Network+ Questions 1-100

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

QUESTION NO: 91 Which of the following is used to classify network data for the purpose of providing QoS? A. STP B. VLANs C. SIP D. DSCP

Answer: D Explanation: A Differentiated Services Code Point (DSCP) is a packet header value that can be used to request (for example) high priority or best effort delivery for traffic

QUESTION NO: 37 Which of the following devices should a network administrator configure on the outermost part of the network? A. Media converter B. Switch C. Modem D. Firewall

Answer: D Explanation: A Network Layer Firewall is a device that is designed to prevent unauthorized access, thereby protecting the computer network. ... It blocks unauthorized communications into the network and only permits authorized access. on the outermost layer first line of defense

QUESTION NO: 38 A company finds that many desktops are being reported as missing or lost. Which of the following would BEST assist in recovering these devices? A. Asset tracking tags B. Motion detectors C. Security guards D. Computer locks

Answer: D Explanation: A computer lock is a physical lock on a computer with an accompanying key used for access control or as an anti-theft system. ... In other cases, the lock was used to forbid unauthorized access to the computer by disabling the power supply, hard drive, or keyboard.

QUESTION NO: 71 A network technician has created a network that consists of a router, a firewall, a switch, and several PCs. Which of the following physical network topologies was created? A. Star B. Mesh C. Ring D. Bus

Answer: D Explanation: Bus topologies are a good, cost-effective choice for smaller networks because the layout is simple, allowing all devices to be connected via a single coaxial or RJ45 cable. If needed, more nodes can be easily added to the network by joining additional cables.

QUESTION NO: 39 A technician is connecting a router directly to a PC using the G1/0/1 interface. Without the use of auto-sensing ports, which of the following cables should be used? A. Straight-through B. Console C. Rollover D. Crossover

Answer: D Explanation: Crossover cables are needed only when connecting two Ethernet client devices, neither of which is configured for Gigabit Ethernet. Modern Ethernet devices automatically detect the use of crossover cables and work with them seamlessly.

QUESTION NO: 74 An end-user device requires a specific IP address every time it connects to the corporate network; however, corporate policy does not allow the use of static IP addresses. Which of the following will allow the request to be fulfilled without breaking the corporate policy? A. DHCP relay B. DHCP exclusion C. DHCP option D. DHCP reservation

Answer: D Explanation: DHCP Servers support something called a "DHCP Reservation", which essentially allows you to provide a pre-set IP address to a specific client based on it's physical MAC address. This means that the device will always get the same IP address and it will never change (whereas they typically do on occasion)

QUESTION NO: 82 An administrator is moving to a new office. There will be several network runs through the ceiling area of the office. Which of the following is the BEST to utilize in these areas? A. Single-mode fiber-optic cabling B. Cat 5e-rated cabling C. Cat 6-rated cabling D. Plenum-rated cabling

Answer: D Explanation: Plenum rated cable has a special insulation that has low smoke and low flame characteristics. Plenum cable is mandated to be installed in any "air handling" space. For example, most large office buildings use the ceiling to return air to the AC unit.

QUESTION NO: 55 An office network consists of one two-port router connected to a 12-port switch. A four-port hub is also connected to the switch. On this particular network, which of the following is the number of collision domains that exist? A. 3 B. 12 C. 13 D. 14 E. 15

Answer: D Explanation: Hub only counts as one, router only counts as one, but all 12 ports on the switch count.

QUESTION NO: 13 The server team has just installed an application across three different servers. They are asking that all requests to the application are spread evenly across the three servers. Which of the following should the network team implement to fulfill the request? A. Proxy server B. UTM appliance C. Content filter D. Load balancer

Answer: D Explanation: Load balancing is defined as the methodical and efficient distribution of network or application traffic across multiple servers in a server farm. Each load balancer sits between client devices and backend servers, receiving and then distributing incoming requests to any available server capable of fulfilling them.

QUESTION NO: 11 A technician wants to prevent an unauthorized host from connecting to the network via Ethernet. Which of the following is a Layer 2 access control the technician should implement? A. Access control lists B. Captive portal C. WPA2 D. Port security

Answer: D Explanation: Port security is a layer two traffic control feature on Cisco Catalyst switches. It enables an administrator configure individual switch ports to allow only a specified number of source MAC addresses ingressing the port. it provides the ability to limit what addresses will be allowed to send traffic on individual switchports within the switched network

QUESTION NO: 100 Users are reporting their network is extremely slow. The technician discovers pings to external host have excessive response times. However, internal pings to printers and other PCs have acceptable response times. Which of the following steps should the technician take NEXT? A. Determine if any network equipment was replaced recently B. Verify malware has not disabled the users' PC firewalls C. Replace users' network cables with known-good network cables D. Power cycle the web server

Answer: A Explanation:

QUESTION NO: 31 A network engineer is designing a new network for a remote site. The remote site consists of ten desktop computers, ten VoIP phones, and two network printers. In addition, two of the desktop computers at the remote site will be used by managers who should be on a separate network from the other eight computers. Which of the following represents the BEST configuration for the remote site? A. One router connected to one 24-port switch configured with three VLANS: one for the manager's computers and printer, one for the other computers and printer, and one for the VoIP phones B. Two routers with each router connected to a 12-port switch, with a firewall connected to the switch connected to the manager's desktop computers, VoIP phones, and printer C. One router connected to one 12-port switch configured for the manager's computers, phones, and printer, and one 12-port switch configured for the other computers, VoIP phones, and printer D. One router connected to one 24-port switch configured with two VLANS: one for the manager's computers, VoIP phones, and printer, and one for the other computers, VoIP phones, and printer

Answer: A Explanation:

QUESTION NO: 33 A network technician notices the site-to-site VPN and Internet connection have not come back up at a branch office after a recent power outage. Which of the following is an out-of-band method the technician would MOST likely utilize to check the branch office's router status? A. Use a modem to console into the router B. Walk a user through troubleshooting the connection C. Travel to the branch office D. Hire a contractor to go on-site

Answer: A Explanation:

QUESTION NO: 78 A systems administrator has recently purchased and installed a large electronic signage screen for the company's parking garage. The screen's management software was installed on a server with a public IP address to allow remote management. The systems administrator is now troubleshooting an issue with the screen displaying unknown, random, and inappropriate messages. Which of the following is MOST effective in resolving this issue? A. Changing the management software's default credentials B. Disabling unnecessary services from the server and management software C. Changing the management software's default port D. Replacing the management software's self-signed certificate with a valid certificate

Answer: A Explanation:

QUESTION NO: 56 A network technician wants to remotely and securely access the desktop of a Linux workstation. The desktop is running remote control software without encryption. Which of the following should the technician use to secure the connection? A. SSH in tunnel mode B. RDP set to console connection C. EAP-PEAP D. SFTP

Answer: A Explanation: A Secure Shell (SSH) tunnel consists of an encrypted tunnel created through an SSH protocol connection. Users may set up SSH tunnels to transfer unencrypted traffic over a network through an encrypted channel.

