Network + Questions 101-200
UESTION NO: 148 Which of the following WAN technologies provides a guaranteed throughput rate? A. DSL B. T-1 C. Cable broadband D. Dial-up
wer: B Explanation:
UESTION NO: 101 Which of the following is a system of notation that uses base 16 rather than base 10? A. Hex B. Octal C. Binary D. CIDR
Answer: A Explanation: The hexadecimal numeral system, often shortened to "hex", is a numeral system made up of 16 symbols (base 16). The standard numeral system is called decimal (base 10) and uses ten symbols: 0,1,2,3,4,5,6,7,8,9.
UESTION NO: 109 Which of the following would be the MOST efficient subnet mask for a point-to-point link? A. /28 B. /29 C. /31 D. /32
Answer: C Explanation: RFC 3021 was introduced to allow the use of /31 subnets specifically for point-to-point links that don't require a local broadcast. In these networks, any packet sent by one node must be intended for the other node, as there are no other possibilities
Question No:108 A network security technician observes multiple attempts to scan network hosts and devices. All the attempts originate from a single host on the network. Which of the following threats is MOST likely involved? A. Smurf attack B. Rogue AP C. Compromised system D. Unintentional DoS
Answer: C Explanation:
UESTION NO: 105 The security manager reports that individual systems involved in policy or security violations or incidents cannot be located quickly. The security manager notices the hostnames all appear to be randomly generated characters. Which of the following would BEST assist the security manager identifying systems involved in security incidents? A. Enforce port security to require system authentication B. Implement a standardized UNC C. Label existing systems with current hostnames D. Forward the DHCP logs to the security manager every day
Answer: B Explanation: (Universal Naming Convention) A standard for identifying servers, printers and other resources in a network, which originated in the Unix community. A UNC path uses double slashes or backslashes to precede the name of the computer. ... are not used in UNC names.
UESTION NO: 102 A network administrator would like to collect information from several networking devices using SNMP. Which of the following SNMP options should a network administrator use to ensure the data transferred is confidential? A. authpriv B. SHA C. MD5 D. Authentication passphrase
Answer: A AuthPriv is the most correct answer. SNMPv3 defines communication with authentication and privacy (AuthPriv) as one of three mechanisms available. It uses MD5 and SHA for authentication and either DES or AES for privacy. While both SHA and MD5 are used in the solution, they are insufficient on their own. A passphrase would be insufficient to sustain confidentiality of the data.
UESTION NO: 107 A network technician configures a firewall's ACL to allow outgoing traffic for several popular services such as email and web browsing. However, after the firewall's deployment, users are still unable to retrieve their emails. Which of the following would BEST resolve this issue? A. Allow the firewall to accept inbound traffic to ports 25, 67, 179, and 3389 B. Allow the firewall to accept inbound traffic to ports 80, 110, 143, and 443 C. Set the firewall to operate in transparent mode D. Allow the firewall to accept inbound traffic to ports 21, 53, 69, and 123
Answer: B Explanation: retrieve is to get, so that would be POP3 and IMAP, SMTP is to send email. The only answer that mentions one of these ports is B, which mentions port 110, POP3. So answer B is indeed correct.
UESTION NO: 103 The IT manager at a small firm is in the process of renegotiating an SLA with the organization's ISP. As part of the agreement, the organization will agree to a dynamic bandwidth plan to provide 150Mbps of bandwidth. However, if the ISP determines that a host on the organization's internal network produces malicious traffic, the ISP reserves the right to reduce available bandwidth to 1.5 Mbps. Which of the following policies is being agreed to in the SLA? A. Session hijacking B. Blocking C. Throttling D. Data usage limits E. Bandwidth quotas
Answer: C Explanation:Bandwidth throttling is the intentional slowing or speeding of an internet service by an Internet service provider. It is a reactive measure employed in communication networks to regulate network traffic and minimize bandwidth congestion. Bandwidth throttling can occur at different locations on the network
UESTION NO: 187 A technician is setting up a wireless access point in a coffee shop. The shop is not concerned with security but only wants to allow customers to have access. Which of the following configurations should the technician deploy? A. Use a pre-shared key. B. Set up EAP. C. Configure RADIUS. D. Configure MAC filtering.
wer: A Explanation:
UESTION NO: 156 Employees want the ability to use personal devices on the guest network while working out at the company gym. In order to meet the request, which of the following policies requires employee adherence? A. AUP B. SLA C. NDA D. MOU
wer: A Explanation: An acceptable use policy (AUP), acceptable usage policy or fair use policy, is a set of rules applied by the owner, creator or administrator of a network, website, or service, that restrict the ways in which the network, website or system may be used and sets guidelines as to how it should be used.Internet.
UESTION NO: 146 CORRECT TEXT Your company recently purchased a new building down the street from the existing office. INSTRUCTIONS For each of the tasks below, select the appropriate antenna type and encryption object for all wireless access point (AP). 1. Create an encrypted wireless connection between the two buildings that BEST controls signal propagation, while maximizing security. 2. Restrict the wireless signal generated by the access points (APs) inside Building 1, so that it minimizes broadcast beyond the building. 3. Maximize wireless coverage inside Building 1. 4. Building 1's internal wireless network is for visitors only and must not require any special configuration on the visitor's device to connect. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. Instructions: When you have completed the simulation, select the Done button to submit. If you previously made any changes to the simulated environment for the question, those changes were saved and will be present when you continue.
wer: See explanation below. Explanation: Security. CCMP is the standard encryption protocol for use with the Wi-Fi Protected Access II (WPA2) standard and is much more secure than the Wired Equivalent Privacy (WEP) protocol and Temporal Key Integrity Protocol (TKIP) of Wi-Fi Protected Access (WPA).
