CYBR1-Domain 1.0 Review MC-Format (N10-008) (NEEDS WORK)
Which of the following is a feature that is not found in a traditional firewall product, but which might be found in a Next-Generation Firewall (NGFW)? A. Stateful packet inspection B. Deep Packet Inspection (DPI) C. Network Address Translation (NAT) D. Virtual Private Network (VPN) support
. B. DPI is a firewall technique that examines the data carried in packets and not just the protocol headers. While traditional firewalls typically do not support DPI, NGFWs often do. Stateful packet inspection, NAT, and VPN support are all features that are commonly supported by traditional firewall products.
A multilayer switch typically functions at which layers of the OSI reference model? (Choose two.) A. Data link B. Network C. Transport D. Application
A, B. All switches operate at the data link layer of the OSI model, but multilayer switches usually also function as routers, which are network layer devices. They are not usually transport or application layer devices.
Which of the following TCP/IP routing protocols measures the efficiency of routes by the number of hops between the source and the destination? A. Routing Internet Protocol (RIP) B. Open Shortest Path First (OSPF) C. Border Gateway Protocol (BGP) D. Intermediate System to Intermediate System (IS-IS)
A. RIP is a distance vector protocol, which uses hop counts to measure the efficiency of routes. OSPF, BGP, and IS-IS are all link state protocols, which do not rely on hop counts.
HVAC systems can use the Internet of Things (IoT) to monitor which of the following? (Choose all that apply.) A. Temperature B. Pressure C. Humidity D. Printers E. Occupancy F. Cameras G. Door locks
A, B, C, E. HVAC sensors can measure temperatures and humidity in climate-controlled areas, such as datacenters; atmospheric pressure in devices like boilers and compressors; and occupancy, to control conditions based on the presence of people. Printers, cameras, door locks, and other physical access control devices are not part of an HVAC system.
Which of the following statements about the Open Shortest Path First (OSPF) routing protocol are true? (Choose all that apply.) A. OSPF is an interior gateway protocol. B. OSPF is a link state routing protocol. C. OSPF does not support Classless Inter-Domain Routing (CIDR). D. OSPF shares routes within an autonomous system.
A, B, D. OSPF does support CIDR. All of the other options contain true statements.
Which of the following statements about switches and routers are true? (Choose all that apply.) A. Routers operate at the network layer, whereas switches operate at the data link layer. B. All of the devices connected to a switch are part of a single broadcast domain, whereas the networks connected to a router form separate broadcast domains. C. Routers can communicate with each other and share information, but switches cannot. D. Switches forward packets based on their hardware addresses, whereas routers forward packets based on their IP addresses.
A, B, D. Routers are network layer devices that do not forward broadcast messages, so they create separate broadcast domains for each network. Switches do forward broadcasts, forming a single broadcast domain. Routers and switches can communicate using dedicated protocols. As data link layer devices, switches read only hardware addresses from packet frames; routers forward traffic based on the IP addresses in packets' IP headers.
Which of the following explains why splitting a large, switched Ethernet LAN into two LANs by adding a router can help to alleviate traffic congestion and improve performance? (Choose all that apply.) A. Adding a router reduces the amount of broadcast traffic on each of the two LANs. B. Adding a router reduces the amount of unicast traffic on each of the two LANs. C. Adding a router diverts traffic to an alternate path through the network. D. Adding a router prevents computers on one LAN from communicating with computers on another LAN.
A, B. Adding a router splits the Ethernet LAN into two LANs, creating two separate broadcast domains. Each computer, therefore, has a smaller number of broadcast messages to process. Because the network is split by the router, the amount of unicast traffic on each subnet is reduced.
Which of the following are techniques used in traffic shaping to prevent networks from being overwhelmed by data transmissions? (Choose all that apply.) A. Bandwidth throttling B. Rate limiting C. Broadcast storming D. Network Address Translation (NAT)
A, B. Bandwidth throttling is a traffic shaping technique that prevents specified data streams from transmitting too many packets. Rate limiting is a traffic shaping technique that controls the transmission rate of sending systems. A broadcast storm is a type of network switching loop. NAT is a method by which private networks can share registered IP addresses. Neither of these last two is a traffic shaping technique.
Which of the following hub types are supported by the 100Base-TX physical layer specification? (Choose all that apply.) A. Class I B. Class II C. Class III D. Class IV
A, B. The 100Base-TX specification specifies two hub types: Class I and II. Class I hubs perform signal translation; Class II hubs do not. A network can have only one Class I hub per collision domain; a network can have two Class II hubs per collision domain. The other options do not exist
Which of the following protocols can be used by wireless controllers to communicate with the Access Points (APs) on a Wireless Local Area Network (WLAN)? Choose all that apply. A. CAPWAP B. LWAPP C. LDAP D. PPTP
A, B. The Control and Provisioning of Wireless Access Points (CAPWAP) protocol and the Lightweight Access Point Protocol (LWAPP) are both protocols that enable wireless controllers to manage and control Access Points (APs). Lightweight Directory Access Protocol (LDAP) is used by directory services, and Point-to-Point Tunneling Protocol (PPTP) is used for virtual private networking.
What must you do to configure a firewall to admit File Transfer Protocol (FTP) traffic to the internal network using its default port settings? (Choose all that apply.) A. Open port 20 B. Open port 21 C. Open port 22 D. Open port 23 E. Open port 24
A, B. The FTP protocol uses two well-known ports: 20 and 21. A firewall must have both of these ports open to admit FTP traffic. FTP does not require ports 22, 23, or 24.
Which of the following network layer protocols includes a Time to Live (TTL) field? (Choose all that apply.) A. IPv4 B. IPv6 C. ICMP D. IGMP
A, B. The Internet Protocol (IP) in both of its versions (IPv4 and IPv6) includes a TTL field in its message header that limits the number of times a packet can be routed on a network. Each router processing the packet reduces the TTL value by one until it reaches zero, after which it is discarded. The Internet Control Message Protocol (ICMP) and the Internet Group Management Protocol (IGMP) do not have a TTL field.
Which of the following cable types can be used to connect an MDI port on a workstation to an Auto-MDI-X port on an Ethernet switch? (Choose all that apply.) A. A crossover twisted pair cable B. A straight-through twisted pair cable C. A coaxial cable D. A single-mode fiber optic cable E. A multimode fiber optic cable
A, B. When connecting an MDI port to an Auto-MDI-X port, it is possible to use either a straight-through or a crossover cable because the Auto-MDI-X port can self-adjust to implement the necessary crossover circuit if it is needed. MDI and Auto-MDI-X ports are used only with twisted pair cables, so there is no need for coaxial or fiber optic cables.
Which of the following are methods typically used by Intrusion Detection Systems (IDSs) to analyze incoming network traffic? (Choose all that apply.) A. Anomaly-based detection B. Behavior-based detection C. Signature-based detection D. Statistic-based detection
A, C. IDSs can use anomaly-based detection to identify deviations from a known baseline of trustworthiness, or signature-based detection to locate specific malicious byte or instruction sequences. Behavior-based and statistic-based detection are not typical IDS methods
Which of the following devices enable users on private networks to access the Internet by substituting a registered IP address for their private addresses? (Choose all that apply.) A. NAT router B. RADIUS server C. Proxy server D. UTM appliance
A, C. Network Address Translation (NAT) is a network layer device that converts the private IP addresses of all of a client's transmissions to registered IP address. NAT therefore works for all applications. A proxy server is an application layer device that performs the same type of conversion, but only for specific applications. A Remote Authentication Dial-In User Service (RADIUS) server can provide Authentication, Authorization, Accounting, Auditing (AAAA) services for remote access servers. It does not convert IP addresses. A unified threat management (UTM) appliance typically performs VPN, firewall, and antivirus functions. It too does not convert IP addresses.
