Test Study
What are the non-overlapping channels in the 2.4 GHz range?
1, 6, 11
Port Number POP3
110
Port Number FTP
21
Port Number: Telnet
23
Port Number SMTP
25
What is the subnet mask for 10.2.1.3/22 ?
255.255.252.0
What are some non-overlapping channels in the 5GHz range?
36, 40, 44, 48, 52, 56, 60, 64, 100
Port Number LDAP
389
Port Number HTTPS
443
Port Number DNS
53
Port Number HTTP
80
What is a VLAN and what is it used for?
A VLAN is a group of devices on one or more LAN's that are configured to communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible.
What is default route?
A default route is how you send traffic out to the internet. Note: IP Route 0.0.0.0 0.0.0.0 "ip address going to internet"
What is Penetration Testing and how can it be used to improve network security?
A penetration test is a proactive and authorized attempt to evaluate the security of an IT infrastructure by safely attempting to exploit system vulnerabilities, including OS, service and application flaws, improper configurations, and even risky end-user behavior. Such assessments are also useful in validating the efficacy of defensive mechanisms, as well as end-users adherence to security policies.
What is WLAN Spectrum Analysis and what information can you gain from it?
A spectrum analyzer lets you monitor and troubleshoot the physical layer (radio waves) of your wireless network. It gives you visibility into Layer I (physical layer) of the network, much like a packet analyzer lets you view Layers 2 to 7. You can detect unwanted or rogue wireless devices in your WLAN that cause unwanted interference.
What does the acronym ARP stand for? What information is displayed in an ARP table?
Address Resolution Protocol. The ARP table shows the MAC address, the IP address the MAC address is using and what switch port the device with the MAC address is connected to.
When call quality issues present themselves on a VoIP connection, which of the following factors point to possible VoIP issues?
All of the above
Which of the following factors influence voice quality in VoIP calls?
All of the above
The term 'duplex' refers to the ability of the data receiving stations to echo back a confirming message to the sender. In full duplex data transmission, both the sender and the receiver
B can receive and send data simultaneously.
Which of the following switch or router capabilities can help improve VoIP call quality?
B. Enforce Quality of Service (QoS) policies that give preferential treatment to VoIP packets.
What is Band Steering and why is it used?
Band steering is a radio management technique to steer wireless devices to the frequency band someone desires them to connect to, either 2.4GHz or 5GHz.
Which is not a valid port number?
C - 65,536
NAT stands for
C - Network Address Translation
The process of assigning IP addresses for specific times to the various hosts by DHCP is called what?
D - Lease
What is DHCP snooping and what needs to be configured to make it work?
DHCP snooping allows responses to only come from specific trusted ports. It saves network from man-in-middle attack.
What is a DDoS attack on a network? What can be done about this type of attack?
Distributed Denial of Service Attack (DDoS Attack) - attack designed to cause an interruption or suspension of services of a specific host/server by flooding it with large quantities of useless traffic or external communication requests. When the DDoS attack succeeds the server is not able to answer even to legitimate requests any more - this can be observed in numbers of ways: slow response of the server, slow network performance, unavailability of software or web page, inability to access data, website or other resources. Denial of Service Attack occurs where multiple compromised or infected systems (botnet) flood a particular host with traffic simultaneously.
What is the adminstrative distance of EIGRP, OSPF, eBGP?
EIGRP=90 OSPF=110 eBGP 20
Explain the difference between eBGP and iBGP?
External Border Gateway Protocal is a Border Gateway Protocol extension that is used for communication between two distinct autonomous systems. iBGP is the protocol used between the routers in the same autonomous system. iBGP is used to provide information to your internal routers.
What is needed on an SVI to allow DHCP to function on a subnet?
IP Helper
In OSPF what does Area 0 do?
It is used for backbone area (area 0) and all other areas must have either physical or virtual connections to the backbone.
What is the difference between a vulnerability and an exploit?
One is a potential problem/weakness in a network or system while an exploit is an active problem.
What is OSPF and what is it used for?