UESTION NO: 127 A user reports that a laptop cannot connect to the Internet despite the fact the wireless Internet was functioning on it yesterday. The user did not modify the laptop in any way, and the wireless Internet is functional on other users' laptops. Which of the following issues should be reviewed to help the user to connect to the wireless network? A. Wireless switch toggled off B. WAP settings C. WLAN IP address out of scope D. Wireless controller misconfiguration
wer: A Explanation: The Wi-Fi adapter may also be disabled from the Control Panel. Click the Network and Sharing Center option, then click Change adapter settings in the left navigation pane. Right-click the Wi-Fi adapter, and select Disable.
UESTION NO: 173 Which of the following DNS record types is an alias? A. CNAME B. PTR C. NS D. SRV
wer: A Explanation: ALIAS record is a type of DNS record build in the ClouDNS, which works in a similar way as the CNAME record. The ALIAS record allows you to add multiple hostnames for the same subdomain and can be used for the root domain too.
UESTION NO: 184 A company has two geographically separate locations that need to connect using a VPN. Which of the following devices must be specifically configured to allow VPN traffic into the network? A. Firewall B. Switch C. Router D. Modem
wer: A Explanation:
UESTION NO: 111 Ann, a network technician, has just installed a fiber switch in a datacenter. To run the fiber cabling, Ann plans the cable route over the top of the rack using the cable trays, down to the switch, coiling up any excess cable. As Ann configures the switch, she notices several messages in the logging buffer stating the receive signal of the SFP is too weak. Which of the following is MOST likely the cause of the errors in the logging buffer? A. Bend radius exceeded B. Fiber cable mismatch C. Fiber type mismatch D. Bad fiber switch
wer: A Explanation: Bends cause the light from the fiber cable core to leak out through the cladding, resulting in a weak signal. ... Prolonged microbending also can lead to micro-cracking of the glass core and cladding which then, over time, can cause the fiber to go dark and not pass any light.
UESTION NO: 129 A network technician is building a network for a small office. The office currently has cable TV and now requires access to the Internet without adding any cabling other than what is already in place. Which of the following solutions should the technician install to meet these requirements? A. DOCSIS modem B. Wireless router C. DSL modem D. Access point
wer: A Explanation: DOCSIS stands for "Data Over Cable Service Interface Specification." It's the protocol that lets an ISP provide internet service through a coaxial cable. It just means that your modem can provide broadband internet access. DOCSIS 3.0 and 3.1 are just version numbers
UESTION NO: 118 Which of the following communication media can carry many voice, data, and video channels simultaneously over multiple frequencies? A. Broadband B. Baseband C. Analog modem D. CSMA
wer: A Explanation: In telecommunications, broadband is wide bandwidth data transmission which transports multiple signals and traffic types. The medium can be coaxial cable, optical fiber, radio or twisted pair.
UESTION NO: 114 A network engineer is designing a new IDF in an old building. The engineer determines the equipment will fit in a two-post rack, and there is power available for this equipment. Which of the following would be the FIRST issue to remediate? A. Air flow and cooling B. UPS capability C. Circuit labeling D. Power redundancy
wer: A Explanation: Is this correct? "Advantages of 2-Post racks include: Cooling - Since 2 post racks are not enclosed, airflow is circulated easily. Fans on rack-mounted equipment will easily disperse the heat out into the open area. They specify an "old building". I believe the point here is to check the ventilation of the actual room where the rack will be placed.
UESTION NO: 115 Which of the following DNS records needs to be configured for SMTP traffic? A. MX B. CNAME C. AAAA D. PTR
wer: A Explanation: MX is the most correct answer. MX records are for mail exchangers. CNAME is the canonical name record, which maps one domain to another. AAAA records are for human names to IPv6 domains or hosts. PTR records are for pointers, which give the hostname for an IP address (reverse lookup).
UESTION NO: 128 A network administrator wants to increase the confidentiality of the system by hardening the authentication process. Currently, the users log in using usernames and passwords to access the system. Which of the following will increase the authentication factor to three? A. Adding a fingerprint reader to each workstation and providing a RSA authentication token B. Adding a fingerprint reader and retina scanner C. Using a smart card and RSA token D. Enforcing a stronger password policy and using a hand geometry scan
wer: A Explanation: currently only have the what you know. Retina is what you are and a token is what you have.
UESTION NO: 119 To replace a defective UPS, the network administrator must take the switch offline. The administrator wants to be able to perform maintenance UPS in the future without affecting the availability of the attached switch. Which of the following would BEST allow this to happen? A. Add a redundant power supply to the switch B. Implement stacking on the switches in the rack C. Add a second UPS into the rack D. Install a power converter for the switch
wer: A Explanation:
UESTION NO: 124 Which of the following BEST describes the differences between VLAN hopping and session hijacking? A. VLAN hopping involves the unauthorized transition from one VLAN to another to gain additional access. Session hijacking involves overriding a user's web connection to execute commands B. VLAN hopping is a brute force attack executed to gain additional access. Session hijacking involves physically disrupting a network connection C. VLAN hopping involves overriding a user network connection to execute malicious commands. Session hijacking involves compromising a host to elevate privileges D. VLAN hopping is the act of exploiting poor VLAN tagging. Session hijacking is a web-based attack aimed at privilege escalation
wer: A Explanation:
UESTION NO: 138 A user reports difficulties connecting a PC to a wired network. The PC connects to an IP phone, which is working correctly. A network technician can verify that other devices successfully connect to the phone. At which of the following layers of the OSI model is the problem MOST likely located? A. Network B. Physical C. Transport D. Application
wer: A Explanation:
UESTION NO: 163 A technician is investigating the cause of a network outage. Which of the following documents should be checked to rule out configuration issues? A. Change management records B. Inventory management C. Network log files D. Logical diagrams
wer: A Explanation:
UESTION NO: 164 A junior network technician receives a help desk ticket from an end user who is having trouble accessing a web application that was working the previous day. After talking with the end user and gathering information about the issue, which of the following would be the most likely course of action for the technician to perform NEXT? A. Establish a theory of probable cause. B. Escalate the ticket to a senior technician. C. Implement the solution. D. Document the findings and outcomes.