Which of the following routing protocols can you use on a TCP/IP internetwork with segments running at different speeds, making hop counts an inaccurate measure of route efficiency? (Choose all that apply.) A. Enhanced Interior Gateway Routing Protocol (EIGRP) B. Routing Information Protocol (RIP) C. Open Shortest Path First (OSPF) D. Border Gateway Protocol (BGP)
A, C. OSPF is a link state routing protocol, which means that it does not rely solely on hop counts to measure the relative efficiency of a route. EIGRP is a hybrid protocol that can use link state routing. RIP is a distance vector routing protocol, meaning that it uses hop counts to measure route efficiency. BGP is an exterior gateway protocol that exchanges routing information among autonomous systems using path vectors or distance vectors
Which of the following problems is the Spanning Tree Protocol (STP) intended to prevent? (Choose all that apply.) A. Broadcast storms B. Late collisions C. Bridging loops D. Crosstalk
A, C. STP disables redundant links between switches that can allow packets to circulate endlessly around the network. This is called a bridging loop. As a result of a bridging loop, the network can be flooded with broadcast traffic, which is called a broadcast storm. STP does nothing to prevent late collisions, which is an Ethernet timing problem, or crosstalk, which is a cabling fault.
Which of the following terms are used to describe the device used to place calls on a Voice over Internet Protocol (VoIP) installation? (Choose all that apply.) A. Terminal B. Gateway C. Endpoint D. PBX
A, C. VoIP uses the terms terminal and endpoint to refer to the device with which users make calls, including computers and telephone handsets. A VoIP gateway is the device that provides the conduit between an IP network and the Public Switched Telephone Network (PSTN). A VoIP private branch exchange (PBX) is a device that switches calls between endpoints on the local IP network and provides access to external Internet lines.
Which of the following statements about routers are true? (Choose all that apply.) A. Routers are network layer devices that use IP addresses to forward frames. B. Routers are data link layer devices that use Media Access Control (MAC) addresses to forward frames. C. Routers build their internal tables based on destination MAC addresses and forward frames based on source MAC addresses. D. Routers must support the network layer protocol implemented on the Local Area Network (LAN). E. Each port on a router defines a separate broadcast domain.
A, D, E. Routers are network layer devices that use IP addresses to forward frames, not MAC addresses. Routers are protocol dependent. They must support the network layer protocol being routed. As a network layer device, a router defines networks (or LANs) that represent a separate broadcast domain. Routers do not build their routing tables or forward frames using MAC addresses
Which of the following statements about Routing Information Protocol version 1 (RIPv1) is true? (Choose all that apply.) A. RIPv1 broadcasts the entire contents of the routing table every 30 seconds. B. RIPv1 advertises the subnet mask along with the destination network. C. RIPv1 broadcasts only the elements in the routing table that have changed every 60 seconds. D. RIPv1 does not include the subnet mask in its network advertisements.
A, D. Routers that are running the RIPv1 routing protocol broadcast their entire routing tables every 30 seconds, regardless of whether there has been a change in the network. RIPv1 does not include the subnet mask in its updates, so it does not support subnetting.
Which of the following command-line tools can you use to create and modify static routes on a Unix or Linux system? (Choose all that apply.) A. route B. ifconfig C. traceroute D. ip
A, D. The route command was originally created to display a Unix or Linux system's routing table and modify its contents by adding, changing, and deleting static routes. The ip command is part of the iproute2 command-line utility package, which has replaced route in many Unix and Linux distributions. Running ip with the route parameter can manipulate the routing table. The traceroute and ifconfig tools are not commands for manipulating the routing table.
Which of the following statements about static routing are true? (Choose all that apply.) A. Static routes are manually configured routes that administrators must add, modify, or delete when a change in the network occurs. B. Static routes are automatically added to the routing table by routing protocols when a new network path becomes available. C. Static routes adapt to changes in the network infrastructure automatically. D. Static routes are a recommended solution for large internetworks with redundant paths to each destination network. E. Static routes are a recommended solution for small internetworks with a single path to each destination network.
A, E. Administrators must manually add, modify, or delete static routes when a change in a network occurs. For this reason, static routes are not recommended for use in large internetworks where there are multiple paths to each destination network. Static routes are not automatically added by routing protocols and do not adapt to changes in a network
Which of the following devices can administrators use to create multiple Virtual Local Area Networks (VLANs) and forward traffic between them? A. Multilayer switch B. Virtual router C. Load balancer D. Broadband router
A. A multilayer switch is a network connectivity device that functions at both layer 2 and layer 3 of the OSI model. At layer 2, the device functions like a normal switch, providing individual collision domains to each connected node and enabling administrators to create multiple VLANs. At layer 3, the device also provides routing capabilities by forwarding packets between the VLANs. Virtual routers, load balancers, and broadband routers are strictly layer 3 devices that can route traffic but cannot create VLANs.
Which of the following is a device that switches calls between endpoints on the local IP network and provides access to external Internet lines? A. VoIP PBX B. VoIP gateway C. VoIP endpoint D. Multilayer switch
A. A private branch exchange (PBX) switches internal calls and provides access to external lines. A VoIP PBX performs the same tasks as a traditional PBX. A VoIP gateway is the device that provides the conduit between an IP network and the Public Switched Telephone Network (PSTN). A VoIP endpoint is a device that makes use of the VoIP system, such as a computer or handset. A multilayer switch is a data networking device that includes both switching and routing capabilities.
Which of the following devices can also be described as a multiport repeater? A. Hub B. Bridge C. Switch D. Router
A. A repeater is a physical layer device that regenerates incoming signals and retransmits them. A hub is a type of repeater that receives data through any one of its multiple ports and retransmits the data out through all of its other ports. Bridges and switches are data link layer devices, and routers are network layer devices. None of these three can be described as multiport repeaters.
Which of the following statements about Internet access through a proxy server accounts for the security against outside intrusion that a proxy provides? A. The proxy server uses a public IP address, and the client computers use private addresses. B. The proxy server uses a private IP address, and the client computers use public addresses. C. Both the proxy server and the client computers use private IP addresses. D. Both the proxy server and the client computers use public IP addresses.
A. Because the client computers use private IP addresses, they are invisible to the Internet, so users outside the private network cannot see or access them. The proxy server has a public IP address so it can participate in service transactions with Internet servers. If the proxy server used a private IP address, it would not be able to access the Internet directly. If the clients used public IP addresses, they would be visible to the Internet and vulnerable to intrusion
Which of the following statements is true about an Ethernet network that uses CSMA/CD? A. Collisions are a normal occurrence. B. Collisions never occur unless there is a network fault. C. Collisions cause data to be irretrievably lost. D. Collisions are the result of duplicate IP addresses.
A. Collisions are a normal occurrence on an Ethernet network; they occur when two nodes transmit at exactly the same time. There need not be a network fault for collisions to occur. When collisions occur, the nodes involved retransmit their packets so that no data is lost. Collisions are a phenomenon of data link layer protocols; they have nothing to do with IP addresses, which are network layer constructs.
What is the term for the process by which dynamic routing protocols update other routers with routing table information? A. Convergence B. Distance vectoring C. Redistribution D. Dissemination
A. Convergence is the term for the process by which routers propagate information from their routing tables to other routers on the network using dynamic routing protocols. Distance vectoring, redistribution, and dissemination do not describe this process
Which of the following switch types immediately forwards frames after looking at only the destination address? A. Cut-through B. Source route C. Store-and- forward D. Destination
A. Cut-through switches are fast, because they look at only the first six bytes (the destination Media Access Control, or MAC, address) when forwarding a frame. They do not perform a cyclical redundancy check (CRC) on the entire frame's contents prior to forwarding it out a port leading to the destination. Source route is a bridging technique in which the source host, not the switch, determines the path a frame will take through a network to reach a destination. Store-and-forward switches take in the entire frame and verify its contents by performing a CRC calculation before forwarding it. There is no switch called a destination switch.