Open Shortest Path First is a routing protocol for Internet Protocol networks. It uses a link state routing algorithm and falls into the group of interior routing protocols, operating within a single autonomous system.
What is the difference between a Proxy and a Firewall?
Proxy acts as an intermediary for requests from clients seeking resources from other servers. Firewalls are designed to permit or deny network transmissions based upon a set of rules.
What is the difference between a public IP address and a private IP address?
Public IP addresses are routable on the Internet where private IP addresses are not. Private IPs are only for internal private networks.
What is a SYN flood attack? What can be done to prevent this type of attack?
SYN flood attack - attack exploits the way the TCP 3-way handshake works during the TCP connection is being established. In normal process the host computer sends a TCP SYN packet to the remote host requesting a connection. The remote host answers with a TCP SYN-ACK packet confirming the connection can be made. As soon as this is received by the first local host it replies again with TCP ACK packet to the remote host. At this point the TCP socket connection is established. During the SYN Flood attack the attacker host or more commonly several attacker hosts send SYN Packets to the victim host requesting a connection, the victim host responds with SYN-ACK packets but the attacker host never responds back with ACK packets - as a result the victim host is reserving the space for all those connections still awaiting the remote attacker hosts to respond - which never happens. This keeps the server with dead open connections and in the end effect prevent legitimate host to connect to the server any more.
Explain TCP/IP 3-way handshake
SYN, SYN-ACK, ACK
What is an easy way to configure a network to allow only a single computer to login on a particular jack?
Sticky ports are one of the network admin's best friends and worst headaches. They allow you to set up your network so that each port on a switch only permits one (or a number that you specify) computer to connect on that port by locking it to a particular MAC address. If any other computer plugs into that port, the port shuts down and you receive a call that they can't connect anymore. If you were the one that originally ran all the network connections then this isn't a big issue, and likewise if it is a predictable pattern then it also isn't an issue. However if you're working in a hand-me-down network where chaos is the norm then you might end up spending a while toning out exactly what they are connecting to.
What is TACACS? What is Radius?
TACACS: Terminal Access Controller Access-Control System (TACACS) is a remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access to the network. RADIUS: Remote Authentication Dial In User Service (RADIUS) is an AAA (authentication, authorization, and accounting) protocol for controlling access to network resources. RADIUS is commonly used by ISPs and corporations managing access to Internet or internal networks across an array of access technologies including modem, DSL, wireless and VPNs.
What is the difference between TCP and UDP?
TCP is a connection oriented stream over an IP network. It guarantees that all sent packets will reach the destination in the correct order. This includes the use of acknowledgement packets sent back to the sender, and automatic retransmission, causing additional delays and a general less efficient transmission than UDP. UDP is connectionless. It just sends the data with no guarantee that the data was received by the device the data was sent to.
Explain how the SSL protocol works and its purpose.
TLS/SSL authenticates and secures data transfers by using certificate-based authentication and symmetric encryption keys. A popular implementation of public-key encryption is the Secure Sockets Layer (SSL). SSL has become part of an overall security protocol known as Transport Layer Security (TLS).
What is STP and its purpose in a network?
The Spanning Tree Protocol is a network protocol that ensures a loop-free topology for any bridged Ethernet local area network. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them.
What is a phishing attack? How can this type of attack be prevented?
This type of attack uses social engineering techniques to steal confidential information- the most common purpose of such attack targets victim's banking account details and credentials. Phishing attacks tend to use schemes involving spoofed emails sent to users that lead them to malware infected websites designed to appear as real on-line banking websites. Emails received by users in most cases will look authentically sent from sources known to the user.
What is a VPN?
Virtual Private Network is an encrypted connection between two end points.
What is 802.1q and where do you use it?
it is the IEEE standard for transferring traffic over a trunk link, often referred to as Dot 1 q, is the networking standard that supports VLANs on an IEEE 802.3 Ethernet network. The standard defines a system of VLAN tagging.
What command is used on a Cisco router to display all VLANs and their associated ports?
show vlan all
What command do you use to trace the network path from one device to another?
tracert