wer: A Explanation:
UESTION NO: 169 Which of the following storage network technologies inherently leverages block-level storage? A. NAS B. SAN C. FCoE D. iSCSI E. FTP
wer: A Explanation:
UESTION NO: 176 A technician is utilizing SNMPv3 to monitor network statistics. Which of the following actions would occur immediately of a server's utilization spikes above the prescribed value? A. A trap message is sent via UDP to the monitoring workstation. B. The SET function pushes an alert to the MIB database. C. The object identifier is modified and reported during the next monitoring cycle. D. A response message is sent from the agent to the manager.
wer: A Explanation:
UESTION NO: 189 Management has requested that services be available within 72 hours of a disaster. Budget is a major concern. A contract is signed with a company that has plenty of space, and the technician will have the option of putting infrastructure equipment in place. Which of the following BEST describes this business continuity strategy? A. Cold site B. Differential backup C. Hot site D. Incremental backup E. Warm site F. Full backup
wer: A Explanation:
UESTION NO: 198 A technician is troubleshooting a workstation's network connectivity and wants to confirm which switchport corresponds to the wall jack the PC is using. Which of the following concepts would BEST help the technician? A. Consistent labeling B. Change management C. Standard work instructions D. Inventory management E. Network baseline
wer: A Explanation:
UESTION NO: 199 Under which of the following layers of the OSI model do ATM cells operate? A. Data link B. Network C. Session D. Transport E. Presentation
wer: A Explanation: It uses asynchronous time-division multiplexing, and encodes data into small, fixed-sized network packets. In the OSI reference model data link layer (layer 2), the basic transfer units are generically called frames. In ATM these frames are of a fixed (53 octets or bytes) length and specifically called cells. ATM is defined at the physical layer (Layer 1) and data link layer (Layer 2) of the OSI reference model.
UESTION NO: 132 A technician is setting up a public guest network for visitors to access the Internet that must be separate from the corporate network. Which of the following are the BEST steps for the technician to take with minimum overhead configuration? (Choose two.) A. Enable SSID broadcasting to identify the guest network B. Configure visitor devices to use static IP addresses C. Enable two-factor authentication on visitor devices D. Configure the access point to use WPA2-AES encryption E. Ensure the access point is not running in mixed mode
wer: A,B Explanation:
UESTION NO: 104 A network technician has just configured NAC for connections using Cat 6 cables. However, none of the Windows clients can connect to the network. Which of the following components should the technician check on the Windows workstations? (Choose two.) A. Start the Wired AutoConfig service in the Services console B. Enable IEEE 802.1q Authentication in Network Interface Card Properties C. Enable IEEE 802.1x Authentication in Network Interface Card Properties D. Start the Wireless AutoConfig service in the Services console E. Enable IEEE 802.3 Ethernet IPv6 in Network Interface Card Properties
wer: A,C Explanation:
UESTION NO: 126 A network administrator receives a call from the sales department requesting ports 20 and 21 be opened on the company's firewall to allow customers to retrieve a large file. Which of the following should the administrator perform BEFORE making the needed changes? (Choose two.) A. Document the reason for the request B. Scan the file for malware to protect the sales department's computers C. Follow the company's approval process for the implementation D. Install a TFTP server for the customers to use for the transfer E. Create a honeypot to store the file on for the customers to use F. Write the SLA for the sales department authorizing the change
wer: A,C Explanation:
UESTION NO: 194 Which of the following are DNS record types? (Choose three.) A. CNAME B. NTP C. PTR D. LDAP E. DHCP F. TTL G. SRV H. SSH
wer: A,C,G Explanation: A Canonical Name record (abbreviated as CNAME record) is a type of resource record in the Domain Name System (DNS) that maps one domain name (an alias) to another (the canonical name). A DNS pointer record (PTR for short) provides the domain name associated with an IP address. A DNS PTR record is exactly the opposite of the 'A' record, which provides the IP address associated with a domain name. A Service record (SRV record) is a specification of data in the Domain Name System defining the location, i.e., the hostname and port number, of servers for specified services. It is defined in RFC 2782, and its type code is 33.
UESTION NO: 179 A network technician is setting up a new router. Since it is exposed to the public, which of the following are the BEST steps the technician should take when setting up this device? (Choose two.) A. Disable unnecessary services. B. Use private IP addresses. C. Allow remote management access. D. Disable the console port. E. Enable encryption. F. Upgrade to the latest firmware.
wer: A,F Explanation:
UESTION NO: 151 Which of the following should a technician investigate when using a network baseline to troubleshoot? A. Tracing a network wire connectivity issue from the datacenter to a host. B. Determining if the server performance is degraded. C. Changes that have been made to the network configuration. D. Location of networking equipment in a rack.
wer: B
UESTION NO: 190 A network technician is planning to update the firmware on a router on the network. The technician has downloaded the file from the vendor's website. Before installing the firmware update, which of the following steps should the technician perform to ensure file integrity? A. Perform antivirus and anti-malware scans of the file. B. Perform a hash on the file for comparison with the vendor's hash. C. Download the file a second time and compare the version numbers. D. Compare the hash of the file to the previous firmware update.
wer: B Explanation:
UESTION NO: 123 Which of the following protocols can be both connection-oriented and connectionless? A. 20 FTP B. 53 DNS C. 67 DHCP D. 80 HTTP
wer: B Explanation: The correct answer is B.53 DNS. DNS uses TCP for Zone transfer and UDP for name, and queries either regular (primary) or reverse. UDP can be used to exchange small information whereas TCP must be used to exchange information larger than 512 bytes.
