA DNS records.


Ensembles d'études connexes

Ch. 14 Integration of Nervous System and Functions

View Set

Chapter 12-Spatial Orientation and the Vestibular System

View Set

Side By Side 2: Chapter 7 (Vocabulary)

View Set

Metrix Learning CompTIA A+ 220-1101 Review Questions

View Set

Equities Special Securities and Financial Listings - question 1 of 6

View Set

accounting test 3 chapter 7 review questions

View Set