QUESTION NO: 87 A network technician is diagnosing a time-out issue generated from an end user's web browser. The web browser issues standard HTTP get and post commands to interact with the website. Given this information, the technician would like to analyze the entire TCP handshake of the HTTP requests offline. Which of the following tools would allow the technician to view the handshake? A. Packet analyzer B. Port analyzer C. SNMP traps D. Spectrum analyzer

Answer: A Explanation: A packet analyzer is a computer application used to track, intercept and log network traffic that passes over a digital network. It analyzes network traffic and generates a customized report to assist organizations in managing their networks.

QUESTION NO: 68 A computer lab on a campus network was recently reconfigured using recycled network cables. One of the 24 computers in the lab is unable to connect to the network after the upgrade. A network technician successfully uses the cable in question to connect directly to another computer. Which of the following is MOST likely the issue with the cable? A. The cable is a crossover cable B. The cable is a rollover cable C. The cable has bent pins D. The cable is a Cat 5 cable

Answer: A Explanation: An Ethernet crossover cable is a crossover cable for Ethernet used to connect computing devices together directly. It is most often used to connect two devices of the same type, e.g. two computers or two switches to each other.

QUESTION NO: 79 A technician is investigating a server performance issue. The technician has gathered the server utilization statistics. Which of the following should the technician use to determine which statistics are not in the normal range? A. Baseline review B. Vulnerability scan C. System life-cycle report D. Archiving logs

Answer: A Explanation: An Integrated Baseline Review (IBR) is a joint customer/contractor activity walking through and assessing the Performance Measurement Baseline. ... verify the technical content of the Performance Measurement Baseline (PMB) assess the accuracy of the related resources (budgets) and schedules. identify potential risks.

QUESTION NO: 48 A technician discovers that multiple switches require a major update. Which of the following policies should be followed? A. Change management policy B. Remote access policy C. Acceptable use policy D. Memorandum of understanding

Answer: A Explanation: Change Management refers to a formal process for making changes to IT systems. The goal of change management is to increase awareness and understanding of proposed changes across an organization and ensure that all changes are made in a thoughtful way that minimize negative impact to services and customers.

QUESTION NO: 54 A network administrator wants to ensure sensitive data is not exfiltrated from the system electronically. Which of the following should be implemented? A. DLP B. AUP C. NDA D. SLA

Answer: A Explanation: Data Loss Prevention (DLP) is the practice of detecting and preventing data breaches, exfiltration, or unwanted destruction of sensitive data. Organizations use DLP to protect and secure their data and comply with regulations.

QUESTION NO: 94 A disgruntled employee executes a man-in-the-middle attack on the company network. Layer 2 traffic destined for the gateway is redirected to the employee's computer. This type of attack is an example of: A. ARP cache poisoning B. IP spoofing C. amplified DNS attack D. evil twin

Answer: A Explanation: In computer networking, ARP spoofing, ARP cache poisoning, or ARP poison routing, is a technique by which an attacker sends Address Resolution Protocol messages onto a local area network.

QUESTION NO: 36 A network administrator is setting up a web-based application that needs to be continually accessible to the end users. Which of the following concepts would BEST ensure this requirement? A. High availability B. Snapshots C. NIC teaming D. Cold site

Answer: A Explanation: In context of IT operations, the term High Availability refers to a system (a network, a server array or cluster, etc.) that is designed to avoid loss of service by reducing or managing failures and minimizing planned downtime. ... See how Imperva Site Failover can help you with high availability .

QUESTION NO: 76 Which of the following protocols do MOST MITM attacks utilize? A. ARP B. SIP C. FTP D. SCP

Answer: A Explanation: In the first article of this series we will take a look at ARP cache poisoning. One of the oldest forms of modern MITM attack, ARP cache poisoning (sometimes also known as ARP Poison Routing) allows an attacker on the same subnet as its victims to eavesdrop on all network traffic between the victims.ARP cache poisoning takes advantage of the insecure nature of the ARP protocol. Unlike protocols such as DNS that can be configured to only accept secured dynamic updates, devices using ARP will accept updates at any time.

QUESTION NO: 40 A technician is diagnosing an issue with a new T1 connection. The router is configured, the cable is connected, but the T1 is down. To verify the configuration of the router, which of the following tools should the technician use? A. Loopback adapter B. Cable tester C. Tone generator D. Multimeter

Answer: A Explanation: Microsoft Loopback Adapter is a dummy network card, no hardware is involved. It is used as a testing tool for a virtual network environment where network access is not available. Also, you must use the Loopback adapter if there are conflicts with a network adapter or with a network adapter driver.

QUESTION NO: 57 Which of the following should current network performance be compared against to determine network anomalies? A. Baseline B. Traffic analysis C. Packet capture D. Logs

Answer: A Explanation: Network baselining is the act of measuring and rating the performance of a network in real-time situations. Providing a network baseline requires testing and reporting of the physical connectivity, normal network utilization, protocol usage, peak network utilization, and average throughput of the network usage.

QUESTION NO: 95 The process of attempting to exploit a weakness in a network after being given permission by the company is known as: A. penetration testing B. vulnerability scanning C. reconnaissance D. social engineering

Answer: A Explanation: Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit. Penetration testing can be automated with software applications or performed manually.

QUESTION NO: 4 A network technician receives a call from a user in the accounting department stating that Internet connectivity has been lost after receiving a new workstation. No other users in accounting are reporting similar issues. The network technician is able to ping the machine from the accounting department's router, but is not able to ping the machine from the IT network. Which of the following is MOST likely the cause? A. Incorrect default gateway B. Duplicate IP address C. Misconfigured OSPF D. Improper VLAN assignment

Answer: A Explanation: Realistically, the lack of a default gateway address means your computer will have no way of getting to the Internet. Instead, the IP packet has to be sent to the router (default gateway) and the router will forward the packet toward its destination. Therefore, if the default gateway is incorrectly configured, the host can communicate with other hosts on the same network, but not with hosts on remote networks.

QUESTION NO: 49 A technician is troubleshooting a point-to-point fiber-optic connection. The technician is at a remote site and has no connectivity to the main site. The technician confirms the switch and the send-and-receive light levels are within acceptable range. Both fiber SFPs are confirmed as working. Which of the following should the technician use to reveal the location of the fault? A. OTDR B. Light meter C. Tone generator D. CSU/DSU

Answer: A Explanation: The Optical Time Domain Reflectometer (OTDR) is useful for testing the integrity of fiber optic cables. It can verify splice loss, measure length and find faults. The OTDR is also commonly used to create a "picture" of fiber optic cable when it is newly installed.

QUESTION NO: 86 A single PRI can deliver multiple voice calls simultaneously using which of the following Layer 1 technologies? A. Time division multiplexing B. Analog circuit switching C. CSMA/CD D. Time division spread spectrum

Answer: A Explanation: The Primary Rate Interface is a telecommunications interface standard used on an Integrated Services Digital Network for carrying multiple DS0 voice and data transmissions between the network and a user. PRI is the standard for providing telecommunication services to enterprises and offices. Time-division multiplexing (TDM) is a method of transmitting and receiving independent signals over a common signal path by means of synchronized switches at each end of the transmission line so that each signal appears on the line only a fraction of time in an alternating pattern.

QUESTION NO: 75 A technician is planning a remote-access strategy to manage routers and switches on a dedicated management network. The management network is segregated from the production network and uses site-to-site VPN connections. Some of the equipment does not support encryption. Which of the following should the technician choose that all the equipment would support? A. Telnet B. SSL C. SSH D. IPSec

Answer: A Explanation: The Telnet session between the client and the server is not encrypted. Anyone with access to the TCP/IP packet flow between the communicating hosts can reconstruct the data that flows between the endpoints and read the messaging, including the usernames and passwords that are used to log in to the remote machine.