UESTION NO: 110 An office user cannot access local network drives but has full access to the Internet. A technician troubleshoots the issue and observes the following output of the ipconfig command: Which of the following would MOST likely allow the network drives to be accessed? A. Update the WLAN adapter driver B. Disable the WLAN adapter C. Check the wireless DHCP configuration D. Disable the LAN adapter
wer: B Explanation: but it is because the computer now has 2 gateways (one to the local network and another to the internet via wifi ). When user wanted to access the local network, the PC uses the "wrong" default wifi gateway which then dropped the traffic
UESTION NO: 140 An assistant systems analyst reports the following findings of an investigation of slow Internet connections in a remote office to the senior systems analyst: Which of the following devices is causing the issue? A. Router B. Firewall C. Switch 1 D. Switch 2
wer: B Explanation:
UESTION NO: 152 A technician needs to upgrade a SOHO wireless router's firmware. The technician resets the router to factory settings and installs the new firmware. The technician enters the DHCP information and sets the SSID. Which of the following configurations would provide the MOST protection from advance hackers? A. Disable the broadcasting of the SSID. B. Enable WPA2 authentication for all hosts. C. Use private addressing for the DHCP scope. D. Install unidirectional antennas.
wer: B Explanation:
UESTION NO: 154 Which of the following datacenter security methodologies is MOST likely to remain usable during a network outage? A. biometric scanners B. door locks C. video surveillance D. motion detectors
wer: B Explanation:
UESTION NO: 160 Which of the following should be performed to verify that unnecessary services are disabled on all switches in an environment? A. Packet capturing B. Port scanning C. Log scanning D. Baseline review
wer: B Explanation:
UESTION NO: 193 At which of the following OSI model layers would a router operate? A. Physical B. Network C. Transport D. Data link
wer: B Explanation:
UESTION NO: 197 A technician is observing brownout issues at a smaller office. At least once a week, the edge switch power cycles. Which of the following should the technician do to resolve the issue? A. Install a new switch B. Install a UPS C. Replace the switch uplink cable. D. Install a new electrical circuit.
wer: B Explanation:
UESTION NO: 180 A network technician is configuring user access to a VPN concentrator and has been advised to use a protocol that supports encryption over UDP. Which of the following protocols has the technician MOST likely configured for client use? A. TFTP B. DTLS C. DNS D. SNMP
wer: B Explanation: "encryption over UDP" DTLS VPNS Datagram TLS (DTLS) VPNs optimize connections for delaysensitive applications, such as voice and video over a VPN. After establishing a traditional TLS tunnel, DTLS VPNs use UDP datagrams rather than TCP segments for communication.
UESTION NO: 153 A technician notices clients are receiving a 169.254.x.x IP address following the upgrade of a server. Which of the following ports should the technician check on the local server firewall? A. ports 20 and 21 B. ports 67 and 68 C. ports 80 and 443 D. port 123 and 8080
wer: B Explanation: An IP address that starts with 169 means that the host failed to obtain a dynamic IP from a DHCP server. Ports 67 and 68 are the port numbers for DHCP server, DHCP client so yeah answer is B.
UESTION NO: 136 A network administrator wishes to ensure there are no unnecessary open communication paths into a server. Using a port scanner, the administrator finds that ports are reported as closed. Which of the following BEST explains this response? A. The ports belong to an active system and are denying requests B. The ports are associated with deprecated services C. The ports do not belong to a live system D. The ports replied with a SYN/ACK response
wer: B Explanation: Depracated means that somethin can be reached but it doesn't respond, so it justifies the answer to be B.
UESTION NO: 143 A network administrator is testing connectivity at a new corporate site. The site has a wireless guest as well as a wired employee network. After verifying connectivity, the administrator checks link speeds by using a speed testing website. The speed testing website shows lower download and upload speeds for the wired network than the wireless network. Which of the following is the MOST likely explanation? A. There is less local congestion on the wireless network B. The testing server for the wired network was farther away C. The firewall is configured to throttle traffic to specific websites D. The wireless access points were misconfigured
wer: B Explanation: I think B is still correct. When doing internet speed test, you can choose the location to send the test packets to, if the location is far from the host you will get lower speed than a closer one.
UESTION NO: 131 Which of the following VPN protocols establishes a secure session that can be initiated using a browser? A. IPSec B. SSL VPN C. PTP D. PPTP
wer: B Explanation: SSL VPN enables devices with an internet connection to establish a secure remote-access VPN connection with a web browser.
UESTION NO: 134 A network technician is installing a new network switch is looking for an appropriate fiber optic patch cable. The fiber optic patch panel uses a twist-style connector. The switch uses a SFP module. Which of the following connector types should the fiber patch cable have? A. LC B. ST C. SC D. MTRJ E. MTP
wer: B Explanation: ST connectors: These connectors are the most common type of commercial fiber optic connector. These connectors utilize an exposed plastic tube housing the optical fiber. This requires a connection to a matching cable on the other side, incorporating a connector that mates to the other. These combine in a spring-loaded twist, reminiscent of BNC connectors, and are noted for their reliability. ST connector is very popular in communication applications, such as LANs and CCTV systems.