Which of the following mechanisms for prioritizing network traffic uses a 6-bit classification identifier in the Internet Protocol (IP) header? A. Diffserv B. CoS C. Traffic shaping D. QoS E. Administrative distance
A. Differentiated services (Diffserv) is a mechanism that provides Quality of Service (QoS) on a network by classifying traffic types using a 6-bit value in the differentiated services (DS) field of the IP header. Class of Service (CoS) is a similar mechanism that operates at the data link layer by adding a 3-bit Priority Code Point (PCP) value to the Ethernet frame. Traffic shaping is a means of prioritizing network traffic that typically works by delaying packets at the application layer. Quality of Service (QoS) is an umbrella term that encompasses a variety of network traffic prioritization mechanisms. Administrative distance is a value that routers use to select the most efficient route to a destination.
An enterprise network has been designed with individual departmental switches because, in most cases, the devices in a specific department exchange network traffic with other devices in the same department. Each of the departmental switches is also connected to a host switch, which enables devices to communicate with other departments. Which of the following terms describes this switching architecture? A. Distributed switching B. Port forwarding C. Traffic shaping D. Neighbor discovery E. Flow control
A. Distributed switching describes a hierarchical switching architecture in which remote switches (departmental switches in this case) handle most of the network traffic, with a host switch used only for traffic between the remote locations. Port forwarding is a routing method that redirects traffic intended for one IP address and port number to another. Traffic shaping is a series of techniques that optimize the allocation of network bandwidth. Neighbor discovery is an IPv6 technique used to find addresses of devices and services on the local network. Flow control is a technique for regulating a system's transmission speed.
Which of the following statements about the Enhanced Interior Gateway Routing Protocol (EIGRP) is not true? A. EIGRP does not support classless IPv4 addresses. B. EIGRP is a hybrid routing protocol. C. EIGRP can only transmit incremental routing table updates. D. EIGRP shares routes within an autonomous system.
A. EIGRP can support classless IPv4 addresses. It was designed to replace the Interior Gateway Routing Protocol (IGRP), which could not support classless addresses. All of the other options contain true statements.
Which of the following types of routing protocols route datagrams between autonomous systems? A. EGP B. RIP C. IGP D. OSPF
A. Exterior Gateway Protocol (EGP) routes datagrams between autonomous systems. Interior Gateway Protocol (IGP) routes datagrams within an autonomous system. Routing Information Protocol (RIP) and Open Shortest Path First (OSPF) are examples of interior gateway protocols.
For the Carrier-Sense Multiple Access with Collision Detection (CSMA/CD) mechanism to function properly on an Ethernet network, host systems must be able to detect when a collision occurs, so they can react to it. Which of the following cabling errors can prevent the collision detection process from functioning properly? A. Excessively long cable segments B. Incorrect wiring pinouts C. Too many systems on a single network D. An excessive number of collisions
A. For CSMA/CD to function properly, a system must detect a packet collision while it is transmitting the packet. If cable segments are too long, the packet might leave the transmitting system before the collision is detected, resulting in a late collision, which cannot be retransmitted. Incorrect pinouts, too many systems, and excessive collisions typically will not prevent the collision detection system from occurring.
Which of the following network devices are "dumb"—that is, purely electrical devices with no electronic intelligence? A. Hubs B. Switches C. Routers D. Bridges
A. Hubs are network devices that simply receive signals through one port, electrically enhance them, and transmit them out through another port. Routers, switches, and bridges are capable of reading the signals and processing them, which classifies them as intelligent.
Which of the following statements about hubs is not true? A. Hubs are data link layer devices that connect network devices in a star or ring topology. B. Hubs amplify and repeat signals received through one port out all other ports regardless of the destination. C. Hubs are physical layer devices that connect network devices in a star topology. D. Hubs provide internal crossover circuits and use uplink ports to form a hierarchical star.
A. Hubs are physical layer devices that amplify and repeat signals out all ports except the one through which the data was received, regardless of the destination. Hubs are used to physically connect end systems to a star topology. Hubs typically provide an internal crossover circuit connection. Uplink ports are used to extend the distance of a star network, forming a hierarchical star.
Five computers are connected to the same switch, but only four are able to communicate with each other. Assuming that all of the hardware is functioning properly, which of the following could be a reason for the fifth computer's communication problem? A. The switch has the fifth computer connected to a Virtual Local Area Network (VLAN) that's different from that of the other four. B. The network is experiencing a switching loop. C. The fifth computer is experiencing an MTU black hole, whereas the other four computers are not. D. There is a virtual router between the fifth computer and the other four.
A. If the fifth computer is in a different VLAN from the other four, it would be unable to communicate with them. A switching loop would affect communication between all of the computers, not just the fifth one. An MTU black hole is a condition in which a system is unable to complete the Path MTU Discovery process, due to an intervening firewall. Because these five computers are all on the same LAN, they all have the same MTU, and Path MTU Discovery is not necessary. A virtual router would enable switched computers on different subnets to communicate with each other; it would not prevent them from communicating.
Which of the following devices can an administrator use to monitor a network for abnormal or malicious traffic? A. IDS B. UPS C. RADIUS D. DoS E. RAS
A. Intrusion Detection Systems (IDSs) are designed to monitor network traffic for anomalies and send notifications to administrators. Uninterruptible power supplies (UPSs), Remote Authentication Dial-In User Service (RADIUS) servers, Denial-of-Service (DoS) attacks, and Remote Access Service (RAS) servers all have nothing to do with network monitoring.
Ralph is installing an Ethernet Local Area Network (LAN) for a small business with two offices on opposite sides of a courtyard. Ralph plans to run a multimode fiber-optic cable across the courtyard, but the budget is limited, and he cannot use fiber for the whole network. Therefore, he installs Unshielded Twisted Pair (UTP) cable in the two offices, which have 10 and 12 workstations, respectively. Which of the following devices should Ralph use to join the two UTP installations together into one LAN using the fiber-optic run across the courtyard, while keeping the cost to a minimum? A. Media converters B. Hubs C. Switches D. Routers
A. Media converters will enable Ralph to join the multimode fiber-optic run to the UTP at both sides of the courtyard while maintaining a single network at minimum cost. Inexpensive small-business hubs and switches cannot join different media together. Routers can join different media, but they are more expensive, and they would separate the installation into three separate networks
Which of the following TCP/IP routing protocols does not include the subnet mask within its route update messages, preventing it from supporting subnetting? A. Routing Information Protocol, version 1 (RIPv1) B. Routing Information Protocol, version 2 (RIPv2) C. Border Gateway Protocol (BGP) D. Open Shortest Path First (OSPF)
A. RIPv1 does not include the subnet mask in its updates. RIPv2 supports subnetting and includes the subnet mask of each network address in its updates. OSPF and BGP both include the subnet mask within their updates.
Routers that use the Open Shortest Path First (OSPF) routing protocol calculate the relative costs of routes through the network by exchanging which of the following specifications for each interface with other routers? A. Transmission speed B. Data link layer protocol C. Network medium D. IP address
A. Routers that use OSPF transmit the speed of each network interface with the other OSPF routers in the network. This enables the routers to evaluate the cost of various routes through the network and transmit packets using the route with the smallest cost value. The routers do not need to share information about the data link layer protocols or network media they use or their IP addresses.
Which of the following types of systems are frequently used to collect information from Intrusion Detection Systems (IDSs)? A. SIEM B. NGFW C. RADIUS D. VoIP
A. Security Information and Event Management (SIEM) systems can function as a central clearinghouse for information gathered by IDSs and other security processes. Next Generation Firewall (NGFW), Remote Authentication Dial-In User Service (RADIUS), and Voice over IP (VoIP) are not systems that collect IDS information.