QUESTION NO: 81 A technician must determine if a web page user's visits are connecting to a suspicious website's IP address in the background. Which of the following tools would provide the information on TCP connections? A. netstat B. tracert C. arp D. ipconfig E. route

Answer: A Explanation: The netstat command generates displays that show network status and protocol statistics. You can display the status of TCP and UDP endpoints in table format, routing table information, and interface information. The most frequently used options for determining network status are: s , r , and i In computing, traceroute and tracert are computer network diagnostic commands for displaying possible routes and measuring transit delays of packets across an Internet Protocol network.

QUESTION NO: 45 The Chief Information Officer (CIO) has noticed the corporate wireless signal is available in the parking lot. Management requests that the wireless network be changed so it is no longer accessible in public areas, without affecting the availability inside the building. Which of the following should be changed on the network? A. Power levels B. Overcapacity C. Distance limitations D. Channel overlap

Answer: A Explanation: The reason for this is that increasing transmit power improves the SNR at points farther away from the radio. The range expands to cover areas where increases in the transmit power causes the SNR at points farther away to be at or above the minimum signal values needed to for reliable operation.

QUESTION NO: 32 A network technician is troubleshooting an end-user connectivity problem. The network technician goes to the appropriate IDF but is unable to identify the appropriate cable due to poor labeling. Which of the following should the network technician use to help identify the appropriate cable? A. Tone generator B. Multimeter C. OTDR D. Loopback adapter

Answer: A Explanation: Tone Generator: Use the IDEAL Networks tone generator to apply atone signal to a wire pair or single conductor, and trace with an amplifier probe. When used with the amplifier probe, the tone generator allows technicians to identify a wire within a bundle, at a cross connect or at a remote end.

QUESTION NO: 41 A network technician receives a call from a user who is experiencing network connectivity issues. The network technician questions the user and learns the user brought in a personal wired router to use multiple computers and connect to the network. Which of the following has the user MOST likely introduced to the network? A. Rogue DHCP server B. Evil twin C. VLAN mismatch D. Honeypot

Answer: A Explanation: When a rogue DHCP server leases incorrect IP addresses to clients, the clients can fail to locate valid domain controllers (DCs), which prevents the clients from successfully logging on to the network. In addition, a rogue server might turn down DHCP clients' requests to renew their current leases. A rogue DHCP server is a misconfigured or unauthorized server that is usually introduced to the network accidentally by a user experimenting with a DHCP server. However, a malicious operator can also introduce a rogue DHCP server.

QUESTION NO: 59 After a server outage, a technician discovers that a physically damaged fiber cable appears to be the problem. After replacing the cable, the server will still not connect to the network. Upon inspecting the cable at the server end, the technician discovers light can be seen through one of the two fiber strands. Which of the following should the technician do FIRST to reconnect the server to the network? A. Reverse the fiber strands of the cable and reconnect them to the server B. Use a TDR to test both strands of a new replacement cable prior to connecting it to the server C. Replace the server's single-mode fiber cable with multimode fiber D. Move the fiber cable to different port on the switch where both strands function

Answer: A Explanation: A common issue that I have experienced is that sometimes when connecting a new fiber cable the cable will have flipped polarity which is when the the Transmit and Receiving signals are swapped. This question is referring to a duplex fiber cable because it mentions TWO fiber strands. In this scenario I would not use a TDR because the technician has just replaced the cable and it is unlikely the new cable should be damaged assuming he had ran it using best industry practice.

QUESTION NO: 19 Which of the following provides the ability to deploy consistent access point configurations from a central location? A. Wireless controller B. AAA server C. WiFi-protected setup D. Proxy server E. VPN concentrator

Answer: A Explanation: A wireless LAN controller is used in combination with the Lightweight Access Point Protocol to manage light-weight access points in large quantities by the network administrator or network operations center. The wireless LAN controller is part of the Data Plane within the Cisco Wireless Model.

QUESTION NO: 16 A network technician is troubleshooting wireless network issues in a crowded office complex and suspects there is interference from nearby wireless networks. Which of the following should the technician perform to discover possible interference? A. Site survey B. Vulnerability scanning C. Wardriving D. Checking logical diagram E. Bandwidth test

Answer: A Explanation: A wireless site survey, sometimes called an RF (Radio Frequency) site survey or wireless survey, is the process of planning and designing a wireless network, to provide a wireless solution that will deliver the required wireless coverage, data rates, network capacity, roaming capability and Quality of Service (QoS). Site surveys allow network engineers to identify areas of RF coverage and the equipment necessary to deliver the required signal level at a given location. Without it, planning an enterprise-grade WiFi network becomes challenging, if not impossible, causing several common problems such as: Coverage holes

QUESTION NO: 10 Which of the following would allow a device to maintain the same IP address lease based on the physical address of the network card? A. MAC address reservation B. Static IP address C. IP address exclusion D. Custom DNS server entry

Answer: A Explanation: DHCP Servers support something called a "DHCP Reservation", which essentially allows you to provide a pre-set IP address to a specific client based on it's physical MAC address. This means that the device will always get the same IP address and it will never change (whereas they typically do on occasion)

QUESTION NO: 14 A network technician is deploying mobile phones for a company's sales staff. Salespeople frequently travel nationally and internationally to meet with clients, and often have to roam or switch cellular providers. Which of the following standards is the BEST option to fit the requirements? A. GSM B. TDM C. CDMA D. PSTN E. MIMO

Answer: A Explanation: GSM means Global System for Mobile communications, which is a network that supports both cellular and data. CDMA is a handset-based standard, with a phone number linked to a particular device. ... On the other hand, with GSM devices, the phone number is linked to the SIM card, so when switching devices, all you have to do is pop the SIM card into a new phone and you are good to go.

QUESTION NO: 12 A network engineer is configuring wireless access for guests at an organization. Access to other areas in the organization should not be accessible to guests. Which of the following represents the MOST secure method to configure guest access to the wireless network? A. Guests should log into a separate wireless network using a captive portal B. Guests should log into the current wireless network using credentials obtained upon entering the facility C. The existing wireless network should be configured to allow guest access D. An additional wireless network should be configured to allow guest access

Answer: A Explanation: Guest Wi-Fi networks help to protect the primary network from security threats such as network worms or malware that could otherwise spread to other computers on the same network.

QUESTION NO: 8 A company has hundreds of nodes on a single subnet and has decided to implement VLANs. Which of the following BEST describes the benefit of this approach? A. It segments broadcast domains in the network infrastructure. B.It provides a faster port to all servers. C.It provides multiple collision domains on one switchport. D.It provides multiple broadcast domains within a single collision domain.

Answer: A Explanation: One of the main reasons you might be looking at a VLAN is the added security benefits. Devices on different VLANs cannot communicate with each other. You can create a VLAN for a guest network while keeping the reset of the company at a safe distance. You can even take it a step further and create multiple VLANs for all of your departments. Making it faster to get information since it is separated or segmented and are not sharing the same traffic pattern or street. A subnet works at the IP layer or Layer 3 of the OSI Model. Subnets enable you to create smaller networks inside a larger overall network.