UESTION NO: 157 Which of the following BEST describes the BGP routing protocol? A. distance vector B. hybrid C. static D. link state
wer: B Explanation: Some routing protocols use a little bit of link-state and a little bit of distance vector and combine those together as the dynamic routing protocol. A good example of a hybrid routing protocol is BGP, or the Border Gateway protocol, where it determines what route is best based on the paths, the network policies, or some preconfigured rule sets that you set inside of the router.
UESTION NO: 147 A technician has installed a Linux server in the tax office. The server can access most of the resources on the network, but it cannot connect to another server that has a share for backup. The technician learns that the target server is on a different subnet. Which of the following tools should the technician use to ensure the Linux server can reach the backup location? A. netstat B. traceroute C. route D. dig E. ifconfig
wer: B Explanation: in otherwords, which tool do we use to make sure that we can reach a device on a different network/subnetwork. Chances are the administrator has now applied a fix and needs to verify that he can reach the other network. In computing, traceroute and tracert are computer network diagnostic commands for displaying possible routes and measuring transit delays of packets across an Internet Protocol network
UESTION NO: 112 Which of the following wireless connection types utilize MIMO on non-overlapping channels? (Choose two.) A. 802.11a B. 802.11ac C. 802.11b D. 802.11g E. 802.11n
wer: B,E Explanation:
UESTION NO: 120 A forensic first responder arrives at the scene where an employee is suspected to have committed a computer-based crime. Which of the following should the first responder do FIRST? A. Document the scene B. Take pictures upon arrival C. Secure the area D. Implement chain of custody
wer: C Explanation: In general, when you are in a situation where you are the first responder, you need to • Secure the area • Document the scene • Collect evidence • Interface with authorities
UESTION NO: 121 A small town is attempting to attract tourists who visit larger nearby cities. A network engineer is asked to implement a network encompassing the five-block town center and nearby businesses. The inclusion of smartphones and portable devices is crucial to the plan. Which of the following is the network engineer being asked to implement? A. LAN B. PAN C. MAN D. WAN
wer: C Explanation: A metropolitan area network (MAN) is a computer network that connects computers within a metropolitan area, which could be a single large city, multiple cities and towns, or any given large area with multiple buildings. A MAN is larger than a local area network (LAN) but smaller than a wide area network (WAN).
UESTION NO: 116 In which of the following ways does a DDoS attack differ from a spoofing attack? A. DDoS attacks target multiple networks B. Spoofing attacks originate from a single host C. DDoS attacks are launched from multiple hosts D. Spoofing attacks require physical presence
wer: C Explanation: While A seems correct, the word to watch for is 'multiple', although letter A states multiple, it does not mean that a DDoS will affect multiple targets, it is the other way around. A DDoS targets a single host or server or any part of the network from 'multiple' sources.
UESTION NO: 165 A system administrator receives reports from users of odd behavior in regard to a recently installed server. While reviewing the server network configuration, the systems administrator does both a forward and a reverse DNS lookup on the host, along with the network adapter configuration. Which of the following is the problem identified in the output above? A. There is no reverse DNS entry for this host. B. The server IP address is incorrectly configured. C. The DNS lookup entry is incorrectly configured. D. The reverse DNS entry is pointing to a different host.
wer: C Explanation: first commandline is a DNS query of what IP address is stored for server.company.com $host server.company.com it gives the result 129.168.0.100 (note the first octet is 129, not 192) the scond command is a reverse DNS, called ARP, looking for the name that is associated with an it yields a result of web.company.com the last command ifconfig is a command run on the server locally to see what IP it is configured with and it yields 192.168.0.100 so the conclusion is the server on itself is configured with 192.168.0.100 and in DNS it is configured as 129.168.0.100 since DNS is the master record file for all network devices, the issue seen is that the DNS record for this machine (in DNS) is wrong.
UESTION NO: 106 A building is equipped with light sensors that turn off the fluorescent lights when natural light is above a certain brightness. Users report experiencing network connection issues only during certain hours. The west side of the building experiences connectivity issues in the morning hours and the east side near the end of the day. At night the connectivity issues affect the entire building. Which of the following could be the cause of the connectivity issues? A. Light sensors are interfering with the network B. EMI from the lights is interfering with the network cables C. Network wiring is run perpendicular to electrical conduit D. Temperature changes are causing attenuation in copper cabling
wer: C Explanation:
UESTION NO: 133 When choosing a type of storage that integrates with the existing network infrastructure, the storage must be easily configurable to share files and can communicate with all existing clients over TCP/IP. Which of the following is the BEST technology for the network administrator to implement? A. iSCSI B. Fibre Channel C. NAS D. DAS
wer: C Explanation:
UESTION NO: 145 A technician is trying to configure a previously owned WAP. The technician successfully logs into the administrative console and attempts to input the IP address on the WAP. However, the WAP is not accepting the command. Which of the following is causing the problem? A. The WAP antenna is damaged B. The WAP transmitter light is dim C. The terminal emulation software is misconfigured D. The LWAPP image is installed on the WAP
wer: C Explanation:
UESTION NO: 161 A technician is sent to a remote office to set up a device to connect to the Internet. The company standards document requires stateful inspection. Which of the following should the technician install? A. Router B. Multiplayer switch C. Firewall D. Bridge
wer: C Explanation:
UESTION NO: 166 A network technician at a small office upgrades the LAN switch. After the upgrade, a user reports being unable to access network resources. When the technician checks the switchport, the LED light is not lit. Which of the following should the technician check FIRST? A. The device is using the correct cable type. B. The switchport is functioning properly. C. The device is connected to the switch. D. The switch is connected to the router.