In an IPv4 routing table, what is the network destination address for the host system's default route? A. 0.0.0.0 B. 127.0.0.0 C. 127.255.255.255 D. 255.255.255.255
A. The default route in an IPv4 routing table always has a destination address of 0.0.0.0. The other destinations are found in a routing table, but they are not the default route destination.
Which of the following network devices does not employ Access Control Lists (ACLs) to restrict access? A. Routers B. Hubs C. Switches D. Wireless Access Points (WAPs)
B. ACLs restrict access to network devices by filtering usernames, MAC addresses, IP addresses, or other criteria. Routers, switches, and WAPs all use ACLs to control access to them. Hubs are purely physical layer devices that relay electrical or optical signals. They have no way of controlling access to them.
A multilayer switch can operate at which layers of the Open Systems Interconnection (OSI) model? (Choose all that apply.) A. Physical B. Data link C. Network D. Transport E. Session F. Presentation G. Application
B, C, D. A multilayer switch typically operates at the data link, and network layers, assuming the functions of a switch and a router by using Media Access Control (MAC) addresses at the data link layer (layer 2) and IP addresses at the network layer (layer 3) to forward packets to their appropriate destinations. Some switches also function at the transport layer (layer 4) by distinguishing between User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) traffic and using port numbers to forward packets.
Which of the following devices run exclusively at the physical layer of the Open Systems Interconnection (OSI) model? (Choose all that apply.) A. Routers B. Hubs C. Repeaters D. Switches
B, C. A repeater is a physical layer device that amplifies the signals entering it and transmits them again. A hub is a physical layer device that propagates incoming signals out through all of its ports. Switches and routers have physical layer elements but are primarily data link and network layer devices, respectively
Which of the following devices perform essentially the same function? (Choose two.) A. Hubs B. Bridges C. Switches D. Routers
B, C. A switch is essentially a multiport bridge. Both switches and bridges process incoming packets by scanning their data link layer hardware addresses and forwarding the packets out the port connected to the destination system. The primary difference between them is that switches have many ports, whereas bridges have only two. Hubs and routers are physical layer and network layer devices, respectively, and perform different functions.
Which of the following statements about hubs and switches are true? (Choose all that apply.) A. Hubs operate at the physical layer, whereas switches operate at the network layer. B. All of the devices connected to a hub are part of a single collision domain, whereas each device connected to a switch has its own collision domain. C. There are switches available with network layer functionality, but there are no hubs with that capability. D. Switches create a separate broadcast domain for each connected device, whereas hubs create a single broadcast domain for all of the connected devices.
B, C. Hubs operate at the physical layer and switches at the data link layer. Hubs and switches both create a single broadcast domain for all of the connected devices. Switches create a separate collision domain for each connected device, whereas hubs create a single collision domain. There are switches (but not hubs) with network layer (layer 3) functionality
Which of the following technologies is typically associated with virtual PBX services? A. Quality of Service (QoS) B. Voice over IP C. CARP D. Round-robin DNS
B. A virtual PBX is an arrangement in which a telephone company provides the PBX services to a customer but maintains the actual hardware at their own facility. The recent emphasis on cloud computing has led to a number of hosted PBX solutions that use Voice over IP (VoIP) to provide services to customers. QoS is a technique for prioritizing traffic by tagging packets based on their content. It is not a virtual PBX technique. The Cache Array Routing Protocol (CARP) enables proxy servers to exchange information; it does not provide virtual PBX services. In round-robin DNS, a DNS server contains multiple resource records for the same server name, each with a different IP address representing one of the computers running the server application. When a client resolves the server name, the DNS server accesses each of the resource records in turn so that each address theoretically receives the same number of visitors. This is not a virtual PBX technology
Which of the following statements about proxy servers and NAT servers are true? (Choose all that apply.) A. NAT servers and proxy servers can both provide Internet access to clients running any application. B. NAT servers and proxy servers both use public IP addresses. C. NAT servers and proxy servers both access Internet servers and relay the responses to network clients. D. Both NAT servers and proxy servers cache web data for later use.
B, C. To provide clients with Internet access, a NAT or proxy server must have direct access to the Internet, which requires using a registered, or public, IP address. Both NAT and proxy servers function as the middleman in transactions between the client computers on a private network and Internet servers. The NAT or proxy server transmits the client's service request to the Internet server as though it was its own and, after receiving the reply, relays the response back to the client. Because NAT servers function at the network layer, clients can use any application to access the Internet through the server. Proxy servers, however, operate at the application layer and can provide Internet access only to certain types of client applications. Proxy servers are capable of caching web data for later use, because they are application layer devices that read the application layer protocol data in the message packets they receive. NAT servers are network layer processes that forward packets with no knowledge of the application layer information in their contents.
A VPN headend is an advanced type of which of the following devices? A. Switch B. Router C. Gateway D. Bridge
B. A Virtual Private Network (VPN) headend is a type of router that enables multiple client systems to access a network from remote locations. Because the device provides an interface between networks, it is considered to be a type of router, not a switch, a gateway, or a bridge.
Which of the following devices can split a single network into two collision domains while maintaining a single broadcast domain? A. Hub B. Bridge C. Switch D. Router E. Repeater
B. A bridge can split a single network into two collision domains, because it forwards only the packets that are destined for the other side of the bridge. The bridge forwards all broadcast packets, so it maintains a single broadcast domain. A hub maintains a single collision domain and a single broadcast domain. A switch creates a separate collision domain for each port, and a single broadcast domain for the entire network. A router creates two collision domains, but it does not forward broadcasts, so there are two broadcast domains as well. A repeater is a physical layer device that amplifies signals; it does not affect collision domains.
A load balancer is a type of which of the following devices? A. Switch B. Router C. Gateway D. Firewall
B. A load balancer is a type of router that forwards traffic with a single IP address to multiple servers in turn. In most cases, a load balancing router works by processing incoming traffic based on rules set by the administrator. Because a load balancer works with IP addresses, it is a network layer device. Load balancers are not switches, gateways, or firewalls.
What is the maximum number of routes that can be included in a single RIP broadcast packet? A. 20 B. 25 C. 32 D. Unlimited
B. A single RIP broadcast packet can include up to 25 routes. If there are more than 25 routes in the computer's routing table, then RIP must generate additional packets.
Which of the following is another term for a multiport bridge? A. Router B. Switch C. Hub D. Gateway
B. A switch is a data link layer device that essentially performs the function of a bridge for each device connected to one of its ports. It can therefore be described as a multiport bridge. Routers, hubs, and gateways are devices that operate at the network, physical, and application layers, respectively, so they cannot be described as bridges.
When a packet collision between two systems occurs on an Ethernet network, Carrier-Sense Multiple Access with Collision Detection (CSMA/CD) causes the two systems to stop transmitting and generate a jam signal. After sending the jam signal, why do the two systems wait for a randomized backoff interval before retransmitting their packets? A. They need time to reassemble the packets. B. To prevent another collision from occurring. C. They need to rebuffer the packet. D. To recalculate the packets' checksum values.
B. After transmitting their jam signals, the two systems wait for a randomized interval. This is to prevent them from retransmitting their packets at the same time, resulting in another collision. It is not necessary for the systems to reassemble, rebuffer, or recalculate checksums for their packets.
Which of the following statements about the Border Gateway Protocol (BGP) is not true? A. BGP is an exterior gateway protocol. B. BGP is a link state routing protocol. C. BGP supports Classless Inter-Domain Routing (CIDR). D. BGP shares routes among autonomous systems.
B. BGP is a path vector routing protocol, not a link state routing protocol. All of the other options contain true statements.