QUESTION NO: 99 A contractor is setting up and configuring conference rooms for a convention. The contractor sets up each room in the conference center to allow wired Internet access going to individual tables. The contractor measured the distance between the hotel's patch panel to the jack, and the distance is within Cat 5e specifications. The contractor is concerned that the room will be out of specification if cables are run in each room from the wall jacks. Which of the following actions should the contractor take to ensure the cable runs meet specifications and the network functions properly? A. Place a switch at the hotel's patch panel for connecting each room's cables B. Place a switch on each table to ensure strong connectivity C. Place repeaters between the patch panel and the rooms D. place a switch at the wall jack and run the cables in the room from there

Answer: A Explanation: Place a switch at the hotel's patch panel for connecting each room's cables basically means placing a switch in each room's IDF (Intermediate distribution frame).

QUESTION NO: 98 A network administrator has a monitoring system in place that is currently polling hundreds of network devices at regular intervals. The continuous polling is causing high CPU utilization on the server. Which of the following tasks should the administrator perform to resolve the CPU issue while maintaining full monitoring capabilities? A. Remove SNMP polling and configure SNMP traps on each network device B. Remove SNMP polling and implement snmpwalk on each network device C. Upgrade SNMP to the latest version to mitigate vulnerabilities D. Modify SNMP polling to poll only during business hours

Answer: A Explanation: Polling causes CPU issues on the server due to constant tasking. SNMP Traps are alert messages sent from a remote SNMP-enabled device to a central collector which takes the load off the server.

QUESTION NO: 24 Which of the following security mechanisms dynamically assigns a Layer 2 address and restricts traffic only to that Layer 2 address? A. Sticky MAC B. 802.1x C. ACL D. NAC

Answer: A Explanation: Sticky MAC with MAC limit prevents Layer 2 denial of service (DoS) attacks, overflow attacks on the Ethernet switching table, and DHCP starvation attacks by limiting the MAC addresses allowed while still allowing the interface to dynamically learn a specified number of MAC addresses.

QUESTION NO: 23 Users are reporting Internet connectivity issues. The network administrator wants to determine if the issues are internal to the company network or if there is an issue with the ISP. Which of the following tools should be used to BEST determine where the outage is occurring? A. traceroute B. ping C. nslookup D. netstat

Answer: A Explanation: TRACERT is useful for troubleshooting large networks where several paths can lead to the same point or where many intermediate components (routers or bridges) are involved. You can use TRACERT to find out where a packet stopped on the network. In the following example, the default gateway has found that there is no valid path for the host on 22.110.0.1. Probably, either the router has a configuration problem, or the 22.110.0.0 network does not exist, reflecting a bad IP address.

QUESTION NO: 9 A company has completed construction of a new datacenter, and the IT staff is now planning to relocate all server and network equipment from the old site to the new site. Which of the following should the IT staff reference to determine the location of the equipment being moved? A. Rack diagrams B. Network topology C. Standard operating procedures D. Wiring documentation

Answer: A Explanation: The Rack Diagram is a graphic representation of a rack system, often used as a server and designed to be installed in a framework. Rack diagrams can be extremely valuable when selecting equipment or racks to buy, since they are drawn to scale and can help determine what size to choose. In addition, a rack diagram allows for efficient organization prior to moving the actual equipment.

QUESTION NO: 17 A network technician is troubleshooting an issue and has established a theory of probable cause. Which of the following steps should the network technician take NEXT? A. Test the possible solution B. Question the users C. Determine what has changed D. Document the theory

Answer: A Explanation: The six steps of troubleshooting. Identify the problem. ... Establish a theory of probable cause. ... Test probable cause theory to determine actual cause. ... Establish an action plan and execute the plan. ... Verify full system functionality. ... Document the process.

QUESTION NO: 6 A technician is installing a new wireless badging system on a hospital network. The requirements of the badging system are for it to have its own SSID and low power levels. The badging system has to cover 99.9% of the hospital. Which of the following is the BEST action to take to meet the system requirements? A. Install additional WAPs B. Install external antennas C. Move the WAPs closer to the more populated area D. Change the antenna types

Answer: A Explanation: WPS stands for Wi-Fi Protected Setup. It is a wireless network security standard that tries to make connections between a router and wireless devices faster and easier. WPS works only for wireless networks that use a password that is encrypted with the WPA Personal or WPA2 Personal security protocols. Without an adequate number of WAPs, data rates and throughput will decrease as users move farther away from WAPs (and more users connect). Wireless badging system for workforce management. ... A second RF system that interacts with wireless location spot markers (microZones), whereby a doorway may identify itself directly to the badge.

QUESTION NO: 47 Based on networks 10.8.16.0/22 and 10.8.31.0/21, which of the following is the BEST summarized CIDR notation? A. 10.8.0.0/16 B. 10.8.0.0/19 C. 10.8.0.0/20 D. 10.0.0.0/24

Answer: A Explanation:? The Answer is A the only thing you need to know is what they have in common and that would be only the first 2 octets so CIDR notation tells you 16 uses the full range of the first 2 Octets.

QUESTION NO: 85 A telecommunications provider has just deployed a new OC-12 circuit at a customer site. While the circuit showed no errors from the provider end to the customer's demarcation point, a network administrator is trying to determine the cause of dropped packets and errors on the circuit. Which of the following should the network administrator do to rule out any problems at Layer 1? (Choose two.) A. Use a loopback at the demark and router, and check for a link light B. Use an OTDR to validate the cable integrity C. Use a pinout tester to validate the cable integrity D. Use a multimeter to validate the cable integrity E. Check for any devices that may be causing EMI on the cable F. Clean the cables to be sure they are free of dust and debris

Answer: A,B Explanation: The loopback device is a special, virtual network interface that your computer uses to communicate with itself. It is used mainly for diagnostics and troubleshooting, and to connect to servers running on the local machine. The Optical Time Domain Reflectometer (OTDR) is useful for testing the integrity of fiber optic cables. It can verify splice loss, measure length and find faults. The OTDR is also commonly used to create a "picture" of fiber optic cable when it is newly installed.

QUESTION NO: 84 As part of a transition from a static to a dynamic routing protocol on an organization's internal network, the routing protocol must support IPv4 and VLSM. Based on those requirements, which of the following should the network administrator use? (Choose two.) A. OSPF B. IS-IS C. RIPv1 D. BGP E. VRRP

Answer: A,B Explanation: VLSM stands for Variable Length Subnet Mask where the subnet design uses more than one mask in the same network which means more than one mask is used for different subnets of a single class A, B, C or a network. It is also defined as the process of subnetting of a subnet. OSPF is a Link State Algorithm. OSPF supports Variable Length Subnet Masks (VLSM), IPV4 and IPV6 at the same time. IS-IS supports IPV4 and VLSM

QUESTION NO: 83 A network technician receives a spool of Cat 6a cable and is asked to build several cables for a new set of Ethernet runs between devices. Which of the following tools are MOST likely needed to complete the task? (Choose three.) A. Wire stripper B. Cable crimper C. RJ-11 connectors D. RJ-45 connectors E. Multimeter F. Punchdown tool G. Tone generator

Answer: A,B,D Explanation: A wire stripper is a small, hand-held device used to strip the electrical insulation from electric wires. A crimping tool is a device used to conjoin two pieces of metal by deforming one or both of them to hold each other. The result of the tool's work is called a crimp. An example of crimping is affixing a connector to the end of a cable. A punch down tool, also called a krone tool, is a hand tool used to connect telecommunications and network wires to a patch panel, punch down block, keystone module, or surface mount box. The "punch down" part of the name comes from punching a wire into place using an impact action.