wer: C Explanation:
UESTION NO: 170 Which of the following networking devices operates at Layer1? A. Router B. Firewall C. Hub D. Bridge
wer: C Explanation:
UESTION NO: 171 A disgruntled employee decides to leak critical information about a company's new product. The employee places keyloggers on the department's computers, allowing the information to be sent out to the Internet. Which of the following attacks is occurring? A. Man-in-the-middle B. Logic bomb C. Insider threat D. Social engineering
wer: C Explanation:
UESTION NO: 174 A recently constructed building makes use of glass and natural light. Users in the building are reporting poor cellular connectivity and speeds. Which of the following is MOST likely the cause? A. Absorption B. Channel overlap C. Reflection D. Frequency mismatch
wer: C Explanation:
UESTION NO: 183 The Chief Executive Officer's (CEO's) tablet cannot connect to the wireless network from the corner office. A network technician verified the tablet can connect to the wireless network in other areas of the building. The distance between the office and the 802.11ac WAP is 150ft (46m), and there are a few cubicles in between. Which of the following is the MOST likely cause of the tablet not connecting? A. Absorption B. Reflection C. Distance D. Refraction E. Attenuation
wer: C Explanation:
UESTION NO: 185 A technician is working on a new machine that has been procured for testing and development. The machine will run a hypervisor and host several operating systems of various types so the development team can test the company's applications in a variety of environments. The technician wants the virtual machines to be available to communicate with each other without leaving the hypervisor. Which of the following is the BEST solution to the problem? A. The technician should connect the machine to its own separate switch. B. The technician should add a route in each virtual machine to the default gateway. C. The technician should configure a virtual switch. D. The technician should set up individual routes between the machines.
wer: C Explanation:
UESTION NO: 186 A network technician is repurposing a switch that has been in storage for some time. The device has been wiped to factory defaults. Which of the following should be done FIRST to ensure the device has been hardened before configuration? A. Generate new keys. B. Disable unused ports. C. Check for updated firmware. D. Configure the default VLAN.
wer: C Explanation:
UESTION NO: 191 A network technician performs a wireless site survey at a company building and identifies that the cafeteria is not covered by a wireless signal. The cafeteria is located in a medium-size, square- shaped room. Which of the following types of WAP antenna should the technician install in the center of the cafeteria to provide the BEST coverage? A. Unidirectional B. Parabolic C. Omnidirectional D. Yagi
wer: C Explanation:
UESTION NO: 195 Which of the following backup techniques is used to capture all the data that has changed since the last full backup? A. Incremental B. Replica C. Differential D. Snapshot
wer: C Explanation:
UESTION NO: 137 Users are reporting issues with slow connection speeds and a loss of connectivity on the newly installed wireless network. The issues are intermittent but seem to occur most often around midday. Which of the following is the MOST likely cause? A. There is interference from small appliances B. The signal coverage area is too small C. Not enough DHCP addresses have been allotted D. The DNS cache on the users' computers has become corrupt
wer: C Explanation: An exhausted DHCP pool would also suggest a lot of users taking up bandwidth which would cause slow speeds. The exhausted DHCP pool would prevent others from accessing the network all together.
UESTION NO: 139 Which of the following physical security controls is MOST likely to be susceptible to a false positive? A. Identification card B. Biometric device C. Proximity reader D. Video camera
wer: C Explanation: I think the reason why C is the correct answer is because a proximity reader will grant access to a user with proximity card that it recognizes. It doesn't need to know if the user is legitimate or not.
UESTION NO: 175 A network technician is working on a new switch implementation to expand the network. Which of the following is the BEST option to ensure the implementation goes according to business requirements? A. AUP B. NDA C. SOP D. SLA
wer: C Explanation: Standard operating procedures (SOPs) provide details of regular work processes followed within an organisation and/or between organisations. They document the way activities are to be performed in order to facilitate consistent conformity with technical and quality system requirements. service-level agreement (SLA) defines the level of service you expect from a vendor, laying out the metrics by which service is measured, as well as remedies or penalties should agreed-on service levels not be achieved. It is a critical component of any technology vendor contract.
UESTION NO: 141 A small business developed an in-house application that is very sensitive to network latency when a communicating between servers. Due to a lack of funds, the business had to build its own network for workstations and servers. Now a network administrator must redesign the network due to performance issues with the application. Which of the following would be the MOST cost effective for the administrator to recommend? A. Create Ethernet VLANs B. Disable autonegotiation on the servers C. Install 10Gb Ethernet NICs in the servers D. Install Fibre Channel for the server network
wer: C Explanation: Two factors are involved and must be considered together: network latency and cost-effective. A is cost-effective but doesn't solve the issue of network latency. C solves the issue of network latency and it's equally cost-effective.
UESTION NO: 144 A technician replaces a failed router with a spare that has been in inventory for some time. After attempting to enable HTTPS on the spare router, the technician discovers the feature is unavailable. The support office was able to connect to the previous router. Which of the following actions should the technician perform to enable HTTPS access for the support team? A. Reboot the router B. Enable HTTP on the router C. Update the firmware of the spare router D. Perform a factory reset on the router
wer: C Explanation: spare that has been in inventory for some time. so it makes since it would be out of date.
UESTION NO: 149 Which of the following is the SHORTEST way to write 2001:0000:0d58:0000:0000:0095:7565:0001 in proper IPv6 shorthand? A. 2001::d58::95:7565:1 B. 2001:0:d58:0:0:95:7565:1 C. 2001:0:d58::95:7565:1 D. 2001:0:0d58::95:7565:1
wer: C remove all the zeroes in each section and if there is a section that is just zeros "d58::95" - "0d58:0000:0000:0095" you use colons.