Which of the following statements about bridges and switches is true? A. Bridges and switches are network layer devices that use logical addressing to forward frames. B. Bridges and switches are data link layer devices that use Media Access Control (MAC) addresses to forward frames. C. Bridges and switches build their internal tables based on destination addresses and forward packets based on source addresses. D. Bridges and switches must support the network layer protocol implemented on the Local Area Network (LAN). E. Each port on a bridge or switch defines a separate broadcast domain.
B. Bridges and switches are data link layer devices that forward frames based on the destination MAC address contained in the frame. They operate in promiscuous mode, listening and processing all frames on each segment, and they build forwarding tables with this information. Forwarding tables are built based on source MAC addresses. Bridges are protocol independent; they are not involved with the upper layer protocols being carried on the LAN. Broadcast domains are defined by network layer devices, not data link layer devices.
In local area networking, which of the following is not a type of bridge? A. Store and forward B. Routing C. Transparent D. Multiport
B. Bridges are data link layer (layer 2) devices. Routing is a network layer (layer 3) function, so it is not a type of bridge. A store-and-forward, or simple, bridge examines each packet and decides whether to forward it to the connected network. A transparent bridge compiles a database of forwarding information, based on the packets it has processed previously. A multiport bridge provides connections to multiple networks; a switch is a type of multiport bridge
Virtual Local Area Networks (VLANs) create the administrative boundaries on a switched network that are otherwise provided by which of the following devices? A. Hubs B. Routers C. Firewalls D. Bridges
B. Connecting subnets with routers at the network layer maintains the data link layer administrative boundaries that prevent broadcast transmissions from being propagated throughout the entire internetwork. Switching eliminates those data link layer boundaries, and administrators can use VLANs to simulate them. Because hubs propagate all of the traffic they receive out through all of their ports indiscriminately, they create no administrative boundaries. Firewalls are filtering devices that protect networks against malicious traffic; their functions are not related to VLANs. Switches are essentially multiport bridges that forward incoming traffic only to the device for which it is destined. Therefore, bridges are more closely related to eliminating administrative boundaries than to establishing them
Which of the following is a protocol that identifies VLANs by inserting a 32-bit field in the Ethernet frame? A. IEEE 802.1P B. IEEE 802.1Q C. IEEE 802.1X D. IEEE 802.1AB E. IEEE 802.1AX
B. IEEE 802.1Q is a standard defining a mechanism (called Ethernet trunking by some manufacturers) that identifies the Virtual Local Area Network (VLAN) to which a packet belongs by inserting an extra 32-bit field into its Ethernet frame. IEEE 802.1P is a standard that defines a mechanism for implementing Quality of Service (QoS) at the data link layer by adding a 3-bit field into Ethernet frames. IEEE 802.1X is a standard defining an authentication mechanism called Port-based Network Access Control (PNAC). IEEE 802.1AB is a standard defining the Link Layer Discovery Protocol (LLDP). IEEE 802.1AX is a specification for the Link Aggregation Control Protocol (LACP), which is a mechanism for combining physical ports into a single logical channel.
Which of the following devices enables administrators of enterprise wireless networks to manage multiple Access Points (APs) from a central location? A. Hypervisor B. Wireless controller C. Wireless endpoint D. Demarcation point
B. In many enterprise wireless networks, the Access Points (APs) do not run a full operating system and are called thin or lightweight APs. The network also has a device called a wireless controller that performs some of the required tasks and manages the APs. A wireless endpoint is another term for a computer or other device that is a client on the wireless network. Hypervisors and demarcation points have nothing to do with wireless networking. A hypervisor creates and manages Virtual Machines (VMs) on a host server, and a demarcation point is the interface between a private network and an outside telecommunications service.
Which of the following features enables an Intrusion Detection System (IDS) to monitor all of the traffic on a switched network? A. Stateful packet inspection B. Port mirroring C. Trunking D. Service-dependent filtering
B. Port mirroring is a feature found in some switches that takes the form of a special port that runs in promiscuous mode. This means that the switch copies all incoming traffic to that port, as well as to the dedicated destination ports. By connecting an IDS or protocol analyzer to this port, an administrator can access all of the network's traffic. Stateful packet inspection is a firewall feature that enables the device to examine network and transport layer header fields, looking for patterns that indicate damaging behaviors, such as IP spoofing, SYN floods, and teardrop attacks. Trunking is a switch feature that enables administrators to create VLANs that span multiple switches. Service-dependent filtering is a firewall feature that blocks traffic based on transport layer port numbers.
A small business office currently has a 100Base-TX Ethernet network with a single 8-port hub. All of the hub ports are populated, and the business owner wants to expand the network further. However, the hub does not have an uplink port. The owner has purchased a new hub, also with eight ports, which does have an uplink port, but he does not know how to connect them together. What must the owner do to install the new hub on the network? A. Use a standard patch cable to connect a standard port on the existing hub to a standard port on the new hub. B. Use a standard patch cable to connect a standard port on the existing hub to the uplink port on the new hub. C. Purchase a crossover cable and use it to connect a standard port on the existing hub to the uplink port on the new hub. D. Purchase a second new hub with an uplink port to replace the old one and use a standard patch cable to connect the two uplink ports together.
B. Standard hub ports have a crossover circuit, which ensures that the transmit signals at one end of the connection arrive at the receive pins at the other end. The uplink port in a hub bypasses the crossover circuit, so that two connected hubs do not have crossover circuits that cancel each other out. A connection between a standard port and an uplink port, using a standard cable, results in a single crossover, which is correct wiring. Each of the other solutions results in either two crossovers or no crossovers, which is incorrect.
Which of the following does a switch use to forward incoming packets out through the correct ports? A. IP addresses B. MAC addresses C. DNS names D. MTU values
B. Switches use Media Access Control (MAC) addresses to identify the ports associated with specific hosts. The switch reads the destination MAC address from each incoming packet and forwards it out through the port associated with that address. Switches are data link layer devices, so they do not use IP addresses or DNS names to forward packets. The Maximum Transmission Unit (MTU) value specifies the maximum size of data link layer frames; the switch does not use it to forward packets.
Which of the following TCP/IP parameters, configured on an end system, specifies the Internet Protocol (IP) address of a router on the local network that provides access to other networks? A. WINS Server Addresses B. Default Gateway C. DNS Server Addresses D. Subnet Gateway
B. The Default Gateway parameter specifies the address of the local router that the end system should use to access other networks. The WINS Server Addresses and DNS Server Addresses parameters are used to resolve names to IP addresses. There is no such parameter as Subnet Gateway.
Which of the following is a network layer protocol that uses ICMPv6 messages to locate routers, DNS servers, and other nodes on an IPv6 network? A. BGP B. NDP C. OSPF D. PoE
B. The Neighbor Discovery Protocol (NDP) is a network layer protocol that defines five new Internet Control Message Protocol version 6 (ICMPv6) packet types, which enable IPv6 systems to locate resources on the network, such as routers and DNS servers, as well as autoconfigure and detect duplicate IPv6 addresses. Border Gateway Protocol (BGP) is an exterior gateway protocol that is designed to exchange routing information among autonomous systems. Open Shortest Path First (OSPF) is a link state routing protocol that enables routers to exchange routing table information. Power over Ethernet (PoE) is a general term for standards defining mechanisms for power delivery over Ethernet cables, along with data signals.
Which of the following protocols prevents network switching loops from occurring by shutting down redundant links until they are needed? A. RIP B. STP C. VLAN D. NAT E. ARP
B. The Spanning Tree Protocol (STP) prevents packets from endlessly looping from switch to switch due to redundant links. Creating redundant links is a good preventive against switch failure, but packets transmitted over multiple links can circulate from switch to switch infinitely. STP creates a database of switching links and shuts down the redundant ones until they are needed. Routing Information Protocol (RIP) propagates routing table information. A Virtual Local Area Network (VLAN) is an organizational tool that operates within switches by creating multiple broadcast domains. Network Address Translation (NAT) is a routing method that enables private networks to share registered IP addresses. Address Resolution Protocol (ARP) is a protocol that discovers a system's MAC address by broadcasting its IPv4 address.