QUESTION NO: 22 A penetration tester has been tasked with reconnaissance to determine which ports are open on the network. Which of the following tasks should be done FIRST? (Choose two.) A. Network scan B. Banner grab C. Tracert D. DHCP server check E. Brute-force attack

Answer: A,C Explanation: Network scanning is a procedure for identifying active devices on a network by employing a feature or features in the network protocol to signal devices and await a response. Traceroute is a network diagnostic tool used to track in real-time the pathway taken by a packet on an IP network from source to destination, reporting the IP addresses of all the routers it pinged in between. Traceroute also records the time taken for each hop the packet makes during its route to the destination.

QUESTION NO: 34 A network technician is considering opening ports on the firewall for an upcoming VoIP PBX implementation. Which of the following protocols is the technician MOST likely to consider? (Choose three.) A. SIP B. NTP C. H.323 D. SMB E. ICMP F. RTP G. IPSec H. RDP

Answer: A,C,F Explanation: A: The Session Initiation Protocol is a signaling protocol used for initiating, maintaining, and terminating real-time sessions that include voice, video and messaging applications. C: H. 323 is an ITU Telecommunication Standardization Sector (ITU-T) recommendation that describes protocols for the provision of audio-visual (A/V) communication sessions on all packet networks. H. ... 323 is widely used in IP based videoconferencing, Voice over Internet Protocol (VoIP) and Internet telephony. F: The Real-time Transport Protocol (RTP) is a network protocol for delivering audio and video over IP networks. ... While RTP carries the media streams (e.g., audio and video), RTCP is used to monitor transmission statistics and quality of service (QoS) and aids synchronization of multiple streams.

QUESTION NO: 43 Which of the following is the number of broadcast domain that are created when using an unmanaged 12-port switch? A. 0 B. 1 C. 2 D. 6 E. 12

Answer: B Explanation:

QUESTION NO: 66 A company has a web-based application that is used by many different departments. The company has experienced some overload of resources on the database server. The network administrator implements a network device in between the servers and the database. Which of the following BEST describes the purpose of this device? A. Content filtering and network analysis B. Load balancing and providing high availability C. Port sniffing and protocol analysis D. Clustering and NIC teaming

Answer: B Explanation:

QUESTION NO: 77 An ISP technician gets a call from a business that just changed equipment but can no longer connect to the Internet. The technician checks the ARP table on the ISP switch, and there is no corresponding MAC address present. Instead, the entry is "Incomplete". Which of the following could cause this condition? A. VLAN mismatch B. Duplex/Speed mismatch C. Duplicate IP address D. TX/RX reverse

Answer: B Explanation: A duplex mismatch occurs when two devices connected by Ethernet do not properly negotiate their connection. Ethernet has the option of running at different speeds (10, 100, or 1 Gbps) and has the option of running half duplex or full duplex. ... A duplex mismatch will cause constant packet loss.

QUESTION NO: 96 A company has contracted with an outside vendor to perform a service that will provide hardware, software, and procedures in case of a catastrophic failure of the primary datacenter. The Chief Information Officer (CIO) is concerned because this contract does not include a long-term strategy for extended outages. Which of the following should the CIO complete? A. Disaster recovery plan B. Business continuity plan C. Service level agreement D. First responder training

Answer: B Explanation: A network disaster recovery plan is a set of procedures designed to prepare an organization to respond to an interruption of network services during a natural or manmade catastrophe. Voice, data, internet access and other network services often share the same network resources.

QUESTION NO: 89 Which of the following MUST be implemented to share metrics between routing protocols within the same router? A. Routing loop B. Routing table C. Route redistribution D. Dynamic routes

Answer: B Explanation: A routing table is a data file in RAM that is used to store route information about directly connected and remote networks. The routing table contains network/next hop associations.

QUESTION NO: 51 Client PCs are unable to receive addressing information from a newly configured interface on a router. Which of the following should be added to allow the clients to connect? A. DHCP lease time B. IP helper C. TTL D. DNS record type

Answer: B Explanation: Internet Protocol Helper (IP Helper) assists network administration of the local computer by enabling applications to retrieve information about the network configuration of the local computer, and to modify that configuration

QUESTION NO: 26 According to the OSI model, at which of the following layers is data encapsulated into a packet? A. Layer 2 B. Layer 3 C. Layer 4 D. Layer 5 E. Layer 6

Answer: B Explanation: Layer 3 PDU refers to the data encapsulated at the Network layer of the OSI model ncapsulation describes the process of putting headers (and sometimes trailers) around some data.

QUESTION NO: 53 A technician logs onto a system using Telnet because SSH is unavailable. SSH is enabled on the target device, and access is allowed from all subnets. The technician discovers a critical step was missed. Which of the following would allow SSH to function properly? A. Perform file hashing B. Generate new keys C. Update firmware D. Change default credentials

Answer: B Explanation: SSH keys can be used to establish a secure connection with Bitbucket Server for: when you are performing Git operations from your local machine. when another system or process needs access to repositories in Bitbucket Server (for example your build server)

QUESTION NO: 44 A network engineer wants to segment the network into multiple broadcast domains. Which of the following devices would allow for communication between the segments? A. Layer 2 switch B. Layer 3 switch C. Bridge D. Load balancer

Answer: B Explanation: Simply put, a layer 3 switch combines the functionality of a switch and a router. It acts as a switch to connect devices that are on the same subnet or virtual LAN at lightning speeds and has IP routing intelligence built into it to double up as a router.

QUESTION NO: 69 Which of the following is a reason why a business may be hesitant to move sensitive data to a SaaS cloud service? A. Decreased performance of internal network B. Loss of full control over data resources C. Increased malware exposure D. Incompatibility with the current network

Answer: B Explanation: Software as a service (SaaS) is a software distribution model in which a third-party provider hosts applications and makes them available to customers over the Internet. SaaS is one of three main categories of cloud computing, alongside infrastructure as a service and platform as a service

QUESTION NO: 18 A network technician has discovered a rogue access point placed under an empty cubicle desk. Which of the following should the technician perform to ensure another cannot be placed on the network? A. Disable unused ports on switches B. Enable DHCP guard to detect rogue servers C. Configure WPA2 on all access points D. Use TACACS+ authentication

Answer: B Explanation: DHCP guarding configures Unifi switches to restrict DHCP servers to the IP's listed. This can prevent malicious or accidental DHCP servers (someone plugging their router into a LAN port and causing clients to join their network) Recommend enabling and including the Gateway for the network as a trusted DHCP server.

QUESTION NO: 20 A network technician is configuring a wireless network at a branch office. Users at this office work with large files and must be able to access their files on the server quickly. Which of the following 802.11 standards provides the MOST bandwidth? A. a B. ac C. g D. n

Answer: B Explanation: If you're looking for faster Wi-Fi performance, you want 802.11ac — it's that simple. In essence, 802.11ac is a supercharged version of 802.11n. 802.11ac is dozens of times faster, and delivers speeds ranging from 433 Mbps (megabits per second) up to several gigabits per second.