UESTION NO: 162 A technician is assigned to secure a basic wireless network. Which of the following authentication protocols should the technician use to perform this task? (Choose two.) A. RDP B. SNMP C. WPA2 D. EAP E. SSL
wer: C,D Explanation:
UESTION NO: 117 A user checks an IP address using an external website. The address is different than the one the user sees when opening a command prompt and typing in ipconfig/all. The user does not understand why the two tools show different IP addresses. This is BEST explained by the interworking of: A. network devices B. packet flow C. public/private networks D. traffic-routing protocols
wer: C0 Explanation: It's simple. Private Network = 192.168.1.1 Public Network = 193.1.2.5 This is an example of Network Address Translation (NAT).
UESTION NO: 168 A technician is responsible for configuring a new firewall. The hardware team has already installed, powered, and connected the system. Which of the following types of documentation should the technician utilize to complete the task? A. Rack diagram B. IDF/MDF documentation C. Network performance baseline D. Logical and physical diagrams
wer: D Explanation: A logical DFD focuses on the business and business activities, while a physical DFD looks at how a system is implemented. ... The logical DFD describes the business events that take place and the data required for each event.
UESTION NO: 113 A network technician is creating a new subnet for 488 host machines. The technician is told to use a class B address scheme when making the subnet and is instructed to leave as much room as possible for additional subnets of the same size. Which of the following subnets would fulfill these requirements? A. 10.5.4.0/22 B. 10.233.2.0/23 C. 172.16.0.0/22 D. 172.18.0.0/23 E. 192.168.25.0/24
wer: D Explanation: D is correct as this is a Class B IP (between 128.0.0.1 - 191.255.255.254) /23 Allows 510 Hosts 172.18.0.1 - 172.18.1.254 There's additional subnets of the same size for future use e.g 172.18.2.1 - 172.18.3.254 for hosts /22 is a waste, therefore C is incorrect
UESTION NO: 122 An employee wishes to use a personal cell phone for work-related purposes, including storage of sensitive company data, during long business trips. Which of the following is needed to protect BOTH the employee and the company? A. An NDA ensuring work data stored on the personal phone remains confidential B. An AUP covering how a personal phone may be used for work matters C. A consent to monitoring policy covering company audits of the personal phone D. Real-time remote monitoring of the phone's activity and usage
wer: D Explanation: The correct answer is D because is the only action, the only proceadure. All the others are just policies
UESTION NO: 172 A network technician needs to set up an access method for Ann, a manager, to work from home. Ann needs to locally mapped corporate resources to perform her job. Which of the following would provide secure access to the corporate resources? A. Utilize an SSH connection to the corporate server. B. Use TFTP to transfer files to corporate resources. C. Allow RDP through an external firewall. D. Connect utilizing client-to-site VPN.
wer: D Explanation: its very tpical with the VPN logon process that as you log on, the usual logon scripts run on your machine and map the network shares provided on the corporate network to local "logical" drives on your machine. So lets say you are in accounting and there is a share on the accounting server called "accounting-share", well when you logon to VPN succescully there will be a script or commmand that runs in the background to create a logical drive like "M:\" on your local machine and then point it to the network share... hope this explains it...
UESTION NO: 130 A network engineer arrives at work and discovers that many users are having problems when attempting to connect to the company network shared drives. The network operations center (NOC) technician just completed server upgrades the night before. To which of the following documents should the NOC technician refer to determine what potentially caused the connectivity problem? A. Network maps B. Cable management C. Release notes D. Change management
wer: D Explanation:
UESTION NO: 150 A network administrator needs to transmit traffic to geographically diverse sites to improve performance. Which of the following devices would BEST direct traffic to the remote sites? A. Hub B. Bridge C. Switch D. Router
wer: D Explanation:
UESTION NO: 167 A network administrator wants to employ a username and password authentication system for guest WiFi. Which of the following is the BEST option to provide this type of authentication? A. Port security B. MAC filtering C. Network access control D. Captive portal
wer: D Explanation:
UESTION NO: 178 802.11n clients currently have no way to connect to the network. Which of the following devices should be implemented to let the clients connect? A. Router B. Range extender C. VoIP endpoint D. Access point
wer: D Explanation:
UESTION NO: 188 A network administrator is assigned to run and connect a Cat 6e Ethernet cable between two nodes in a datacenter. Which of the following connector types should the network administrator use to terminate this cable? A. DB-9 B. RS-232 C. DB-25 D. RJ-45
wer: D Explanation:
UESTION NO: 192 An entire enterprise cannot access a specific website. The network technician knows the website was accessible last week. The technician can also ping the website. Which of the following is the technician MOST likely to find upon investigation? A. The firewall is misconfigured. B. The network is being hit by a zero-day attack. C. The SSL certificate is untrusted. D. The SSL certificate has expired.
wer: D Explanation:
UESTION NO: 158 A customer is reporting difficulty connecting some devices after replacing a wireless router with a new wireless 802.11ac router. The SSID, encryption and password are the same as the previous router. A technician goes on-site and notices the devices that are no longer connecting appear to be several years ago. Which of the following is MOST likely the problem? A. the password needs to be re-entered. B. there is a security type mismatch. C. there is insufficient antenna power. D. there is a frequency mismatch. E. the channel has changed.
wer: D Explanation: Letter D cause 802.11ac utilizes 5 GHz and since it is already 'several' years. The devices that are connected to the replaced WAP are probably 802.11b/g compliant devices.