Which of the following is not one of the five functional levels associated with a distributed control system such as Supervisory Control and Data Acquisition (SCADA) systems? A. Field level B. Remote access C. Direct control D. Plant supervisory E. Production control F. Production scheduling
B. The five functional levels in a distributed control system such as SCADA are field level, direct control, plant supervisory, production control, and production scheduling. Remote access is not one of the levels.
Which of the following is the correct term for the process by which the Spanning Tree Protocol (STP) on a switch evaluates the paths through the network and places each port in the forwarding or blocking state? A. Assimilation B. Convergence C. Tree-building D. Listening
B. The process by which STP populates its database with information about each port in a switch and designates the ports as forwarding or blocking is called convergence. Assimilation, tree-building, and listening are not terms for STP path evaluation.
Which of the following is not a method of traffic shaping? A. Rate limiting B. WAN optimization C. Bandwidth throttling D. Self-limiting
B. WAN optimization is not a form of traffic shaping, because it compresses data streams and transmits incremental file updates. Traffic shaping uses techniques like rate limiting, bandwidth throttling, and self-limiting to delay the transmission of specific types of data packets to optimize network performance.
Which two of the following functions is the multifunction device on a home or small office network known as a broadband router least likely to provide? (Choose two.) A. Wireless Access Point (WAP) B. Switch C. Proxy server D. DHCP server E. VPN server
C, E. Broadband routers generally do not function as proxy servers, which are application layer devices used to regulate access to the Internet. They are also typically not Virtual Private Network (VPN) server, which enable multiple remote VPN clients to connect to the network. Many broadband routers are also WAPs, enabling users to construct a LAN without a complicated and expensive cable installation. Many broadband routers have switched ports for connections to wired devices, such as printers and computers. Most broadband routers use DHCP to assign IP addresses to devices on the private network.
Which of the following could be a valid MAC address for a network interface adapter? A. 10.124.25.43 B. FF:FF:FF:FF:FF:FF C. 00:1A:6B:31:9A:4E D. 03:AE:16:3H:5B:11 E. fe80::89a5:9e4d:a9d0:9ed7
C. A Media Access Control (MAC) address is a 6-byte hexadecimal value, with the bytes separated by colons, as in 00:1A:6B:31:9A:4E. Option A, 10.124.25.43, is all decimals and uses periods; this is an IPv4 address. Option B, FF:FF:FF:FF:FF:FF, is a valid MAC address, but this value is reserved for use as a broadcast address. Option D, 03:AE:16:3H:5B:11, is not a valid hexadecimal address, which should contain only numerals and the letters A to F. Option E, fe80::89a5:9e4d:a9d0:9ed7, is too long for a MAC address; this is a valid IPv6 address.
Which of the following devices enables you to use a standard analog telephone to place calls using the Internet instead of the Public Switched Telephone Network (PSTN)? A. Proxy server B. VPN headend C. VoIP gateway D. UTM appliance
C. A VoIP gateway is a device that provides a conduit between an IP network and the Public Switched Telephone Network (PSTN). The gateway enables standard telephones connected to the PSTN to place calls using VoIP services on the Internet. A proxy server is an application layer device that provides web browsers and other client programs to access the Internet. A Virtual Private Network (VPN) headend enables multiple client systems to access a network from remote locations. A unified threat management (UTM) appliance typically performs VPN, firewall, and antivirus functions.
Which of the following is something that only a firewall capable of stateful packet inspection can do? A. Filter traffic-based port numbers B. Block traffic destined for specific IP addresses C. Scan transport layer header fields for evidence of SYN floods D. Block all TCP traffic from entering a network
C. A firewall that supports stateful packet inspection examines other network and transport layer header fields, looking for patterns that indicate damaging behaviors, such as IP spoofing, SYN floods, and teardrop attacks. Port number filtering is the most commonly used form of packet filtering; it is not the same as stateful packet inspection. Blocking traffic based on IP addresses prevents specific systems from accessing a network; stateful packet inspection is a much more complicated operation. Packet filtering based on protocol identifiers enables you to block TCP traffic; this is not stateful packet inspection.
Which of the following is the true definition of the term modem? A. A device that connects a computer to the Public Switched Telephone Network (PSTN) B. A device that connects a Local Area Network (LAN) to the Internet C. A device that converts analog signals to digital signals and back again D. A device that connects a Local Area Network (LAN) to a Wide Area Network (WAN)
C. A modem (modulator/demodulator) is any device that converts analog signals to digital signals and digital signals back to analog signals. The digital device does not have to be a computer, and the analog device does not have to be the PSTN. There are many devices that are incorrectly referred to as modems, such as devices that connect a digital LAN to a digital WAN or all-digital devices that connect computers to the Internet.
Ralph is a freelance network consultant installing a three-node small business network. The computers are all in the same room and use wired Ethernet to connect to the switched ports of a multifunction device. The device also functions as a Network Address Translation (NAT) router for a cable modem connection to the Internet. NAT provides a measure of security, but Ralph wants to be sure that the network is protected from unauthorized Internet traffic and attacks against open ports. Which of the following solutions would enable Ralph to accomplish this goal with the minimum cost to the client? A. Install a hardware firewall between the multifunction device and the cable modem. B. Install an Intrusion Prevention System (IPS) between the multifunction device and the cable modem. C. Install a personal firewall on each of the computers. D. Connect an Intrusion Detection System (IDS) to one of the switched ports in the multifunction device. E. Use a port scanner to monitor the traffic entering the open ports on the computers.
C. A personal firewall is an inexpensive way to protect an individual computer from Internet incursions. Installing a hardware firewall is a complex and expensive solution, not suitable for a small network. An IPS is a relatively expensive solution, suitable for larger networks. An IDS is also expensive, and connecting it to a switched port would not enable it to protect the other computers on the network. A port scanner is a device that performs scans on demand. It does not continuously monitor ports, and it does nothing to protect them.
Which of the following is a correct term describing the function of a switch? A. Layer 2 router B. Ethernet hub C. Multiport bridge D. Layer 3 repeater
C. A switch is best described as a multiport bridge, because it reads the hardware addresses of incoming packets and forwards them out through the port for the destination node. Although a switch does function at layer 2 of the OSI model (the data link layer), it is not a router, which connects networks together at layer 3 (the network layer). Hubs and repeaters are physical layer (layer 1) devices that are not capable of performing the functions of a switch.
Which of the following statements about content filtering in firewalls is true? A. Content filters examine the source IP addresses of packets to locate potential threats. B. Content filters enable switches to direct packets out through the correct port. C. Content filters examine the data carried within packets for potentially objectionable materials. D. Content filters use frequently updated signatures to locate packets containing malware.
C. Content filters are a firewall feature that examines the data inside packets, rather than their origin, to locate objectionable material. They do not scan IP addresses, nor do they detect typical types of malware. Content filters are not implemented in switches.
Which of the following devices expands on the capabilities of the traditional firewall by adding features like Deep Packet Inspection (DPI) and an Intrusion Prevention System (IPS)? A. RADIUS server B. CSU/DSU C. NGFW D. Proxy server
C. Next-Generation Firewalls (NGFWs) expand on the packet filtering capabilities of traditional firewalls by adding features such as DPI and IPSs, as well as inspection of encrypted traffic and antivirus scanning. Remote Authentication Dial-In User Service (RADIUS) servers can provide centralized Authentication, Authorization, Accounting, Auditing (AAAA) services. A CSU/DSU is a device that provides a router on a private network with access to a leased line. A proxy server is an application layer service that receives Internet service requests from client computers, reads the application layer protocol data in each request, and then generates its own request for the same service and transmits it to the Internet server the client specifies.