QUESTION NO: 2 A technician has racked a new access switch and has run multimode fiber to a new location. After installing an extended-range 10Gb SFP in the core switch, the technician installed a 10Gb SFP in the access switch and connected the port to the new extension with a fiber jumper. However, the link does not display, and the technician cannot see light emitting from the core switch. Which of the following solutions is MOST likely to resolve the problem? A. Swap the fiber pairs in one of the SFPs B.Replace the jumpers with single-mode fiber C.Set the correct MTU on the new interface D.Install an optic that matches the fiber type

Answer: B Explanation: Multimode has a 50 or 62.5 micron core diameter, while single mode fiber typically has a 9 micron core. If you connect two fibers with different core diameters, you'll lose a lot of the light going through the connector, resulting in a link flapping or being down.

QUESTION NO: 50 A Chief Information Officer (CIO) wants to move some IT services to a cloud service offering. However, the network administrator still wants to be able to control some parts of the cloud service's networking components. Which of the following should be leveraged to complete this task? A. IaaS B. PaaS C. SaaS D. DaaS

Answer: B Explanation: Platform-as-a-service (PaaS) is a type of cloud computing offering in which a service provider delivers a platform to clients, enabling them to develop, run, and manage business applications without the need to build and maintain the infrastructure such software development processes typically require. Software as a service (SaaS) is a software distribution model in which a third-party provider hosts applications DaaS provides a secure access point for users and simplifies desktop and app management processes and procedures IaaS is useful for handling unpredictable demand and steadily growing storage needs

QUESTION NO: 5 A firewall administrator is implementing a rule that directs HTTP traffic to an internal server listening on a non-standard socket. Which of the following types of rules is the administrator implementing? A. NAT B. PAT C. STP D. SNAT E. ARP

Answer: B Explanation: Port Address Translation (PAT) is a feature of a network device that translates communications made between hosts on a private network and hosts on a public network. PAT allows a single public IP address to be used by many hosts on the private network, which is usually a LAN. Port Address Translation (PAT), is an extension to network address translation (NAT) that permits multiple devices on a local area network (LAN) to be mapped to a single public IP address. The goal of PAT is to conserve IP addresses.

QUESTION NO: 92 A network technician needs to separate a web server listening on port 80 from the internal LAN and secure the server from the public Internet. The web server should be accessible to the public Internet over port 80 but not the private LAN. Currently, the network is segmented with a networkbased firewall using the following IP addressing scheme on each interface: Zone Interface IP Address Public eth0 10.0.0.1/24 DMZ eth1 10.0.1.1/24 Private eth2 10.0.2.1/24 Which of the following ones should the technician use to place the web server and which of the following firewall rules should the technician configure? A. Place the web server in the public zone with an inbound rule from eth0 interface to accept traffic over port 80 designated to the web server B. Place the web server in the DMZ with an inbound rule from eth0 interface to eth1 to accept traffic over port 80 designated to the web server C. Place the web server in the private zone with an inbound rule from eth2 interface to eth1 to accept traffic over port 80 designated to the web server D. Place the web server in the DMZ with an inbound rule from eth1 interface to eth0 to accept traffic over port 80 designated to the web server

Answer: B Explanation: Public = Internet TrafficDMZ = A control area on one side of your firewall that is exposed to Public (web server goes here)Private = A control area on the other side of your firewall that is not exposed to PublicTo summarize the question "Make the web-server accessible to the public on port 80 but keep Public out of Private"...So you make an "in-bound rule" for port 80 from "eth1" which is the DMZ interface of where your web server resides listening on port 80. Since interface "eth2" is listed as "private" and no "inbound rules" are defined, one assumes with the information given it is on the protected side of the firewall. There is also a typo "S0" should be "80"

QUESTION NO: 7 A technician attempts to replace a switch with a new one of similar model from the same vendor. When the technician moves the fiber and SFP plug, the switch does not completely boot up. Considering that the config files are the same, which of the following is the MOST likely cause of the failure? A. Damaged fiber B. Corrupted operating system C. VLAN mismatch D. Bad port

Answer: B Explanation: Virus and Trojan: Common reasons for OS crash. Viruses and Trojans corrupt the system files, "eat up" the memory not allowing OS to retrieve it when a programs stops, changes administrative settings, frequent rebooting without any sign etc.

QUESTION NO: 42 A technician is setting up a direct connection between two older PCs so they can communicate but not be on the corporate network. The technician does not have access to a spare switch but does have spare Cat 6 cables, RJ-45 plugs, and a crimping tool. The technician cuts off one end of the cable. Which of the following should the technician do to make a crossover cable before crimping the new plug? A. Reverse the wires leading to pins 1 and 2 B. Reverse the wires leading to pins 1 and 3 C. Reverse the wires leading to pins 2 and 3 D. Reverse the wires leading to pins 2 and 4

Answer: B Explanation: What Is Crossover Cable? A Crossover cable is a type of CAT 5 where one end isT568A configuration and the other end as T568BConfiguration. In this type of cable connection, Pin 1 is crossed with Pin 3, and Pin 2 is crossed with Pin 6. Crossover cable is used to connect two or more computing devices.

QUESTION NO: 28 A junior network technician is setting up a new email server on the company network. Which of the following default ports should the technician ensure is open on the firewall so the new email server can relay email? A. 23 B. 25 C. 110 D. 143

Answer: B Explanation: establishing port 25 as the default transmission channel for internet email. Port 110 is used by the POP3 Port 23 is typically used by the Telnet protocol.

QUESTION NO: 25 Which of the following is a vulnerable system designed to detect and log unauthorized access? A. SIEM B. Honeypot C. DMZ D. Proxy server

Answer: B Explanation: honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems. Generally, a honeypot consists of data (for example, in a network site) that appears to be a legitimate part of the site that seems to contain information or a resource of value to attackers, but actually, is isolated and monitored and, enables blocking or analyzing the attackers.

QUESTION NO: 73 A technician is upgrading the firmware on an older KVM switch. The specifications call for a serial port to connect to the computer on one side, and an Ethernet jack to connect to the switch on the other side. Which of the following connectors does the technician need for this cable? (Choose two.) A. RG-9 B. DB-9 C. RJ-11 D. DB-25 E. RJ-45 F. BNC

Answer: B,E Explanation: A DB9 cable consists of a 9-pin connector and you can use it for connecting computer peripheries like keyboards and mice. The name of this connector has come from its trapezoidal shape which looks like the letter "D" RJ45 is a standard type of physical connector for network cables, which is especially used for Ethernet networking. And "45" is the number of the interface standard. Recently, RJ45 connectors are commonly seen with Ethernet cable and network cable.

QUESTION NO: 15 A network administrator has been given a network of 172.16.85.0/21 and wants to know the usable range of IP addresses on that subnet. Which of the following indicates the correct IP address range? A. 172.16.80.0-172.16.85.254 B. 172.16.80.0-172.16.88.255 C. 172.16.80.1-172.16.87.254 D. 172.16.80.1-172.16.85.255

Answer: C Explanation:

QUESTION NO: 27 Which of the following WAN technologies is MOST preferred when developing a VoIP system with 23 concurrent channels? A. DSL B. POTS C. T1 D. DOCSIS

Answer: C Explanation: A T1 VOIP service is a T1 phone service using Voice over IP to transport calls over public or private IP networks. T1 VOIP lines are used by businesses to provide local and long distance voice service as well as other applications. ... T1 VOIP service is very flexible and can scale quickly with additional bandwidth added.