UESTION NO: 155 A network technician is implementing a solution on the network to hide the workstation internal IP addresses across a WAN. Which of the following is the technician configuring? A. QoS B. DMZ C. RIP D. NAT
wer: D Explanation: Network address translation is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device
UESTION NO: 196 A network administrator frequently needs to assist users with troubleshooting network hardware remotely, but the users are non-technical and unfamiliar with network devices. Which of the following would BEST help the administrator and users during hands-on troubleshooting? A. Logical diagrams B. MDF documentation C. Equipment labeling D. Standard operating procedures
wer: D Explanation: No because the net admin is trying to help the user with remote login and labeling wouldn't really help, i can look @ labels and not understand what each functionality is of the equipment... the operating procedures is a better answer because it would give a more thorough explanation
UESTION NO: 182 A Chief Information Officer (CIO) is concentrated about an attacker gaining administrative access to the company's network devices. Which of the following is the MOST secure way to prevent this? A. ACL allowing only HTTP B. ACL allowing only Telnet C. Out-of-band modem D. Out-of-band console router
wer: D Explanation: Out-of-band (OOB) management is a method of remotely controlling and managing critical IT assets and network equipment using a secure connection through a secondary interface that is physically separate from the primary network connection. This enables administrators to gain control even during infrastructure faults.
UESTION NO: 200 A new building needs to be joined to an existing network, but management has decided that running fiber is too expensive. Since the buildings are about 1000ft (305m) apart, the IT department has been asked to propose alternatives. Which of the following is the BEST device to add to each building to facilitate the extension of the network while meeting budgetary demands? A. Switch B. Router C. Media converter D. PRP wireless
wer: D Explanation: Parallel Redundancy Protocol (PRP) is a network protocol standard for Ethernet that provides seamless failover against failure of any single network component. This redundancy is invisible to the application.
UESTION NO: 181 A switch has detected duplicate broadcast messages sourced from a second port. The broadcasts continue to be transmitted and duplicated until the amount of traffic causes severe performance issues. Which of the following should be configured to prevent this behavior? A. BPDU guard B. DHCP snooping C. ARP protection D. Spanning tree
wer: D Explanation: The Spanning Tree Protocol (STP) is responsible for identifying links in the network and shutting down the redundant ones, preventing possible network loops. In order to do so, all switches in the network exchange BPDU messages between them to agree upon the root bridge.
UESTION NO: 125 An analyst is developing a proof of concept of a wireless-based attack as part of a penetration test against an organization's network. As part of the attack, the analyst launches a fake access point matching the SSID of the organization's guest access network. When a user connects to the fake access point, the analyst allows the traffic to flow through the access point to the legitimate site while the data traversing the network is logged for latest analysis and exploitation. Which of the following attacks has the analyst successfully performed in this scenario? A. Bluesnarfing B. Session hijacking C. MAC spoofing D. VLAN hopping E. Man-in-the-middle
wer: E Explanation: A man-in-the-middle (MitM) attack is when an attacker intercepts communications between two parties either to secretly eavesdrop or modify traffic traveling between the two. Attackers might use MitM attacks to steal login credentials or personal information, spy on the victim, or sabotage communications or corrupt data.
UESTION NO: 177 In which of the following scenarios should a technician use a cross-over cable to provide connectivity? A. PC to switch B. Switch to AP C. Router to switch D. Router to modem E. PC to PC
wer: E Explanation:
UESTION NO: 135 Which of the following WAN technologies utilizes the concept of virtual circuits and point-multipoint connections? A. ISDN B. MPLS C. PRI D. Broadband cable E. Frame relay
wer: E Explanation: Rather than using a full-time leased line between remote sites, frame-relay devices create one of two types of connections: Switched virtual circuits (SVC) or permanent virtual connection (PVC). Frame relay devices create SVCs when data needs to be transferred and then close those connections when they aren't in use.
UESTION NO: 142 A network technician is configuring a firewall access list to secure incoming connections to an email server. The internal address of this email server is 192.168.1.143. The firewall should allow external email servers to send email to the email server. The email server also supports client access via a web browser. Only secure protocols should be used, and only the necessary ports should be open. Which of the following ACL rules should be configured in the firewall's WAN port? (Choose two.) A. Permit 192.168.1.143.25 B. Permit 192.168.1.143.80 C. Permit 192.168.1.143.110 D. Permit 192.168.1.143.143 E. Permit 192.168.1.143.443 F. Permit 192.168.1.143.587
wer: E,F Explanation: SMH...Port 587 and Http 443
UESTION NO: 159 Multiple users are reporting that they are unable to access the network. The ENTIRE network is shown in the diagram. PCs are not statically assigned IP addresses. The following devices will display settings: WorkstationA WorkstationB WorkstationC WorkstationD WorkstationE WorkstationF WorkstationG Laptop1 Laptop2 DHCP server1 DHCP server2 Review the settings and select the box in the diagram that identifies the device causing the issue. Only one device can be selected at a time. After checking the device that is causing the issue, select the second tab in the lower left hand corner. Identify the reason as to why some users are unable to access the network. Instructions: When the simulation is complete, select the Done button to submit. Part 1 Part 2 Identify the reason as to why some users are unable to access the network. A. Workstation(s) are plugged into switch ports configured with half duplex. B. The site-to-site router was configured with the incorrect ACL. C. DHCP server scope is full and is not providing IP addresses. D. WAN and LAN ports are reversed on the router. E. STP has disabled some of the ports on the switch. F. The NIC driver is not installed. G. A wireless client is unable to associate to the AP.
wer: G Explanation: Part 1: Soho Router 1. DHCP is not enabled, therefore workstation C has APIPA address. Part 2: G. A wireless client is unable to associate to the AP.