Which of the following is not a function that is typically provided by a unified threat management (UTM) appliance? A. Virtual private networking B. Network firewall C. Packet forwarding D. Antivirus protection
C. Packet forwarding is a function typically associated with routers and is not a normal function of a UTM appliance. UTM appliances do typically perform VPN, firewall, and antivirus functions.
Ralph, the administrator of a 500-node private internetwork, is devising a plan to connect the network to the Internet. The primary objective of the project is to provide all of the network users with access to web and email services while keeping the client computers safe from unauthorized users on the Internet. The secondary objectives of the project are to avoid having to manually configure IP addresses on each one of the client computers individually and to provide a means of monitoring and regulating the users' access to the Internet. Ralph submits a proposal calling for the use of private IP addresses on the client computers and a series of proxy servers with public, registered IP addresses, connected to the Internet using multiple T-1 lines. Which of the following statements about Ralph's proposed Internet access solution is true? A. The proposal fails to satisfy both the primary and secondary objectives. B. The proposal satisfies the primary objective but neither of the secondary objectives. C. The proposal satisfies the primary objective and one of the secondary objectives. D. The proposal satisfies the primary objective and both of the secondary objectives.
C. Proxy servers provide network users with access to Internet services, and the unregistered IP addresses on the client computers protect them from unauthorized access by users on the Internet, which satisfies the first objective. The proxy servers also make it possible for network administrators to regulate users' access to the Internet, which satisfies one of the two secondary objectives. However, the proxy servers cannot assign IP addresses to the client computers, and the plan makes no mention of DHCP or another automatic TCP/IP configuration mechanism. Therefore, the plan does not satisfy the other secondary objective.
Which of the following devices is used to physically connect computers in the same Virtual Local Area Network (VLAN)? A. A bridge B. A hub C. A switch D. A router
C. Replacing routers with switches turns an internetwork into a single large subnet, and VLANs exist as logical elements on top of the switching fabric. Although VLANs are the functional equivalent of network layer subnets, the systems in a single VLAN are still connected by switches, not routers. Bridges connect network segments at the data link layer and selectively forward traffic between the segments. However, bridges do not provide a dedicated connection between two systems like a switch does, and they do not make it possible to convert a large, routed internetwork into a single switched network. Therefore, they have no role in implementing VLANs. Hubs are physical layer devices that propagate all incoming traffic out through all of their ports. Replacing the routers on an internetwork with hubs would create a single shared network with huge amounts of traffic and collisions. Hubs, therefore, do not connect the computers in a VLAN.
Which of the following devices is used to physically connect computers in the same VLAN? A. A bridge B. A hub C. A switch D. A router
C. Replacing routers with switches turns an internetwork into a single large subnet, and Virtual Local Area Networks (VLANs) exist as logical elements on top of the switching fabric. Although VLANs are the functional equivalent of network layer subnets, the systems in a single VLAN are still physically connected by switches, not routers. Bridges connect network segments at the data link layer and selectively forward traffic between the segments. However, bridges do not provide a dedicated connection between two systems like a switch does, and they do not make it possible to convert a large, routed Chapter 2: Network Implementations 361 internetwork into a single switched network. Therefore, they have no role in implementing VLANs. Hubs are physical layer devices that propagate all incoming traffic out through all of their ports. Replacing the routers on an internetwork with hubs would create a single shared broadcast domain with huge amounts of traffic and many collisions. Hubs, therefore, do not connect the computers in a VLAN
Which of the following statements about routers is not true? A. Routers can connect two or more networks with dissimilar data link layer protocols and media. B. Routers can connect two or more networks with the same data link layer protocols and media. C. Routers store and maintain route information in a local text file. D. Servers with multiple network interfaces can be configured to function as software routers. E. Routers can learn and populate their routing tables through static and dynamic routing.
C. Routers store and maintain route information in a routing table that is stored in memory, not in a local text file. All of the other statements about routers are true.
Each of the following Carrier-Sense Multiple Access with Collision Detection (CSMA/CD) events occurs on an Ethernet network when two stations transmit simultaneously, although not in the order listed. Which of the following events occurs immediately after the collision? A. The two stations observe a random backoff interval. B. The two stations transmit a jam signal. C. The two stations stop transmitting. D. The two stations listen to see if the channel is idle. E. The two stations begin retransmitting their frames.
C. Stations on a CSMA/CD network first check the medium to see if it is idle. If they detect an idle medium, they begin transmitting. If two or more devices transmit at the same time, a collision occurs. Immediately after a collision occurs, the two stations involved stop transmitting. After that, they send out a jam signal. Then, the two stations back off for a random interval, and the transmission process begins again.
Ralph has been hired by a company to redesign its Local Area Network (LAN). Right now, it has a single 100 Mbps Ethernet LAN with 40 users and 2 shared servers, all connected through 3 hubs. The users on the network must be able to share files with one another and also access the shared servers. The users are complaining that the network is too slow. Management states that cost is a factor that must be considered. Which of the following upgrade scenarios should Ralph recommend in this situation? A. Split the network into smaller segments with dedicated hubs as opposed to shared hubs. B. Split the network into two routed LANs with 20 users each. C. Replace the hubs with switches to define separate collision domains and filter unnecessary traffic from each segment. D. Replace the hubs with a layer 3 switch and define two Virtual LANs (VLANs) with 20 users each.
C. The best choice is to replace the hubs with switches, since the network is relatively small, and cost is an issue. On the existing network, all users share the same 100 Mbps communication channel, and each computer must take turns transmitting. By replacing the hubs with switches, you provide each computer with a dedicated 100 Mbps connection to the switch, while reducing unnecessary traffic and collisions on the network. There is no such thing as a dedicated hub. Splitting the network into two routed LANs is not the best solution, because all users must share information on a constant basis. Also, cost is a factor, and routers are more expensive than switches. Replacing the hubs with a layer 3 switch and defining two VLANs with 20 users each is not a reasonable solution, because layer 3 switches are very expensive
Which of the following is the primary reason why replacing hubs with switches on an Ethernet Local Area Network (LAN) improves its performance? A. Switches forward packets faster than hubs. B. Switches do not forward broadcast transmissions. C. Switches reduce the number of collisions on the network. D. Switches read the IP addresses of packets, not the hardware addresses.
C. The main reason why switches improve the efficiency of an Ethernet LAN is that they create a separate collision domain for each switched port, eliminating most collisions. Collisions result in packets having to be retransmitted, so fewer collisions means fewer retransmissions, which improves performance. Switches do not forward packets faster than hubs. Switches do forward broadcast transmissions. Switches do read hardware addresses, not IP addresses.
Which of the following tasks can you perform to split a large, switched Local Area Network (LAN) into multiple broadcast domains? (Choose all that apply.) A. Replace one or more switches with hubs. B. Install a firewall to filter broadcast traffic. C. Enable the Spanning Tree Protocol (STP) on the switches. D. Create Virtual Local Area Networks (VLANs) in the switches. E. Install routers on the network.
D, E. By default, a switched LAN consists of a single broadcast domain. To create multiple broadcast domains, you can install routers to split the installation into two or more networks, because routers do not forward broadcasts. The other possibility is to create VLANs in the switches. Each VLAN is a separate broadcast domain. All of the other options would have no effect on the number of broadcast domains on the network.