QUESTION NO: 46 A network technician is assisting the security team with some traffic captures. The security team wants to capture all traffic on a single subnet between the router and the core switch. To do so, the team must ensure there is only a single collision and broadcast domain between the router and the switch from which they will collect traffic. Which of the following should the technician install to BEST meet the goal? A. Bridge B. Crossover cable C. Hub D. Media converter

Answer: C Explanation: A hub is a physical layer networking device which is used to connect multiple devices in a network. They are generally used to connect computers in a LAN. A hub has many ports in it. A computer which intends to be connected to the network is plugged in to one of these ports

QUESTION NO: 62 A network technician is able to connect the switches between two offices, but the offices cannot communicate with each other, as each office uses a different IP addressing scheme. Which of the following devices needs to be installed between the switches to allow communication? A. Bridge B. Access point C. Router D. Range extender

Answer: C Explanation: A router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet. Data sent through the internet, such as a web page or email, is in the form of data packets.

QUESTION NO: 60 The backup server connects to a NAS device using block-level storage over Ethernet. The performance is very slow, however, and the network technician suspects the performance issues are network related. Which of the following should the technician do to improve performance? A. Utilize UDP to eliminate packet overhead B. Turn off MDIX settings on the NAS and server switchports C. Enable jumbo frames on the NAS and server D. Encapsulate the storage traffic in a GRE tunnel

Answer: C Explanation: A. Windows Vista and Windows Server 2008 introduced jumbo frames support, which enables a much larger Maximum Transmission Unit (MTU) size for data being sent over a network. The larger MTU means more data can be sent before requiring an acknowledgement.

QUESTION NO: 29 Which of the following policies would Joe, a user, have to agree to when he brings in his personal tablet to connect to the company's guest wireless Internet? A. NDA B. IRP C. BYOD D. SLA

Answer: C Explanation: Bring your own device (BYOD) refers to the trend of employees using personal devices to connect to their organizational networks and access work-related systems and potentially sensitive or confidential data. Personal devices could include smartphones, personal computers, tablets, or USB drives.

QUESTION NO: 70 Users have been experiencing slow network response times, and management has asked the network technician to provide evidence of network improvement. After optimizing the network, which of the following would be required? A. IDF/MDF documentation B. Change management C. Performance baseline D. Physical diagram

Answer: C Explanation: In the simplest terms, a network performance baseline is a set of metrics used in network performance monitoring to define the normal working conditions of an enterprise network infrastructure. Engineers use network performance baselines for comparison to catch changes in traffic that could indicate a problem.

QUESTION NO: 65 A network technician is connecting two switches together. Which of the following protocols should the technician use to increase speed and fault tolerance? A. SIP B. BGP C. LACP D. LLDP

Answer: C Explanation: It allows directly connected switches to negotiate an EtherChannel link. It eliminates the need for configuring trunk interfaces when deploying VLANs on multiple switches. Link Aggregation Control Protocol or LACP is one element of an IEEE specification (802.3ad) that provides guidance on the practice of link aggregation for data connections. Importantly, LACP typically applies to strategies that bundle individual links of Ethernet connections, and not wireless transfers

In a service provider network, a company has an existing IP address scheme. Company A's network currently uses the following scheme: SUBNET 1: 192.168.1.0/26 SUBNET 2: 192.168.1.65/26 Company b uses the following scheme: Subnet 1: 192.168.1.50/28 The network administrator cannot force the customer to update its IP scheme. Considering this, which of the following is the BEST way for the company to connect these networks? A. DMZ B. PAT C. NAT D. VLAN

Answer: C Explanation: It enables private IP networks that use unregistered IP addresses to connect to the Internet. NAT operates on a router, usually connecting two networks together, and translates the private (not globally unique) addresses in the internal network into legal addresses, before packets are forwarded to another network.

QUESTION NO: 67 A technician is replacing a switch at a branch office and discovers the existing backbone cable does not fit in the new switch. The fiber patch panel has circular connections. The new switch has a transceiver that accepts a smaller square adapter of two strands. Which of the following patch cables would the technician need to complete the installation? A. LC to SC B. SC to ST C. LC to ST D. ST to ST E. SC to SC

Answer: C Explanation: Local Connectors are two-pronged square fiber connectors. This matches the transceiver at the switch which calls for a square two-strand adapter. Straight Tip connectors are round with the fiber tip extruding out. This corresponds to the circular connections in the patch panel. Square Connector (SC) is square but only has one fiber end at each connector. This does not satisfy either media requirement.

QUESTION NO: 64 Which of the following is the correct port number for NTP? A. 25 B. 69 C. 123 D. 161

Answer: C Explanation: NTP is a UDP-based service. NTP servers use well-known port 123 to talk to each other and to NTP clients.

QUESTION NO: 93 A company recently upgraded all of its printers to networked multifunction devices. Users can print to the new devices, but they would also like the ability to scan and fax files from their computers. Which of the following should the technician update to allow this functionality? A. Device software B. Printer drivers C. Printer firmware D. NIC drivers

Answer: C Explanation: Printer firmware is the actual program that is installed in a printer when it is first manufactured. The firmware tells the printer everything it needs to know to operate correctly and to interact with a PC or Apple computer.

QUESTION NO: 63 A network technician is working on a proposal for email migration from an on-premises email system to a vendor-hosted email in the cloud. The technician needs to explain to management what type of cloud model will be utilized with the cloud-hosted email. Which of the following cloud models should the technician identify in the proposal? A. IaaS B. PaaS C. SaaS D. MaaS

Answer: C Explanation: Software as a service (SaaS) is a software distribution model in which a third-party provider hosts applications and makes them available to customers over the Internet. SaaS is one of three main categories of cloud computing, alongside infrastructure as a service and platform as a service

QUESTION NO: 35 A device operating at Layer 3 of the OSI model uses which of the following protocols to determine the path to a different network? A. STP B. RTP C. RIP D. NTP E. SIP

Answer: C Explanation: RIP works at layer 3 and sends routing information across the network. The Routing Information Protocol (RIP) is one of the oldest distance-vector routing protocols which employs the hop count as a routing metric. RIP prevents routing loops by implementing a limit on the number of hops allowed in a path from source to destination.

QUESTION NO: 72 A technician is setting up a branch office on a point-to-point connection. Which of the following IP network blocks is the MOST efficient use of IP address space for the router connections between the two sites? A. /24 B. /25 C. /30 D. /32

Answer: C Explanation: /30 means that 30 bits is allotted to the Network portion which leaves us to just 2 host bits. Now since the question requires a point to point connection and with efficiency meaning no excess address. Since 2 bits are left in the host portion 2^2 = 4, 1 will be for the Network ID, 1 for broadcast ID and 2 left for the usable addresses that will cater the point to point connection.