Which of the following is not a mechanism for distributing incoming network traffic among multiple servers? A. Load balancer B. Round-robin DNS C. NLB cluster D. VPN headend
D. A Virtual Private Network (VPN) headend is a type of router that enables multiple client systems to access a network from remote locations. It does not distribute traffic among servers. A load balancer is a type of router that forwards traffic with a single IP address to multiple servers in turn. Round-robin DNS is a technique in which a DNS server resolves a name into several IP addresses, each in turn. A Network Load Balancing (NLB) cluster is a group of servers, all running the same application, that distribute incoming traffic among themselves.
Which of the following is a correct definition of a collision domain? A. A group of Local Area Networks (LANs), connected by routers, that enables any node to transmit to any other node B. A group of computers connected so that a broadcast transmission by any one device reaches all of the other devices C. A group of devices connected by cable segments that are longer than the maximum length stated in the physical layer specification D. A group of devices connected so that when two devices transmit at exactly the same time, a data collision occurs
D. A collision domain is a LAN with a shared network medium, so that two devices transmitting at the same time generate a signal quality error, also known as a collision. Ethernet LANs connected by hubs create a shared medium, whereas switched networks create a separate collision domain for each connected node. Routers create separate collision domains. A group of computers able to receive broadcasts is the definition of a broadcast domain, not a collision domain. Overlong cables can precipitate collisions but do not define a collision domain.
Which of the following devices enables two computers to communicate when they are using different protocols at each layer of the Open Systems Interconnection (OSI) reference model? A. A router B. A switch C. A hub D. A gateway
D. A gateway enables two devices using different protocols to communicate by performing translation and conversion services for them. Routers, hubs, and switches all require the same protocol at some of the OSI model layers.
Proxy servers operate at which layer of the OSI reference model? A. Data link B. Network C. Transport D. Application
D. A proxy server is an application layer service, because it receives Internet service requests from client computers, reads the application layer protocol data in each request, and then generates its own request for the same service and transmits it to the Internet server the client specifies. Only an application layer service can read and process the application layer data in network packets. A proxy server cannot be a data link layer device, because it can provide Internet access to an entire internetwork, while the data link layer is concerned with communications on a single subnet. Proxy servers cannot be network layer devices, because the network layer handles all internetwork packets indiscriminately and is unaware of what application generated the data carried inside the packets. The transport layer is not involved in processing application data, so proxy servers cannot be said to function at the transport layer.
Which of the following devices can you use to connect two multimode fiber-optic Ethernet networks in different buildings 2000 meters apart using a single-mode fiber-optic cable segment running at the same speed, while maintaining a single collision domain? A. Bridge B. Switch C. Router D. Media converter
D. A simple media converter is a physical layer device that can connect different types of network media together, as long as they have the same speed and duplex settings. Because the converter simply retransmits the signals, the single-collision domain is maintained. Bridges and switches are data link layer devices that create multiple-collision domains. Routers are network layer devices that create separate collision and broadcast domains.
Which of the following terms refers to a routing protocol that does not rely on hop counts to measure the efficiency of routes? A. Interior gateway protocol B. Edge gateway protocol C. Distance vector protocol D. Link state protocol
D. Distance vector protocols rely on hop counts to evaluate the efficiency of routes. Link state protocols use a different type of calculation, usually based on Dijkstra's algorithm. The terms interior gateway protocol and edge gateway protocol do not refer to the method of calculating routing efficiency
Which of the following is not one of the criteria typically used by load balancers to direct incoming traffic to one of a group of servers? A. Which server has the lightest load B. Which server has the fastest response time C. Which server is next in an even rotation D. Which server has the fastest processor
D. In most cases, a load balancing router works by processing incoming traffic based on rules set by the administrator. The rules can distribute traffic among a group of servers using various criteria, such as each server's current load or response time, or which server is next in a given rotation. Load balancers typically do not use the hardware configuration of the servers to direct traffic since this is a factor that does not change.
Which of the following terms refers to methods by which network traffic is prioritized to prevent applications from suffering faults due to network congestion? A. Port forwarding B. Dynamic routing C. VLANs D. QoS
D. Quality of Service (QoS) is a general term that refers to various mechanisms for prioritizing network traffic so that applications or data streams requiring a certain level of performance are not negatively affected by lower-priority transmissions. Port forwarding is a routing method that redirects traffic intended for one IP address and port number to another. Dynamic routing is a method by which routing tables are automatically updated with new information as the routing fabric of an internetwork changes. Virtual Local Area Networks (VLANs) are a means for partitioning a broadcast domain into discrete units that are functionally equivalent to physical LANs.
Which of the following statements about the Spanning Tree Protocol (STP) is not true? A. STP operates at the data link layer of the OSI model. B. STP is implemented in switches. C. STP prevents traffic from circulating endlessly around a network. D. STP compiles a database containing the IP addresses of connected devices.
D. STP operates at the data link layer of the OSI model, so it works with hardware addresses, not IP addresses. Switches use STP to prevent redundant links from causing traffic loops on the network.
Which of the following prevents packets on a TCP/IP internetwork from being transmitted endlessly from router to router? A. Open Shortest Path First (OSPF) B. Maximum Transmission Unit (MTU) C. Administrative distance D. Time to Live (TTL)
D. TTL is a value included in the IPv4 header that specifies the maximum number of hops the packet is allowed on the network. Each router processing the packet reduces the TTL value by one and discards the packet when the value reaches zero. OSPF is a routing protocol. MTU specifies the maximum size of a frame. Administrative distance is a value that routers use to select the most efficient route to a destination.
Which of the following routing protocols has both interior and exterior designations, based on whether it is used for routing within an autonomous system or on the Internet? A. RIP B. OSPF C. EIGRP D. BGP
D. The Border Gateway Protocol (BGP) is a highly scalable protocol used for routing both on private autonomous systems, where it is known as the Internal Border Gateway Protocol (iBGP) and maintains full mesh communication among all of the routers, and on the Internet, where it is known as the External Border Gateway Protocol (eBGP). Routing Information Protocol (RIP), Open Shortest Path First (OSPF), and Enhanced Interior Gateway Routing Protocol (EIGRP) do not have interior and exterior designations.
The network administrator for a small business is installing a computer to function as a firewall protecting their internetwork from Internet intrusion. At which of the following locations should the administrator install the firewall system? A. Anywhere on the private internetwork, as long as the Internet is accessible B. Between the Internet access router and the Internet Service Provider's (ISP's) network C. At the ISP's network site D. Between the Internet access router and the rest of the private internetwork
D. The firewall is a conduit between the private network and the ISP's network (which provides access to the Internet), through which all traffic must pass. This ensures that the firewall has the opportunity to examine every packet that passes between the private network and the Internet and filter out those that are not authorized. If the firewall was located in the midst of the private internetwork, it would be possible for Internet computers to bypass the firewall and communicate directly with the private systems. Placing the firewall on the far side of the router would put it on the ISP's network, causing it to filter all of the ISP's traffic and not just that destined for the private network. Installing the firewall at the ISP's site would have the same effect as installing it on the far side of the router at the private network site
Small Office Home Office (SOHO) networks typically use a multifunction connectivity device that can perform all but which one of the following functions? A. DHCP B. DNS C. Switch D. Router E. Hub F. NAT router G. Access Point (AP)
E. SOHO multifunction devices typically function as routers connecting the local network to an Internet Service Provider (ISP), switches providing wired connections to host devices, Dynamic Host Configuration Protocol (DHCP) servers assigning IP addresses, Domain Name System (DNS) servers resolving names into IP addresses, Network Address Translation (NAT) routers providing hosts with private IP addresses access to the Internet, and APs providing wireless devices with access to the network. They do not function as hubs
Which of the following are available as Internet of Things (IoT) devices? A. Refrigerators B. Doorbells C. Thermostats D. Speakers E. All of the above
E. The IoT consists of devices that are ordinarily passive, but which have been made intelligent by configuring them to participate on an IP network. All of the devices listed are available as "smart" devices that enable remote users to interact with them over the I