QUESTION NO: 52 When enabling jumbo frames on a network device, which of the following parameters is being adjusted? A. Speed B. Duplex C. MTU D. TTL

Answer: C Explanation: A maximum transmission unit (MTU) is the largest packet or frame size, specified in octets (eight-bit bytes) that can be sent in a packet- or frame-based network such as the internet. The internet's transmission control protocol (TCP) uses the MTU to determine the maximum size of each packet in any transmission. Time to live (TTL) or hop limit is a mechanism that limits the lifespan or lifetime of data in a computer or network

QUESTION NO: 3 A network technician has implemented ACLs to limit access to cloud-based file storage. Which of the following security mechanisms has the technician enforced? A. DLP B. IDS C. WAF D. WPA E. TPM

Answer: C Explanation: A network access control list (ACL) is an optional layer of security for your VPC (A virtual private cloud) that acts as a firewall for controlling traffic in and out of one or more subnets. You might set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC. A WAF or Web Application Firewall helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others.

QUESTION NO: 21 A network administrator configures a router with the following IP address information: Gigabit Ethernet 1 Interface: 10.10.0.1/24 Serial 0 Interface: 10.10.0.253/30 Clients are connected to a switch on the gigabit Ethernet interface; the ISP is connected to the Serial 0 interface. When the router configuration is complete and client devices are reconfigured, all clients report that they are unable to connect to the Internet. Which of the following is the MOST likely reason? A. The router was configured with an incorrect IP address B. The router was configured with an incorrect default gateway C. The router was configured with an incorrect subnet mask D. The router was configured with an incorrect loopback address

Answer: C Explanation: The subnet mask is incorrectly configured. A /30 would give you a subnet mask of 255.255.255.252 First available would be 10.10.255.253 If the (ISP) is conNECTED to the 253 its WRONG It should be 252 which is the network ID

QUESTION NO: 1 A UTM is deployed on the external edge of the main corporate office. The office connects to the WAN port of the edge router. The edge router at the main office connects to the remote offices using GRE IPSec tunnels. A network administrator notices that a worm that was not detected by the UTM has spread from the remote sites into the corporate network. The UTM currently has traffic rules applied that should block the port used by the worm. Which of the following steps would MOST likely correct this issue? A. Move the UTM onto the LAN side of the network B. Enable TLS inspection on the UTM C. Enable stateful inspection on the UTM D. Configure the UTM to deny encrypted files from being transferred

Answer: C Explanation: Unified threat management, commonly abbreviated as UTM, is an information security term that refers to a single security solution, and usually a single security appliance, that provides multiple security functions at a single point on the network . Stateful inspection, also known as dynamic packet filtering, is a firewall technology that monitors the state of active connections and uses this information to determine which network packets to allow through the firewall. Stateful inspection functions like a packet filter by allowing or denying connections based upon the same types of filtering. However, a stateful firewall also monitors the "state" of a communication.

QUESTION NO: 88 A customer cannot access a company's secure website. The company's network security is reviewing the firewall for the server and finds the following output: Time Action Src IP Src Port Dst IP Dst Port 0902 Allow 12.73.15.5 31865 10.5.0.10 80 1005 Deny 12.73.15.5 31866 10.5.0.10 443 1006 Deny 12.73.15.5 31890 10.5.0.10 443 Which of the following changes should be made to allow all customers to access the company's secure website? A. Allow any any 10.5.0.10 443 B. Allow any any 12.73.15.5 443 C. Allow 10.5.0.10 443 any any D. Allow 10.5.0.10 any 10.5.0.10 80

Answer: C Explanation:?

QUESTION NO: 61 A technician is trying to determine the IP address of a customer's router. The customer has an IP address of 192.168.1.55/24. Which of the following is the address of the customer's router? A. 192.168.0.55 B. 192.168.1.0 C. 192.168.1.1 D. 192.168.5.5 E. 255.255.255.0

Answer: C Explanation:?a /24 means they have 192.168.1. in common and the first usable address is 1.1.

QUESTION NO: 80 Which of the following devices, if implemented, would result in decreased administration time of an 802.11 network running centralized authentication services? (Choose two.) A. VPN concentrator B. Proxy server C. Wireless controller D. RADIUS server E. Multilayer switch

Answer: C,D Explanation: A wireless LAN (or WLAN) controller is used in combination with the Lightweight Access Point Protocol (LWAPP) to manage light-weight access points in large quantities by the network administrator or network operations center. The wireless LAN controller is part of the Data Plane within the Cisco Wireless Model. Remote Authentication Dial-In User Service is a networking protocol, operating on port 1812, that provides centralized Authentication, Authorization, and Accounting management for users who connect and use a network service

QUESTION NO: 97 A typical cell tower will have microwave and cellular antennas. Which of the following network topologies do these represent? (Choose two.) A. Point-to-multipoint B. Bus C. Point-to-point D. Mesh E. Peer-peer F. Ring

Answer: C,D Explanation: Point-to-Point Networks are mainly used for two locations that need to securely send sensitive or confidential data between each location. Its high performance it provides is due to the low latency of the network A wireless mesh network (WMN) is a communications network made up of radio nodes organized in a mesh topology. ... Mesh clients are often laptops, cell phones, and other wireless devices. Mesh routers forward traffic to and from the gateways, which may, but need not, be connected to the Internet.

QUESTION NO: 90 An engineer is reviewing the implementation requirements for an upcoming project. The basic requirements identified by the customer include the following: WLAN architecture supporting speeds in excess of 150 Mbps Clientless remote network access Port-based network access control Which of the following solution sets properly addresses all of the identified requirements? A. 802.11a, IPSec VPN, 802.1x B. 802.11ac, MPLS, 802.3 C. 802.11b, PPTP, 802.1x D. 802.11g, MS-CHAP, 802.16 E. 802.11n, SSL-VPN, 802.1x

Answer: E Explanation: Key phrase "clientless remote network access". SSL-VPN can be done through a browser whereas VPN with IPSEC requires a VPN client to be installed on the computer. a is slower than requested speed.

QUESTION NO: 58 A network administrator configures an email server to use secure protocols. When the upgrade is completed, which of the following ports on the firewall should be configured to allow for connectivity? (Choose three.) A. TCP 25 B. TCP 110 C. TCP 143 D. TCP 389 E. TCP 587 F. TCP 993 G. TCP 995

Answer: E,F,G Explanation: E: Port 587: This is the default mail submission port. When an email client or outgoing server is submitting an email to be routed by a proper mail server, it should always use SMTP port 587 as the default port F: The Internet Message Access Protocol (IMAP) is a mail protocol used for accessing email on a remote web server from a local client. IMAP and POP3 are the two most commonly used Internet mail protocols for retrieving emails. ... Port 993 - this is the port you need to use if you want to connect using IMAP securely. G:Post Office Protocol version 3 (POP3) is a standard mail protocol used to receive emails from a remote server to a local email client. ... Port 110 - this is the default POP3 non-encrypted port; Port 995 - this is the port you need to use if you want to connect using POP3 securely.


Ensembles d'études connexes

2.2.1 2.2.2Human impacts of the Environment NC 2.2.1 and 2.2.2

View Set

S 310 Collins Final/Daily Quizzes (Hell)

View Set

Operating Systems - Chapter Quiz 11 - 21

View Set

Physical Science: Extension I Quiz

View Set

8.2 Review - Accepting or Rejecting Special Orders

View Set

Present Simple vs. Present Continuous

View Set